YOUR RIGHTS TO OBJECT
- a) ask us to stop using your personal information for direct marketing purposes. If you exercise this right, we will stop using your personal information for this purpose; and
b) ask us to consider any valid objections which you have to our use of your personal information where we process your personal information on the basis of our, or another person’s legitimate interest.
- HOW SPOON & PINCH LTD WILL BE PROCESSING PERSONAL DATA
WE PROCESS PERSONAL DATA FOR THE FOLLOWING PURPOSES:
A) ACCESS DATA IN SERVER LOG FILES
You can visit our website without providing any personal information. Each time a web page is called up, the web server merely automatically stores a so-called server log file which contains, for example, the name of the requested file, your IP address, the date and time of access, the data volume transferred and the requesting provider (access data), and documents the retrieval.
This access data is evaluated exclusively for the purpose of ensuring interference-free operation of the page and to improve our offer. In balancing the various interests, this serves to safeguard our legitimate interests in the correct presentation of our offer.
- B) DATA COLLECTION AND USE IN CONNECTION WITH CONTRACT PROCESSING AND OPENING A CUSTOMER ACCOUNT
We collect personal data (name, address, email address and telephone number) if you voluntarily provide it to us in connection with your order, when you contact us (e.g. by contact form or email), or open a customer account. Mandatory fields are marked as such, since in these cases, we need this information to process the contract or your contact message, or to open the customer account, and you cannot complete the order and/or open the account, or send the contact message without providing it. The information that is collected can be seen from the respective input forms. We use the data you provide to process the contract and handle your enquiries. After complete processing of the contract or deletion of your customer account, your data will be restricted for further processing and deleted upon the expiry of any legal retention periods, unless you have expressly consented to a further use of your data or we have reserved the right to further legally-permitted data use, about which we inform you below. You can delete your customer account at any time either by sending a message to firstname.lastname@example.org or writing to us at our registered address.
- C) USE OF DATA FOR E-MAIL ADVERTISING AND YOUR RIGHT OF OBJECTION
If we feel that there is legitimate interest in sending email marketing communications, we will use your name and email address to send you marketing communications via email.
- D) USE OF DATA FOR TELEPHONE ADVERTISING AND YOUR RIGHT OF OBJECTION
If we feel that there is legitimate interest in receiving information by telephone about current product offers and promotions. we will use your name and telephone number to contact you.
- E) USE OF DATA FOR POSTAL ADVERTISING AND YOUR RIGHT OF OBJECTION
If we feel that there is legitimate interest we will use your first and last name as well as your postal address for our own postal advertising purposes, e.g to send offers and information about our products and services by post. You may withdraw your consent for the processing of your data for these purposes. at any time, by sending an email to email@example.com
- F) DATA USAGE ON SALES-I CRM SYSTEM
On the basis of our legitimate interests. the following personal data is automatically uploaded to sales-i. which is a CRM database: data collected during the ordering process (purchase items, date, name, postal address, e-mail address, telephone number, delivery address)
The purpose of sales-i is to allow us to 1) have an overview of our business performance based on various metrics such as individual products, product groups, individual retailers or retailer groups, and 2) to record call notes, outcomes and next actions for optimal customer management.
Sales-i is therefore the data processor, and under their responsibility as the data processor and our responsibility as the data controller, this data is hosted on dedicated servers with Rackspace, one of the most trusted and secure data organizations in the world. Rackspace host some of the most sensitive businesses on the planet as well as government departments and military installations. and maintain the following accreditations
ISO/IEC 270012013 – information security management system.
ISO 90012008 – quality management system.
ISO 140012004 – environment management
This means that as soon as the data is uploaded into sales-i, it’s locked down in a secure server, inaccessible by anyone outside of our organization. Within our organization, only authorised personnel can view this data by way of secure password-protection access.
- RECIPIENTS OF PERSONAL DATA
Third parties may include the following
- a) when providing products to you, we may share personal data to persons acting on our behalf or otherwise involved in the transaction, including:
b) service providers with whom personal data is being shared such as IT hosting providers, communication services, debt collection, tracing, fraud prevention and others. Whenever we transfer data with them we ensure that necessary safeguards are in place.
c) For the fulfilment of the contract, we may pass on your data (name, address, email address and telephone number) to the courier company in charge of delivery if this is necessary for the delivery of ordered goods
- INTERNATIONAL TRANSFERS OF PERSONAL DATA
Spoon & Pinch Ltd does not have any recipients of personal data referred to above that are located outside of the European Economic Area (EEA). Should this change, and unless the country to which data is being transferred has been determined by the European Commission as the country with adequate level of protection, Spoon & Pinch Ltd will require such recipients to comply with data protection measures enshrined in the data processing agreement and standard contractual clauses.
- YOUR DATA PROTECTION RIGHTS
You have a right to information about the personal data collected and stored by us and receive a copy of that data, and if applicable, a right in respect of the correction of data in case your personal data collected is inaccurate.
You have a right to object and restrict data processing or request deletion of data. These rights are not absolute under the General Data Protection Regulation (GDPR) as sometimes there might be overriding interest to continue data processing, but we will consider your request and respond to you with the outcome within 30 days of receipt of your request. You may also object to direct marketing by clicking “Unsubscribe” in any of our emails to you, or by emailing us at firstname.lastname@example.org. The data processing that was conducted for direct marketing will be stopped within 30 days of receipt of your request.
Where we process your personal data on the basis of consent, you have a right to withdraw that consent at any time. Please note that withdrawal of consent will not affect the lawfulness of processing based on consent before its withdrawal.
When we process your data based on consent or when data processing is required for entering into or performance of the contract with us you may have the right to request your personal data to be transferred to you or another controller.
In those cases when we process your personal data through automated decision making including profiling you will be informed about such data processing taking place, the logic involved, and be informed of the possible consequences of such processing. You have the right to contest the decision based on automated decision making by contacting the Data Protection Officer on email@example.com
For questions about the collection, processing or use of your personal data, the disclosure, correction, blocking or deletion of data or objection to a particular processing of data, data portability please contact the Data Protection Officer on firstname.lastname@example.org
- SECURITY OF DATA PROCESSING
At Spoon & Pinch Ltd we have implemented appropriate technical and organisational measures (for example: staff training, lockable filing cabinets and passwords for system access) to prevent unauthorised or unlawful access to personal data you have shared with us.
- RETENTION OF PERSONAL DATA
The criteria we use to determine the periods for retaining your personal data include the retention requirements under applicable laws, regulations and our operational requirements, such as account maintenance, enabling customer relationship management and responding to legal claims, complaints and regulatory and law enforcement requests.
If you are not satisfied with any aspect of data processing of your personal data by Spoon & Pinch Ltd or any of it’s appointed data processors, we would like to understand it better and discuss with you how can we improve the situation. You can contact the Data Protection Officer on email@example.com
Nonetheless, you may also submit a complaint to
Information Commissioners’ Office (ICO)
Tel 0303 123 1113
- DATA PROTECTION OFFICER CONTACT INFORMATION
Telephone: 01432 370320
Data Protection Officer
Spoon & Pinch Ltd