Every company in the EU, regardless of it’s size, is required to comply with the new EU General Data Protection Regulation (GDPR), which comes into force on 25th May 2018 & replaces the 1998 Data Protection Act. The GDPR aims to protect the privacy, rights and freedoms of all EU citizens, and places stricter requirements on organisations relating to how they process personal information. This new law will not be affected by Brexit. The UK Government is currently processing further law (the Data Protection Bill), which will enhance the provisions of the GDPR and clarify areas of it that have been left to individual states to govern.
This privacy notice provides you with details of how Silver Sensations collects and processes the information that you give Silver Sensations when you use of our site. This includes any information you may provide through our site when you purchase a product or service, or sign up to our newsletter.
By providing us with your data, as a matter of law, you must be over 18 years of age. Or aged over 13 with the support & guidance of a responsible adult who can oversee you using our website.
Silver Sensations never has & never will sell, distribute, or lease your information to any 3rd party.
If you are not happy with any aspect of how we collect and use your data, please contact us so that we can try to resolve it for you. If we have not been able to resolve your complaint to your full satisfaction, you have the right to take your complaint to the Information Commissioner’s Office which is the UK supervisory authority for data protection issues. You can find their details herewww.ico.org.uk.
It is vitally important that the information we hold about you is accurate and up to date. If you find that any information is incorrect, please let us know & we’ll change it for you. Also please let us know, if at any time, your personal information changes. You can do this by emailing us at firstname.lastname@example.org
Lynne Morison is the data controller who is responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice).
Silver Sensations may change this policy by updating this page. You should check here from time to time to ensure that you are happy with any changes.
What Information Silver Sensations Might Collect
Personal Data is any information which is capable of identifying you as an individual. It does not include anonymous data. Here are the different types of processes where we may use personal data:
Identity Data – could include your title, first name, last name, date of birth & gender. It would also include your username where you’ve registered on this site.
Contact Data – could include your billing address, delivery address, email address & telephone number(s) where provided.
Where we are required to collect Personal Data by law, or under the terms of a contract between us & you do not provide us with that data when requested, we may not be able to perform the contract (for example, to deliver goods or services to you). If we’re not provided with this requested data, it may be that we have to cancel a product or service you have ordered & if this is the case we’ll notify you immediately.
Financial Data – could include your bank account and payment card details. However, Silver Sensations is never made aware of any of your financial data. All we receive from Paypal & Klarna is your Personal Data.
Transaction Data – could include details about payments between us and other details of purchases made by you.
Technical Data – could include your login data where you’ve created an account with us & your IP address – this is a string of numbers unique to your computer that is recorded by our web server when you request any page or component on the website. This information is used to monitor the usage of the website. No personally identifiable information is received from your IP address.
Profile Data – could include your username and password if you’ve registered on the site, orders, your interests, preferences, feedback and any possible future survey responses.
Usage Data – could include information about how you use our website, products and services.
Marketing and Communications Data – could include your preferences in receiving marketing communications from us (if you’ve signed up to our newsletters) & your preferred method of communication.
Aggregated Data – we may also process this type of data from your personal data but this data does not reveal your identity and as such in itself is not Personal Data. An example of this is where we review your Usage Data to gain an insight into website users using a specific feature of our site. If we did link the Aggregated Data & your personal data so that you can be identified from it, then it’s treated as Personal Data. However this is something we don’t do.
Sensitive Data – The following is a description of this type of data however, we don’t collect any Sensitive Data about you.
Sensitive data refers to data that could include details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We also don’t collect any information about criminal convictions and offences.
How Silver Sensations Collects Your Personal Data
We collect data about you through a range of different ways including:
Direct interactions: When you provide data by filling in forms on our website or by communicating with us by post, telephone, email or any other means, including when you:
- order of products or services
- request a personal service, such as designing a bespoke piece of jewellery
- create an account on our site
- subscribe to a service or marketing emails
- provide feedback
Third parties or publicly available sources: We may receive Technical Data from the following parties:
- Google Analytics – which tracks how many people visit the website & which pages they look at & are based outside the EU
- Google & Bing – are search engine providers based outside the EU
- PayPal & Klarna – provide name, address, email address, payment and delivery information & are both based in the EU
- EKM Systems Ltd, Caxton Road, Fulwood, Preston, Lancashire, PR2 9ZB are our website developers & hosting company which are based in the UK and are GDPR compliant
- Facebook, Pinterest, Google+ & Twitter are social networks based outside the EU
How Silver Sensations Uses Your Personal Data
We only use your personal data when legally permitted to do so. The most common uses of your Personal Data are where:
- we need to perform a contract between us
- it is necessary for our legitimate interests (or those of a third party) provided that your interests & fundamental rights do not override those interests
- we need to comply with a legal or regulatory obligation
Why Silver Sensations Processes Your Personal Data
We may process your Personal Data for more than one lawful reason, depending on the specific purpose for which we are using your data. Where we rely on processing your Personal Data on legal grounds of necessity, these are:
- to enter into & perform a contract with you to provide a service
- for our legitimate interests to develop our products/services/website and grow our business Develop a marketing strategy to tailor products to different types of customers
- for the legitimate interests in running our business, provision of administration and IT services, network security, to prevent fraud and also in the context of a business reorganisation or group restructuring exerciseTo comply with a legal obligation
- for our legitimate interests to keep our records updated & to study how customers use our products & services
- for our legitimate interests to recover any debts owed to us
Silver Sensations & Marketing Communications
You’ll only receive marketing communications from us if you’ve signed up for this service & haven’t opted out of receiving this type of communication from us.
