St Cuthberts Mill Paper
Call or email:
+44 (0)1749 672015
sales@stcuthbertsmill.com
St Cuthberts Mill Paper
Watercolour
Printmaking
Digital Fine Art
|
|||
|
Privacy Policy
Privacy Statement – St Cuthberts Mill Ltd
St Cuthberts Mill Ltd is committed to respecting and protecting your privacy. We want you to be able to trust that personal data that you give us is safe and secure. In this privacy statement, we’ll tell you how and why we collect and process your personal data, what your rights are in relation to data we keep about you, and how that data is kept safe and secure.
What this Privacy Statement covers
This is the Privacy Statement of St Cuthberts Mill Ltd, St Cuthberts Mill, Haybridge, Wells, Somerset, BA5 1AG. This statement covers personal information about you that we collect, store and process, whether as a result of visiting our website (www.stcuthbertsmill.com) or social media pages (Facebook, Pinterest, Twitter, Instagram, Youtube, Google+ or via our blog) or through contact directly with us either as a customer, supplier, consumer or agent.
St Cuthberts Mill Ltd is the data controller of the personal information that you provide to us.
Our Privacy Statement explains:
• What personal information we collect;
• Why and how we store, process and use that information;
• In which circumstances we would disclose your personal information to third parties;
• The use of “Cookies” on our website;
• The rights that you have under law to keep control of your personal information;
• How long we retain your information for;
• How we secure your personal information;
• How you can contact us.
What this Privacy Statement does NOT cover
There are links on our website that are not covered by our Privacy Statement. These are provided purely as a convenience to you. If you use these links, you will leave the stcuthbertsmill.com site. St Cuthberts Mill Ltd has not reviewed all of these third party sites and does not control and is not responsible for any of these sites, their content or their Privacy Statement. Thus, St Cuthberts Mill Ltd does not endorse or make any representations about them, or any information, software or other products or materials found there, or any results that may be obtained from using them. If you decide to access any of the third party sites linked to this site, you do so at your own risk. Please make sure that you read the privacy policies of any third parties before providing any personal information to them.
This statement also does NOT cover personal data we hold about our employees. This information is held in a separate privacy statement held on the company premises.
Personal Information that we collect.
We collect a range of personal information relating to you depending on the nature of our contact.
• If you visit us or are contracted to do work for us on-site, we will take your name, company, and times on and off of our site. Our site is monitored by video surveillance cameras monitored by a third party. Your image, and therefore location, will also be processed.
• If you contact us via email, phone, fax, text or direct/social media messaging, or by passing over a business card, we may take your name, social media usernames, email address, telephone numbers, fax numbers, postal addresses, company name and/or website details.
• If you are a customer or supplier of ours, we may also collect bank account details.
• If you apply for a job with us, then we may also collect past working history, qualification information, and an indication of your interests.
• If you are an ambassador for our paper, then we will also store your ambassador status and details of any paper we have supplied to you.
• When you visit our website, we may collect anonymised information about your browsing behaviour on our site via a third party, Google Analytics.
• When you use one of our social media platforms, we may collect anonymised information about your interactions with our pages using one of a number of third parties, such as Facebook Insights or Iconosquare.
How we use your Personal Information
We use your personal information in the following ways:
• To maintain our business relationship with you while you are a customer, supplier, consumer, visitor, contractor or agent;
• To process quotes, orders, sales invoices and in order to provide goods and services to you;
• To enable us to correctly set up your business account, handle invoices for goods and services that you have supplied to us, and pay you for goods that we have received;
• To enable us to communicate with you, respond to enquiries, requests for samples and gain feedback on our papers and our service;
• In the generation of aggregated, anonymised data for internal reporting, analysis and research purposes. This is carried out by third parties on our behalf;
• To inform you of changes to the products and services that we provide, including a change in price or specification;
• To enable us to award you a prize if you have won a prize;
• To investigate any complaints that you may make;
• To provide or prepare evidence in the case of, or in anticipation of, a legal dispute;
• To obtain credit references and to carry out credit checks;
• To enable us to collect any debts outstanding to us;
• To assist in the prevention and detection of fraud;
Why do we process your Personal Information?
