Privacy & Cookie Policy

Your privacy is very important to us. This policy is based on the principles of notice, choice, access and security in the collection and use of all information regarding our users and their activities at our Site, and in the course of our business activities, including customer and client transactions, and our communications campaigns.

Please review this policy frequently as it is subject to change at any time by Traidcraft.

We are Traidcraft Plc (Traidcraft) with company registration number 01333367, and we are the data controller, which means we are responsible for, and control the processing of, your personal data.

NOTICE

This policy tells you, among other things, what information we gather from you, how we may use or disclose that information, and our efforts to protect it. Please read this policy carefully, and feel free to contact us if you have any questions regarding its contents.

TYPES OF INFORMATION COLLECTED

The information you give us may include your name, email address, address, phone number and financial and credit card information. In most cases we will only ask for the information we need to handle your request. Sometimes we ask for other details about you to help us to improve our service to you or to tell other people about Traidcraft's work. We never make these fields mandatory. We do not collect any special category personal data such as details about your race, ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic or biometric data, and neither do we collect information about criminal convictions and offences.

We will always ask for your consent if we intend at any time to pass your details on to other people other than the third parties set out in this policy, and always allow you to opt out. We never pass this information on to outside agencies without your permission.

HOW IS YOUR PERSONAL DATA COLLECTED?

We may ask for and collect certain information from and about you in different ways.

We use different methods to collect data from and about you for example including through:

Direct interactions. You may give us your Personal Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:

a)    search for our products or services;

b)    make a purchase;

c)     create an account on our website;

d)    subscribe to our publications;

e)    request marketing to be sent to you;

f)      enter a competition, promotion or survey; or

g)    give us some feedback.

Automated technologies or interactions. As you interact with our website (Site), we may automatically collect information about your equipment, browsing actions and patterns. We collect this personal data by using cookies, [server logs] and other similar technologies. Please see our section on Cookies for further details.

Third parties or publicly available sources. We may receive personal data about you from various third parties [and public sources] as set out below:

a)    Analytics providers such as Google. This site uses Google Analytics to allow us to track how popular our site is and to record visitor trends over time. Google Analytics uses a cookie to help track which pages are accessed. The cookie contains no personally-identifiable information, but it does use your computer’s IP address to determine where in the world you are accessing the site from, and to track your page visits within the site.

From time to time, we may embed external content from third-party websites (e.g. Facebook, YouTube) within our website. These websites may utilise cookies and the Privacy Policy that will apply to such third-party content will be that published on the website of that third-party content provider.


HOW WE USE YOUR DATA

PROCESSING ACTIVITY

BUSINESS PURPOSE

LAWFUL BASIS

RECIPIENTS WE NEED TO SHARE THIS WITH

RETENTION

Email marketing

To recieve our regular email updates, and to optimise associated advertising

Opt in to email marketing

DotMailer (email marketing provider)

Facebook (for targetted advertising)

 Until point of unsubscription

Processing transactions

To enable order processing and fulfilment

Legitimate Interest defined by placing of order

Sagepay (payment gateway)

DPD / Royal Mail (order fulfilment)

 Until request to remove

Browsing our website

To enable a good customer experience, both on and off the website 

We have a legitimate business interest to collect this data, which is the development of our service by understanding and improving customer experience.

Google Adwords, Dotmailer & Facebook (for marketing purposes)

 90 days

 Direct Mail Marketing

To recieve seasonal mailings and direct mail promotions

 Opt in 

 WDM (Mailing hourse / fulfilment)

 Until unsubscription / request for removal

 Product & Service reviews

 To receive feedback and supply product reviews 

We have a legitimate business interest to process data in this way, enabling reviews of our products and services, thus improving the experience for subsequent pages

 FEEFO (review software provider)

 Until unsubsription

 

 

 

 

 


 

MARKETING

If we ask for your personal information for a secondary reason, such as marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to object to this use of your personal data. We will not send mailings (including catalogues) or email updates to you if you indicate that you do not wish to receive such communications. If you do not wish to receive mailings or email updates from us, you are able to change your email preferences in the 'My Account' section of the website. Alternatively you can unsubscribe from our emails by clicking the 'unsubscribe' link in the footer of any of our email communications. If you wish to unsubscribe from direct mail, please contact us using the details below.

If you change your mind about your marketing preferences, you may withdraw your consent for us to contact you at anytime, by contacting us at hello@traidcraft.co.uk or mailing us at: Traidcraft plc, Kingsway, Gateshead, NE11 0NE, United Kingdom.

