What is this policy?
- We DONT sell your data to third parties
- We DO make it easy to manage your information and you can change it at any time
- We DO use data to help provide great customer service, which includes tailoring the information we share with you to be relevant, useful and timely
- We share your concern about the protection of your personal information and are committed to safeguarding your privacy.
- We DO use specialist third parties to process your data
This policy covers information we collect about you through our websites, customer service centre, events, agents or otherwise. Here for your quiet enjoyment is all the details...
What information do we collect from you?
We may collect the following
- IDENTITY Data may include your first name, maiden name, last name, username, title.
- CONTACT Data may include your billing address, delivery address, email address and telephone numbers.
- FINANCIAL Data may include your bank account and payment card details.
- TRANSACTION Data may include details about payments between us and other details of purchases made by you.
- TECHNICAL Data may include your login data, internet protocol addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform and other technology on the devices you use to access this site.
- USAGE / ANALYTICAL Data may include information about how you use our website, products and services.
- FUNCTIONAL Data may be collected to ensure you gain a targeted best customer experience.
- MARKETING & COMMUNICATIONS Data may include your preferences in receiving marketing communications from us and our third parties and your communication preferences.
- OTHER personal information that you choose to provide us with then you complete our online contact forms or otherwise make contact with us.
How do we collect your data?
Through direct interactions with us, you may provide data by filling in forms on our site (or otherwise) or by communicating with us by post, phone, email or otherwise, including when you
- Order our products or services;
- Subscribe to our service or publications;
- Request resources or marketing to be sent to you;
- Enter a competition, prize draw or promotion;
- Give us feedback.
Automated technologies or interactions. As you use our site, we may automatically collect Technical Data about your equipment, browsing actions and usage patterns. We collect this data by using cookies, server logs and similar technologies. We may also receive Technical Data about you if you visit other websites that use our cookies.
Third parties or publicly available sources: We may receive personal data about you from various third parties and public sources analytics providers such as Google based outside the EU; Contact, Financial and Transaction Data from providers of technical, payment and delivery services such as Shopify, Stripe, Royal Mail Identity and Contact Data from publicly available sources such as Companies House and the Electoral Register based inside the EU.
Other information collected whilst you are interacting with us, including:
- Information that you provide by filling in forms on our websites. This includes information provided at the time of registering to use our site, subscribing to our service, posting material or requesting further services.
- We may also ask you for information when you enter a competition or promotion sponsored by us and when you report a problem with our site.
- If you contact us, we may keep a record of that correspondence.
- We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
- Details of transactions you carry out through our site and of the fulfilment of your orders.
- Details of your visits to our site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access.
How do we use your information?
We will only use your personal data when legally permitted. The most common uses of your personal data are:
- Where we need to perform the contract between us.
- Where is it necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligations.
Generally, we do not rely on consent as a legal ground for processing your personal data, other than in relation to sending marketing communications to you via email or text message.Set out below is a description of the ways we intend to use your personal data and the legal ground on which we process such data. We have also explained what our legitimate interests are where relevant.All personal data is processed and stored securely, for no longer than is necessary in light of the reason for which it was first collected. On the whole, our primary use of your information is in the following ways:
- to maintain our relationship with you whilst you are a customer;
- to process orders and provide agreed goods and services to you;
- for invoicing, processing payments, account set up and maintenance;
- to communicate with you, including to respond to information requests /enquiries submitted and/or to obtain your feedback on our products and services;
- for record keeping, statistical analysis and internal reporting and research purposes;
- to ensure data security and to provide you with access to secure areas of our Websites;
- to notify you about news and changes to our products and services;to decide on and notify you about price changes;
- to monitor the quality of our products and services;
- for logistical purposes, including to plan and log delivery routes;
- to investigate any complaint you make;
- to provide evidence in any dispute or anticipated dispute between you and us;
- to customise various aspects of our Websites to improve your experience;
- to pre-complete online forms on our Websites. For example, if you have provided an address when using one service, the Websites computers may automatically fill in that information on an order form for another service;
- as we may otherwise consider necessary to support the operation of our Websites;
- for fraud detection and prevention and risk management purposes;
We may send you direct marketing in relation to our own products and services, as long as this is in line with any direct opt in of marketing preferences that you have provided to us.Our newsletter mailing list is managed by Mailchimp and they hold this data. You can access this data and unsubscribe via any news letter.
We will only send you direct marketing in relation to our own products and services by email or SMS if you have consented to this.
If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale or prospective sale to you.
With your permission and where permitted by law, we may also use your data for marketing purposes which may include contacting you by email, telephone or post with information, news and offers on our products and services. We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that We fully protect your rights and comply with Our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
You have the right to withdraw your consent to us at any time via the UNSUBSCRIBE or UPDATE MY PREFERENCES at the bottom of any newsletter. Any other queries can be made via our form below.