We will only collect, store and process your personal information in adherence to data protection laws. In doing so we have relied on the following legal bases:
• Consent – Where you have provided your consent: for direct marketing communications relating to our own products and services. For more information, please see the Marketing section below.
• Contract – Where we have a contract with you, for example to provide goods or services, or in order to make preparations for entering such a contract, such as in the provision of a quote, on handling a job application.
• Legitimate Interests – The EU Privacy laws allow us to process some of your personal information if we have legitimate business grounds for doing so. Our legitimate interests for processing your personal information are:
o Management of our business relationship with you, including processing orders, invoices, payments and our account;
o Management of communication between us;
o Responding to and investigating complaints, queries, enquiries and requests for samples or to be an ambassador;
o To enable us to process prize draws, and deliver prizes if you have won;
o For the purposes of making you aware of our products and services when that satisfies the conditions outlined in the Marketing section below;
o For the purposes of securing our site via video surveillance;
o To generate aggregated, anonymised data for internal reporting, analysis and research purposes.
You have a right to object to us processing your data on the basis of our legitimate interests at any time by emailing privacy@stcuthbertsmill.com. See the section on “Your Rights” below.
Marketing
We may send you direct marketing when:
o We are sending you marketing information by post or phone, and the information fits with any preferences you have provided to us, or;
o We are sending you marketing information by electronic means to which you have consented, or;
o We are sending you marketing information by electronic means to which you have not objected, and where the information relates to products or services similar to those which were previously sold to you, or where a sale was negotiated.
Use of Children’s personal information
We do not knowingly process any personal information about children under the age of 16. If you are under the age of 16, then we will need your parent or guardian’s permission before we can accept any personal information from you. Entrants to prize draws must be 18 or over.
How we share your personal information
We may disclose your personal information to a third party in certain circumstances:
• To our service providers
o Mail distribution providers, including Mailchimp, for marketing and communication. Your name, email address and company may be passed to these providers.
o Postal and courier services. Your name, postal address and company may be passed to such providers in order to deliver samples, goods or other communications.
o Suppliers of banking services. Your name and bank account details may be passed to our bank to allow us make payments to you.
o Our accountants, third party financial controller, lawyers, auditors and similar advisors that we may ask for professional advice or service.
o Emergency services in order to request medical or emergency assistance, or to report an incident;
• If we are required or permitted to by law, the courts, regulatory or legal bodies;
• In order to defend or exercise legal proceedings;
• With a new purchaser if the ownership of our company is transferred.
Third parties providing a service may provide a separate privacy statement to you, which you are urged to read carefully.
The use of Cookies on our website
We use cookies on our website to provide us with aggregated statistics on how effective our website is, and how we can improve it. Details about how we use cookies can be found in our Cookies Policy at the foot of this notice.
How long we keep your personal information
Unless the law requires us or permits us to retain your information for longer, we will only hold your information for no longer than is necessary to fulfill the purposes for which the personal information is collected, or until you request it to be deleted. Even if your data is deleted, it may persist on backup media in order to comply with legal or regulatory requirements.
Retention periods depend on the purpose of the data collection, but we are guided by data protection laws and guidelines, our legal obligations and our ability to deal with any potential disputes.
How we keep your personal information secure
We take the security of your personal data seriously, and use a range of technologies and storage methods to ensure that this is the case.
Please bear in mind that email and communications made via electronic means are not secure unless they have been encrypted. Those communications may be transferred to and stored on servers that are based in a number of countries including those outside of the European Economic Area (“EEA”). Different countries have different regulations and these may not provide the same level of protection that is provided by the UK. We take care to ensure that third parties have appropriate security measures in place. For example, when we send communication via Mailchimp, it is certified to the EU-US and Swiss-US Privacy Shield Frameworks.
