Privacy Statement, Bru coffee and gelato
Last Updated 13/03/2019
We take your privacy seriously and will only use your personal information to administer your account and to provide the products and services you have requested from us. We will never sell, share, or use your personal information other than as described here.
This policy sets out how we will use and share the information that you give us or allow us to obtain from third parties. This policy describes your relationship with Bru (“us”), and in no way represents any agreement between you and us other than as described here.
WHO WE ARE AND HOW TO CONTACT US:
Commture Consultancy Ltd is the parent company of Bru and is registered in England 09554186.
Our contact details are:
Mail, email@example.com Phone: 0116 251 2345, Post: 1A Salisbury Road, Leicester, LE1 7QR
HOW TO CHANGE YOUR PREFERENCES
You can contact us at any time to change your preferences. This includes requests to object to processing, to be forgotten (right to be deleted), for your data to be corrected, or to transfer your data to another platform. We take your rights seriously and will always reply promptly and professionally.
HOW WE OPERATE
We operate in line with the EU GDPR (May 2018) Data Protection guidelines. We are committed to maintaining your personal rights and allow all users to change or withdraw their consent options at any time. We will also advise you on how to complain to the relevant authorities, namely the Information Commissioners Office.
HOW WE USE YOUR DATA
– When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.
– When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
– Email marketing (if applicable): With your permission, we may send you emails about our business, new products, offers and other updates.
THIRD PARTY SERVICES
We use recognised third parties to take payment, manage our company accounts, and provide banking services. In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
Where valid, appropriate, verified, and subject to legal obligations, third parties are also expected to complete rectification or erasure requests within 72 hours of receipt.
HOW WE STORE YOUR DATA
We will store transaction, payment, and order data for up to 7 years or for as long as required by UK financial and company regulations. These third parties may operate outside the EU.
Our email database is hosted by Mailchimp. They provide us with the platform that allows us to send out our newsletters and general updates via email. Your data is stored securely on Mailchimp’s servers. For more insight, you may also want to read Mailchimp’s Privacy Statement (https://mailchimp.com/legal/privacy)
CHANGING YOUR PREFERENCES AND OPTING OUT AT A LATER DATE
Once you have given your data and/or explicit consent, you can however still control whether or not you continue to receive communications or see such advertisements from us. The simplest way to remove amend your preferences and withdraw consent is to contact us directly, however you can also unsubscribe from receiving e-mail communications from us by using the instructions in any email communication we send you (usually an ‘unsubscribe’ or ‘STOP’ link).
You can opt out at any time from communications by e-mailing us at: firstname.lastname@example.org
Social media: You can configure your advertising preferences on social media by accessing your settings or preference options on the relevant platform.
We are a data controller in relation to the information that you provide us with. As a result, we are legally responsible for how that information is handled.
We will always endeavor to comply with the Data Protection Act 1998, the GDPR (2018) and PECR in the way we use and share your personal data. Among other things, this means that we will only use your personal data:
– fairly and lawfully,
– as set out in the legislation and this policy,
– to the extent necessary for these purposes.
We will report any breaches or potential breaches to the appropriate authorities within 72 hours, and to anyone affected by a breach within 72 hours. If you have any queries or concerns about the data usage please contact us.
Under the Data Protection Act, we are also permitted to share some information with third parties who use such data for non-marketing purposes (including credit and risk assessment and management, identification and fraud prevention, debt collection and returning assets to you). This would include the data you provide to us today, at any time in the past and in the future.
CONTACTING US, EXERCISING YOUR INFORMATION RIGHTS, AND COMPLAINTS
This policy may be updated from time to time – where material changes occur we will contact you on the email address provided. You have the right to remove consent at any time.
There are two main kinds of cookies: session cookies and persistent cookies. Session cookies are deleted from your computer when you close your browser, whereas persistent cookies remain stored on your computer until deleted, or until they reach their expiry date.
Most browsers allow you to refuse to accept cookies.