Silver Sensations doesn’t provide any third party with any information for marketing purposes. However, if we were to do so in the future, we would need your express opt-in consent before we share your personal data with any third party for this purpose.
Generally, we do not rely on consent as a legal ground for processing your Personal Data, except in relation to sending marketing communications to you via email or text message.
You have the right to withdraw such consent to marketing communications at any time by emailing us at email@example.com and you can also unsubscribe at any time by following the unsubscribe link in each email.
You can ask us to stop sending you marketing messages at any time by following the opt-out links in any marketing message sent to you OR by emailing us at firstname.lastname@example.org at any time.
Opting out of receiving our marketing communications will not apply to Personal Data provided to us as a result of a product or service purchase, product or service experience or any other transaction(s).
Change of purpose
We will only use your Personal Data for the purpose(s) for which we originally collected it, unless we reasonably consider that we need to use it for another reason, (except marketing communications where we need your express opt-in consent), and that reason is compatible with the original purpose.
If we need to use your Personal Data for a purpose unrelated to the purpose(s) for which we collected the data, we will notify you and explain the legal ground of processing.
We may only process your Personal Data without your knowledge or consent if required, or permitted, to do so by law,
Disclosure Of Your Personal Data
We may have to share your Personal Data with the parties below for the purposes mentioned previously:
- Service providers who provide our IT and system administration services
- Professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services
- HM Revenue & Customs, regulators and other authorities based in the United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances
We require all third parties to whom we transfer your data to respect the security of your Personal Data and to treat it in accordance with the law. We only allow such third parties to process yourPersonal Data for specified purposes and in accordance with our instructions.
Countries outside of the European Economic Area (EEA) do not always offer the same levels of protection to your Personal Data, so European law has prohibited transfers of Personal Dataoutside of the EEA unless the transfer meets certain criteria.
Some of our third parties service providers are based outside the EEA so their processing of your Personal Data will involve a transfer of data outside the EEA.
Whenever we transfer your Personal Data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is implemented:
- We will only transfer your Personal Data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission or
- Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give Personal Data the same protection it has in Europe or
- Where we use providers based in the United States, we may only transfer data to them if they are part of the EU-US Privacy Shield which requires them to provide similar protection toPersonal Data shared within the EEA
If none of the above safeguards is available, we may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
We have put in place appropriate security measures to prevent your Personal Data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your Personal Data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected Personal Data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will only retain your Personal Data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data: see below for further information.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Your Legal Rights
Under certain circumstances, you have rights under data protection laws in relation to your Personal Data including the right to:
- Request access to your personal data
- Request correction of your personal data
- Request erasure of your personal data
- Object to processing of your personal data
- Request restriction of processing your personal data
- Request transfer of your personal data
- Right to withdraw consent
You can see more about these rights at the ICO website here
If you wish to exercise any of the rights set out above, please email us at email@example.com.
You will not have to pay a fee to access your Personal Data (or to exercise any of your other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that Personal Data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. If this is the case, we will notify you and keep you updated.
Third Part Links
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of each website you visit.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
When browsing the internet and using online services, this sometimes involves placing small amounts of information on your web enabled device, this includes small files known as cookies. They cannot be used to identify you personally.
Cookies are used to improve services for you, for example:
- Enabling a site to recognise your web enabled device so you don’t have to repeat information already given
- Recognising that you may already have a username and password so you don’t need to enter this every time your requested to do so
- Measuring how many people are using the site, so usability can be improved
We use traffic log cookies to identify which pages are being used. This helps us to analyse data about web page traffic and improve our website in order to tailor it to customer needs.
A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies & you can read more about these small files yourself, at this useful website About Cookies.
You can also obtain information on how to block and delete cookies by choosing your browser below:
Blocking all cookies will have a negative impact upon the usability of many websites so if you block cookies, you won’t be able to use all of the features on our website.
If you believe that any information we hold about you is incorrect or incomplete please write, or email us as soon as possible. We will promptly correct any information found to be incorrect.
Our full details are:
Full name of legal entity: Lynne Morison
Email address: firstname.lastname@example.org
Mrs Lynne Morison
45 Old Oscott Lane
This page was updated on 23rd May 2018