General Data Protection Regulation (GDPR) and the Data Protection Act 1998 (the Act), the data controller is Reeds Carpeting Contractors Limited of Unit 1, 183 Torrington Avenue, Coventry, West Midlands CV4 9UQ.
Information We Collect
In operating our website we may collect and process the following data about you:
- Details of transactions you carry out through our website and of the fulfilment of your Orders.
- Details of your visits to our website and the resources that you access, including, but not limited to, traffic data, location data, weblogs and other communication data.
- Information that you provide by filling in forms on our website, such as when you registered for information or make a purchase.
- Information provided to us when you communicate with us for any reason.
- Information about your device, including where available, your IP address, operating system and browser type. This is statistical data about our users’ browsing actions and patterns and does not identify an individual.
- Credit card details are collected by our gateway partners Pay Pal and Stripe and are securely processed by their servers. The information is not kept by them.
- When you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, email address, and phone number. We refer to this information as “Account Information.”
We collect Device Information using the following technologies:
– “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, visit our cookies policy page here.
Use of Your Information
The information that we collect and store relating to you is primarily used to enable us to provide our services to you. In addition, we may use the information for the following purposes:
- To provide you with information requested from us, relating to our products or services.
- To provide information on other products which we feel may be of interest to you, where you have consented to receive such information.
- To meet our contractual commitments to you.
- To notify you about any changes to our website, such as improvements or service / product changes, that may affect our service.
We will only contact you or allow third parties to contact you only when you have provided consent and only by those means to which you provided consent and only by those means to which you provided consent. If you do not want us to use your data in this way after you have already subscribed you can notify us of your preferences at any time by contacting us at 183 Torrington Avenue, Coventry, West Midlands CV4 9UQ or firstname.lastname@example.org. You can also contact us by telephone on +44 (0) 24 7669 4114.
Storing Your Personal Data
Data that is provided to us is stored on our secure servers. Details relating to any transactions entered into on our site will be encrypted to ensure its safety.
The transmission of information via the internet is not completely secure and therefore we cannot guarantee the security of data sent to us electronically and transmission of such data is therefore entirely at your own risk. Where we have given you (or where you have chosen) a password so that you can access certain parts of our site, you are responsible for keeping this password confidential. All reasonable efforts to keep the transmission of your data to us secure will however be taken. We are not responsible for your local security so please ensure that you make an effort to ensure that no-one is looking over your shoulder, that you have no malware, spyware or Trojan viruses or otherwise tracking your computer behaviour. Most security breaches happen as a result of local security problem.
Our website has been certificated by RapidSSL CA. Your connection is encrypted with 256bit encryption using AES_256_CBC with SHA_1 for message authentication and RSA for the key exchange mechanism. All data collected by us is encrypted and stored on a secure server. All areas containing any account information and checkout / cart areas are encrypted such.
Our Payment Service Provider is Sage Pay (formerly Protx), the largest independent payment service provider (PSP) in the UK and Ireland. Sage Pay provides a secure payment gateway (Level 1 PCI DSS (Payment Card Industry Data Security Standard)), processing payments for thousands of online businesses, including ours. It is Sage Pay’s utmost priority to ensure that transaction data is handled in a safe and secure way.
Sage Pay uses IP address blocking and 3D secure. Once on the Sage Pay systems, all sensitive data is secured using the same internationally recognized 256-bit encryption standards. Any card data collected is dealt with by Sage Pay Servers and does not pass through the servers of Reeds Carpeting Contractors Ltd.
Sage Pay is PCI DSS compliant to the highest level and maintains regular security audits. They are also regularly audited by the banks and banking authorities to ensure that their systems are impenetrable.
Sage Pay is an active member of the PCI Security Standards Council (PCI SSC) that defines card industry global regulation.
In addition, you know that your session is in a secure encrypted environment when you see https:// in our web address, and/or when you see the locked padlock symbol alongside the URL.
Sharing Your Information
Where applicable we may disclose your personal information to third parties: We share your Personal Information with third parties to help us use your Personal Information, as described above.
We use Google Analytics to help us understand how our customers use the Site–you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout. We have asked google to only keep any info they keep about your interaction with our site for 14 months which is their minimum period.
We use Mailchimp to handle our newsletter and marketing e-mails and to generate personalised marketing where you have given permission by subscribing to our newsletter. you can read more about how Mailchimp uses your Personal Information here: https://mailchimp.com/legal/privacy/
We use Sage to handle our accounting software needs. Your data is transferred to them to produce our invoices and to keep accounting records for audit as required by UK law
We use various shipping companies to handle our shipping and your info is transferred to them to allow shipping rate calculation both for the checkout process, the printing of shipping labels and the tracking of your parcels.
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
- Where we are legally required to disclose your information.
- To assist fraud protection and minimise credit risk.
- As described above, we use your Personal Information to provide you with targeted offers or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
- You can opt out of targeted advertising by contacting us.
- Additionally, you can opt out of some of these third party services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
Third Party Links
You might find links to third party websites on our website. These websites should have their own privacy policies which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them. We are not constantly checking these third party links to ensure their security or content, please take you own precautions.
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
Additionally, if you are a European resident we note that we are processing your information in order to fulfill contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
All other use information such as comments can be anonymised at your request