SOCIAL MEDIA

Where you may have engaged with us on social media, we will liaise with you via the platform through which you are engaging, but we do not use the personal data you have made available on social media outside of that platform, unless specifically agreed otherwise.

Use of personal data on social media is governed by the respective platform’s own privacy policy / terms and conditions.

PAYMENT

When you complete your purchase, there is an option to store your credit card data to make future purchases easier. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

OUR LINKED CHARITY TRAIDCRAFT EXCHANGE

Any personal information you have provided us may be shared with our linked charity Traidcraft Exchange, subject to the parameters outlined below in the ‘Disclosure of Information’ and ‘Choice’ sections. This information may be combined with other personally identifiable information available from our records and other sources. This information will be used to make our future marketing efforts more efficient. If you prefer that we do not share your name and address with our linked charity, please opt out where prompted.

DISCLOSURE OF INFORMATION

We may share personal data we hold with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the Companies Act 2006.

We may also disclose personal data we hold to third party services providers we engage, such as those mentioned above in 'HOW WE USE YOUR DATA'

We may disclose information to fulfil certain legal and regulatory requirements or if such disclosure is legally required or necessary to protect others' rights or to prevent harm.

We will not transfer any personal data we hold to a country outside the European Economic Area (EEA), unless the country to which the personal data are transferred ensures an adequate level of protection for the data subjects' rights and freedoms; you have given us your consent; the transfer is necessary for the performance of a contract we have with a customer or another data subject; or, the transfer is legally required on important public interest grounds or for the establishment, exercise or defence of legal claims.

CHOICE

You decide how we use your information to maintaining your account on the Site, unless we need to process for legal or contractual reasons. You can contact us at any time regarding our use of your data as detailed in the Your Rights section below.

In addition, we will not send unsolicited mailings (including catalogues) or email messages to customers and users of our Site who indicate that they do not wish to receive such catalogues or messages. If you do not wish to receive unsolicited mailings or email messages from us, please contact us by email.   

SECURITY

We use industry-standard encryption methods to transmit any personal information submitted by your computer across the Internet.

After you have finished using our Site, you should exit your browser so no unauthorized persons can use our Site with any information you may have submitted. Remember that any information you voluntarily disclose on-line in any news or message postings, discussion groups or chat rooms may be collected and used by others without your permission. Furthermore, if you provide any information to parties who operate Web sites that are linked to or from our Site, different rules may apply to their collection, use or disclosure of your personal information. We encourage you to review these sites' policies before revealing any sensitive or personal information

Regardless of the precautions taken by you or by us, "perfect security" does not exist on the Internet. We cannot ensure or warrant the security of any information you transmit to us, and you transmit such information at your own risk.

We are not responsible for the content of any websites that we link to.

USE OF COOKIES

Our Site makes use of cookies when a visitor's Internet browser is set up to accept them. Cookies are small data files that our Site sends to your browser for storage on your computer's hard drive. We use cookies to identify members, track activity at our Site, and better serve your needs and interests.

For more information on the types of cookies collected, please visit our cookies section.

If you do not want us to use cookies, you can turn them off. Visit Microsoft's description of cookies page and their information on how to Delete & Manage Cookies for more information. 


INFORMATION STORAGE LOCATION

Information which you submit via this Site may be stored on a server located outside the EEA. This is necessary in order to process your order or query as efficiently as possible. Whenever we transfer personal data outside of the EEA it is with the appropriate safeguards in place.

YOUR RIGHTS

You have the right to:

  • Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected.
  • Request erasure of your personal data where there is no good reason for us continuing to process it. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • Object to processing of your personal data where we are relying on a legitimate interest. You also have the right to object where we are processing your personal data for direct marketing purposes.
  • Request restriction of processing of your personal data if you want us to establish the data's accuracy; where our use of the data is unlawful but you do not want us to erase it; where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
  • Request the transfer of your personal data to you or to a third party in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Withdraw consent at any time where we are relying on consent to process your personal data.
  • Complain you have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).

CONTACT

Please e-mail any questions, concerns or comments you have about these policies to hello@traidcraft.co.uk or write to us at: 

Customer Services
Traidcraft Plc
Kingsway
Gateshead
Tyne and Wear
NE11 0NE

ABOUT THIS POLICY

This policy was written and approved on 16th May 2018. Any amendments will be available on this page.


2018 Traidcraft