What’s This All About?
Since the passing of the Data Protection Act in 1998, UK companies have been legally required to treat any personal data they hold on individuals (whether in physical or electronic form) in accordance with the provisions of the act. These requirements have been enhanced and extended by the EU General Data Protection Regulations (GDPR), which became law in the UK on May 25th 2018.
At Maybugs we take the privacy of our customers very seriously; we're committed to ensuring that the information we collect and use is appropriate and does not constitute an invasion of your privacy. The following statement sets out how and why we collect, store and process data which could personally identify an individual, as well as your rights in respect of any such data.
Who Are We?
27 Vicarage Field
Tel. 01323 449901
Maybugs is registered as a ‘Data Controller’ with the Information Commissioner’s Office in accordance with the provisions of the General Data Protection Regulations (GDPR) and the Data Protection Act. Our registration number is ZA463783. Further details relating to this registration are available from ico.org.uk
What Personal Information Do We Collect?
We collect the names and address, telephone and fax numbers, and email addresses of our customers, and of those who express an interest in our products and in becoming customers. We endeavour to keep all such information as accurate and up-to-date as we can.
Why Do We Collect This Information?
We collect information so that we can manage our customers' accounts and carry out our contractual obligations to them when they order our products, and so that we can keep them informed of new products and offers which we believe are likely to be of interest to them. We also use such information to send marketing communications to those who have expressed interest in our products, provided that they have consented to receive such communications. You can update your communication preferences and/or unsubscribe from marketing communications at any time, either by contacting our team or by clicking the ‘Unsubscribe’ link at the bottom of marketing emails.
What Is Our Legal Basis For Collecting And Processing This Information?
The legal basis for collecting and processing your personal data is one or more of the following:
Consent – you have voluntarily given us the information and given us your permission to use it for marketing purposes and/or to answer an enquiry– OR
Contractual – we need to collect and process data including personal information in order to perform our contractual obligations when you open an account and order products from us – OR
‘Legitimate Interest’ – if you have opened an account with us, we may communicate with you from time to time to inform you of offers, promotions etc. which we think may be of interest to you - subject to your right to opt out of such communications at any time.
How Do We Collect This Information?
Information is collected when you create an account with us. You may give us this information by filling in a form (either paper or on our web site), shopping in store, or by communicating with us via phone, post, email or other electronic means.
Who Do We Disclose Your Data To?
We will never under any circumstances sell or rent your personal data to any third party, and we will only pass on such data when necessary for the operation of our business or to fulfil our legal obligations. We may, for example, share data with;
* Maybugs employees, for the purposes set out above.
* Courier companies engaged by us to deliver goods you have ordered from us.
* Companies providing email marketing services which we use to communicate with you.
* Any statutory body or other third party to whom we are obliged to disclose such data in order to comply with our legal and regulatory obligations.
How Long WILL We Keep Your Data?
We won't retain your data longer than is reasonably necessary or legally required.
If you're not a prospective customer, but have contacted us with a question about our products we will retain your data only for as long as needed to fulfil your request.
If you have made an enquiry about our products but not entered into a trading relationship with us, we'll retain your data for a maximum of two years from the date of your most recent enquiry, unless you ask us to delete it sooner.
If you have opened an account with us, we will keep your data while your account is open, and for as long as required for legal and regulatory purposes thereafter.
Data which is no longer required is disposed of securely. You can at any time request that we erase all personal data we hold on you; our ability to comply fully with such a request will depend on our regulatory and legal obligations (see the 'Your Rights' section below for more details).
International Data Transfers
The GDPR stipulates that companies should not transfer personal data outside the EU unless it is to
a) a country which the EU regards as 'Adequate' in its Privacy and Data Protection regulations; or
b) an organisation whose Privacy and Data Protection policies and practices are accredited by a certification scheme approved by the EU; or
c) an organisation which has signed a binding contractual commitment to process personal data in compliance with the requirements of the GDPR.
This web site is hosted by Squarespace, which is an American company, and personal data entered on the site will be transmitted to us from their servers in the U.S. We use Mailchimp, another American company, to send marketing emails, and personal data uploaded by us to their site is stored on their servers in the U.S. Both Squarespace and Mailchimp are members of the EU-US Privacy Shield Framework, and as such are authorised to receive and process data from EU countries. For more details about the Privacy Shield Framework, go here.
Cookies are small text files which are saved by web sites on the hard drive of computers or other devices visiting those sites. They may be either ‘session’ cookies, which are deleted when the user closes their browser, or ‘persistent’ cookies which remain until their pre-set expiry date (unless deleted by the user before that date). Nearly all web sites use a combination of these cookies to enhance the experience of users – for example, on the trade section of our web site cookies are used to remember that you’ve logged in, and what you’ve added to your shopping basket.
Some sites use third-part cookies, for example when their site hosts content or adverts from other companies. We don't host any adverts, but our site contains links to our Facebook, Instagram, and Twitter web pages. Clicking one of those links may result in one or more cookies being placed on your computer when you land on those pages; these will be subject to the cookie policies of those companies, which you can read on their web sites. Our site uses Google Analytics cookies to analyse traffic to and within the site to help us improve it. You can if you wish opt out of being tracked by Google Analytics (across all websites, not just ours) - visit this page for more details.
You can configure your web browser not to accept any cookies (although doing so may affect your ability to use this and other sites as you wish to); you can also delete any or all stored cookies from within your browser at any time.
The security of your personal information is of the utmost importance to us. Data held by us is stored on our servers at our company premises, protected by a combination of physical and electronic access controls and firewall technology. Where we have a need to share your data with third parties as described above, we verify that they will process the data only for the purposes for which it is shared, and will treat it in conformity with the requirements of the GDPR.
What Are Your Rights In Respect Of Personal Data Held By Us?
You have the following rights in respect of your personal data held by us:
* To be informed about how we obtain and use your information
* To request a copy of all the personal information we hold about you, and (except in exceptional circumstances) to receive this within 30 days of making the request.
* To have any outdated or incorrect data concerning yourself rectified promptly on bringing this to our attention.
* To request that we erase any personal data we hold about you (please note that this is subject to our legal and regulatory obligations – records of our financial transactions, for example, which may contain personally identifiable data, must be held for seven years from the end of the tax year in which the transaction took place).
* To unsubscribe from marketing communications at any time, either by contacting our Customer Service department or by clicking the ‘Unsubscribe’ link at the bottom of marketing emails.
* Where the processing of your data is based on consent, the right at any time to withdraw that consent.
If you are unhappy with how we have handled your personal data, please contact us using the contact details above and we will endeavour to resolve the matter to your satisfaction. If we're unable to do so, you have the right to complain to the Information Commissioner’s Office (ICO) about any business at any time if you believe there is a problem with the way your data is being handled. See the ICO website for further details.