The policy is reviewed annually and updated.
1.0 Policy Purpose
All published on website.
2.0 The Policy
The EU General Data Protection Regulations (GDPR) require all companies to treat personal information collected or handled securely and maintain accurate records as to how this information is stored and used. Rosie Sugden recognise that your privacy is important. This document details the information regarding personal data that Rosie Sugden collects, stores and uses.
Rosie Sugden will comply in full with the principals of the GDPR that requires that personal data shall be:
- Processed lawfully, fairly and in a transparent manner in relation to individuals;
- Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes shall not be considered to be incompatible with the initial purposes;
- Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed;
- Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
- Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of individuals;
- Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures..
2.1 How we collect personal information
Rosie Sugden collect personal information via the following means:
- Online Contact Form – Contact Page
- Purchases – Shop Checkout Page
- Payment Details (Third Party, such as PayPal/Amazon/Stripe) – Shop Checkout Page
- Newsletter Sign Up Form (Mailchimp) – Various Different Pages
- Social Shares – All Pages
- General Anonymous Browsing Data (Google Analytics) – All Pages
2.2 The type of personal information we collect
- Email Address
- Postal Address
- Telephone Number
- Mobile Number
- Purchase History
2.3 How we use personal information
Rosie Sugden uses this personal information to:
- Contact new and existing customers relating to purchased products, new sales and offers
- Administer and personalise the websites or newsletter emails.
Rosie Sugden employs a “need to know” policy of sharing information between its employees, agents or subcontractors and will only disclose sufficient information to allow our employees, agents or subcontractors to complete their objectives and as such these parties will be obligated to use that personal information in accordance with the terms of this privacy statement.
In addition to the uses described above Rosie Sugden may disclose your personal information to the extent that it is required to do so by law, in connection with any legal proceedings or prospective legal proceedings, and in order to establish, exercise or defend its legal rights.
2.4 How we insure your personal information is kept secure
Rosie Sugden will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
2.5 What we will do in the event of data being compromised
If in any event we feel that the data has been compromised, lost or stolen we will immediately inform all interested parties and take immediate action to mitigate the compromise.
2.6 Our lawful basis for processing this data
If the personal information has been collected by Rosie Sugden we will ensure we have your permission to use the data necessary for the fulfilment of services provided or in order to take steps to procuring further orders.
If the personal information is transferred to Rosie Sugden for the purposes of fulfilling a service we will obtain a statement from the transferee that they have the consent of all personnel to which the information refers before entering into a contract.
2.7 Data Retention
All data transferred to us by third parties will be stored in a secure area.
It will be held there until either the data is no longer required or the transferee has requested us to destroy the data. Data transferred to us will be disposed of using an electronic shredder. Data that has not been used will be destroyed by secure means after a period no greater than 12 months.
All data collected on customers or potential customers will be held whilst ever that data is considered useful or unless requested to do otherwise. The Data will be reviewed at least annually.
2.8 Your rights
All personnel that Rosie Sugden hold personal information on have the following rights:
- The right to be informed of the data being held.
- The rights of access to the information being held.
- The rights to rectification of any errors in the information being held.
- The rights to have the information destroyed.
- The rights to restrict the use of the information.
2.9 Updating this statement
- Rosie Sugden has carefully chosen these Cookies and has taken steps to ensure that your privacy is protected and respected at all times.
- All Cookies used by this Website are used in accordance with current UK and EU Cookie Law.
- Before the website places Cookies on your computer, you will be presented with a message bar requesting your consent to set those Cookies. By giving your consent to the placing of Cookies, you are enabling Rosie Sugden to provide a better experience and service to you.
You may, if you wish, deny consent to the placing of Cookies; however certain features of the website may not function fully or as intended.
Cookies that are collected via the Rosie Sugden website are:
- Demographic information such as postcode, preferences and interests;
- IP address (automatically collected);
- Web browser type and version (automatically collected);
- Operating system (automatically collected);
- A list of URLs starting with a referring site, your activity on this Website, and the site you exit to (automatically collected).
4.0 Contacting Rosie Sugden
4.1 Making a complaint
If you have a concern about Rosie Sugden’s information rights practices, you should report it to the ICO.