“We“, “Us“, “Our” is: Mr D's Olde Sweet Shop Ltd, a limited company registered in England No. 14374129.
Who We are
We are the following operating within the European Union (EU):
- Data Controller: determines the purposes and means of processing personal data; and
- Data Processor: responsible for processing personal data on behalf of a controller.
Our approach to managing private information
We respect your privacy and so promise to:
- use your personal information to only provide you with information or service you have requested;
- keep your data safe, secure and process it in a secure way; and
- assist you to change your mind at any time about the communications you have registered to receive.
Why do We collect, use and process your personal information?
We need to collect data and personal information from you to provide you with the information and services you request from Us.
What information do We collect?
We may collect the following information:
- email address; and
- phone number.
We will only use your personal information for the purposes you have permitted and We will not share it for marketing purposes outside of communicating with us unless you have given Us permission to do so. If this practice changes in the future, We will update this policy to identify the non-agent third parties and provide an opt-out option.
Every time you visit Our website, We may also automatically collect the following information:
- technical information, including:
- Internet Protocol (IP) address used to connect your computer to the Internet;
- browser type and version; and
- operating systems and platforms;
- visit information, including; Uniform Resource Locators (URLs) of the websites that you came through to Our website and which pages you visited (including date and time); your website page response times, download errors, length of visits to pages, visit duration, page interaction information and methods used to exit Our site.
What We do with the personal information We collect?
We require personal information to process your request/s and provide you with a better service. In particular for the following reasons:
- internal record keeping; and
- improve Our services.
We are the sole owner of the information collected on this site and We only have access to the information you voluntarily provide. We will use your information to respond to you, regarding the reason you contacted Us and We will not sell or rent this information to anyone.
Where your information is stored
Your data is stored on secure servers and will be managed using the robust security measures described below.
Your personal information may be copied or transferred by Us or our trusted third party data processors outside of the EU. We take steps that, in the event your personal information is stored outside the EU that controls are in place to protect in accordance EU and UK data protection and privacy regulations.
Security and storage of personal information
We will keep your personal information safe and secure.
When you give your personal information to Us, we will process and use that data in accordance with Our responsibilities under the General Data Protection Regulation (GDPR) – Regulation (EU) 2016/679) and other relevant legislation.
To prevent unauthorised access, maintain data accuracy and ensure the correct usage of information, We monitor and adjust Our physical, electronic and managerial procedures to safeguard and secure your personal data whilst in Our care.
How long will We keep your personal information?
Whenever We collect or process your personal data, We will only keep it for as long as We have a legitimate reason to contact you. We continually review the data records We have and should We learn that We have not received contact from you, We will ask if you wish to keep hearing from Us. If We do not receive a reply or opt in, We will remove your data.
Should you wish for Us to remove your data at any time please contact Us and We will remove it.
Under GDPR regulations, you have rights regarding your personal information We retain. Please email email@example.com with requests regarding any or all of your rights:
- the right of access – you are entitled to know what information We have regarding you;
- the right to rectification – you are entitled to have the information regarding you corrected if it is inaccurate or incomplete;
- the right to erasure – you have the right to request We remove your personal information;
- the right to restrict processing – you have the right to block or suppress processing of your information We manage;
- the right to data portability – you are able to transfer or copy your information from one IT environment to another, safely and securely;
- the right to object – you may object to how We manage your information by contacting Us; and
- rights in relation to automated decision making and profiling – you have the right not to be a subject of a decision based on automated processing
Further information can be found on the Information Commissioner’s Office website.
Controlling your personal information
You have the right under EU regulation to see what information We hold about you. If you want to exercise this right, please make an application to Us in writing by email with a request regarding any or all of your rights.
We may ask you to provide us with sufficient information so that We can be sure of your identity.
If you would like to proceed with a request to see what data We hold about you, please email firstname.lastname@example.org
If We do not hear from you, We will assume that the information you provide to Us is accurate and up-to-date and that you are happy for Us to continue to use the information to send you any communications you have requested.
We may change this policy to meet regulatory requirements and ensure best practice. All changes to this policy will be published on this page. Please check this page from time to time to ensure that you remain happy.