Your Information Rights
You have certain rights in relation to the data that we may store and process about you. These are laid out in the list below.
1. The Right to be Informed
You have the right to be provided with concise, transparent, intelligible and accessible information on how we use your personal data. This Privacy Statement is part of how we communicate this information to you.
2. The Right of Access
You have the right to obtain a copy of the personal data that we hold on you, and confirmation that we are indeed processing your personal information. This will usually be provided free of charge. However, we may legally charge a reasonable administrative fee if a request is excessive or repetitive, and for the supply of further copies of the same information.
3. The Right to Rectification
You have the right to ask us to correct your personal information if it is inaccurate or incomplete.
4. The Right to Erasure
This is also commonly known as “the right to be forgotten”. This allows you to request us to have personal data erased. There are circumstances where we can refuse to comply with this request, such as to enable us to exercise or defend legal claims.
5. The Right to Restrict Processing
You have the right to block or suppress processing personal data. If processing is restricted, we are still permitted to store your personal data, but we may not process it further. We are permitted in this case to retain just enough information to ensure that we respect the restriction in future.
6. The Right to Data Portability
You have the right in certain circumstances to obtain and reuse your personal data for your own purposes across different services. This allows you to move, copy or transfer your personal data easily from one IT environment to another in a safe and secure way However, this only applies to personal data that you have provided to us either with your consent or for the performance of a contract, and that is being carried out by automated means.
7. The Right to Object
You have the right to object to processing of your personal data where we are using legitimate interests as our legal basis. You also have the right to object to direct marketing and where we process personal data for the purposes of scientific or historical research or statistics. We can refuse your objection if we can prove compelling legitimate grounds for the processing which override your interests, rights and freedoms, or in the exercise or defence of legal claims.
We will use reasonable efforts in line with our legal duty to provide you with your rights as outlined.
Updating this Statement
We review from time to time our privacy practices. We will inform you of any changes by posting them on this page. Please ensure that you check back on this page at regular intervals. Changes on this page become effective as soon as they are posted.
Contact Us
If you require further information concerning this privacy notice or to exercise your rights, please contact us at privacy@stcuthbertsmill.com or write to Data Protection, St Cuthberts Mill, Haybridge, Wells, Somerset. BA5 1AG.
We will usually respond to your request within one month from when we receive your enquiry. We can extend this time by a further two months if the request is complex.
We will not make any charge for any action we take to comply with your rights, except where you request additional copies of the same information, in which case we may charge a reasonable administration fee to cover our costs, or where you submit excessive or repetitive requests, whereby we may either charge for our reasonable administration costs, or refuse to act on your request.
If you are unhappy with our response then you may be able to refer your complaint to the data protection regulator. In the UK, this is the Information Commissioner’s Office.
Effective as of: 18th May 2018
Cookies Policy – St Cuthberts Mill Ltd
What are cookies?
Cookies are small text files containing numbers and letters that websites place on your computer. They can be used for a variety of reasons, but are usually used to enable certain functions to work on a website, or to provide information to the site’s owners.
Why we use cookies
We only use cookies to enable us to gain aggregated, anonymised information which we use to make decisions about how to improve the site.
The cookies that we use on the StCuthbertsMill.com website
We use the following cookies.
• Provider – Google Analytics
Description – Google uses cookies to provide analytics by tracking website usage.
Privacy Policy – Information on Google’s use of cookies and what data is collected can be found at https://support.google.com/analytics/answer/6004245 .
Changing Cookie Settings
Control of cookie settings can be achieved through the settings of your web browser. Further information about cookies can be found at www.aboutcookies.org
Please be aware that by following any links in this section, you will be taken outside of the Stcuthbertsmill.com website.
You can opt out of being tracked by Google Analytics by visiting http://tools.google.com/dlpage/gaoptout. However, please note that this will opt you out of Analytics across all websites where Analytics is used, not just Stcuthbertsmill.com
Effective as of: 18th May 2018