Change of Purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to find out more about how the processing for the new purpose is compatible with the original purpose, please email us.If we need to use your personal data for a purpose unrelated to the purpose for which we collected the data, we will notify you and we will explain the legal ground of processing.We may process your personal data without your knowledge or consent where this is required or permitted by law.
We may disclose your personal information to:
Any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 736 of the UK Companies Act 1985.
Service providers who provide IT and system administration services.
Professional advisers including insurers, bankers and auditors who provide consultancy and accounting services.
Third parties to whom we sell, transfer or merge parts of our business or our assets.
We require all third parties to whom we transfer your data to respect the security or your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions of purchase and other agreements; or to protect the rights, property, or safety Pearl and Earl Limited, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Where is your information stored?
We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with current legislation.Many of our third parties service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). By submitting your personal data, you agree to this transfer, storing or processing.
Our website is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application.
Payment - If you choose a direct card payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). The information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, they follow all PCI-DSS requirements and implement additional generally accepted industry standards. Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
Shipping data is sent directly to our third party shipping providers including Royal Mail.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
The following section details your rights in bold and a simplified explanation of those rights. The various rights are not absolute and each is subject to certain exceptions or qualifications.We will grant your request only to the extent that it follows from our assessment of your request that we are allowed and required to do so under data protection laws. Nothing in this Privacy Statement is intended to provide you with rights beyond or in addition to your rights as a data subject under data protection laws.
- The right to be informedYou have the right to be provided with clear, transparent and easily understandable information about how we use your personal information and your rights. This is why we’re providing you with the information in this Privacy Statement.
- The right of accessYou have the right to obtain a copy of your personal information (if we’re processing it), and other certain information (similar to that provided in this Privacy Statement) about how it is used.This is so you’re aware and can check that we’re using your personal information in accordance with data protection law.We can refuse to provide information where to do so may reveal personal information about another person or would otherwise negatively impact another person‘s rights.
- The right to rectificationYou can ask us to take reasonable measures to correct your personal information if it’s inaccurate or incomplete. E.g. if we have the wrong date of birth or name for you.
- The right to erasureThis is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your personal information where there’s no compelling reason for us to keep using it or its use is unlawful. This is not a general right to erasure; there are exceptions, e.g. where we need to use the information in defence of a legal claim.
- The right to restrict processingYou have rights to ‘block’ or suppress further use of your personal information when we are assessing a request for rectification or as an alternative to erasure. When processing is restricted, we can still store your personal information, but may not use it further. We keep lists of people who have asked for further use of their personal information to be ‘blocked’ to make sure the restriction is respected in future.
- The right to data portabilityYou have rights to obtain and reuse certain personal information for your own purposes across different organisations. This enables you to move, copy or transfer your personal information easily between our IT systems and theirs (or directly to yourself) safely and securely, without affecting its usability. This only applies to your personal information that you have provided to us that we are processing with your consent or to perform a contract which you are a party to (such as pay and compensation services), which is being processed by automated means.
- The right to objectYou have the right to object to certain types of processing, on grounds relating to your particular situation, at any time insofar as that processing takes place for the purposes of legitimate interests pursued by us or by a third party. We will be allowed to continue to process the personal information if we can demonstrate “compelling legitimate grounds for the processing which override [your] interests, rights and freedoms” or we need this for the establishment, exercise or defence of legal claims.
- Rights in relation to automated decision making and profilingYou have the right not to be subject to a decision based solely on automated processing (including profiling), which significantly affects you, subject to some exceptions. Where this is the case, you have the right to obtain human intervention, voice your concerns and to have the decision reviewed.
Should you wish to exercise any of these rights we will review any legitimate request:
- Please contact us and provide as much information as possible to help us identify the information you are requesting, the action you are wanting us to take and why you believe this action should be taken.
- Before assessing your request, we may request additional information in order to identify you.
- If you do not provide the requested information and, as a result we are not in a position to identify you, we may refuse to action your request.
- We will generally respond to your request within one month of receipt of your request. We can extend this period by an additional two months if this is necessary taking into account the complexity and number of requests that you have submitted.
- We will not charge you for such communications or actions we take, unless: you request additional copies of your personal data undergoing processing, in which case we may charge for our reasonable administrative costs, oryou submit manifestly unfounded or excessive requests, in particular because of their repetitive character, in which case we may either: (a) charge for our reasonable administrative costs; or (b) refuse to act on the request.
You can choose to opt out of receiving direct marketing information from us at any time, through the ‘Unsubscribe’ link at the bottom of any email you receive, or by contacting the customer service center or filling in the form below.
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only, including contacting you about this transaction via email and other means.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
Should you wish to withdraw your consent, you may use the unsubscribe link on any emails or contact us as below.
Use of the site again implies renewed consent. By using this site, you represent that you are at least the age of majority in your province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
We try to respond to all legitimate requests for updating of details your information within one month. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.Any questions on this policy should be addressed to PRIVACY COMPLIANCE OFFICER via the form above or the CONTACT US facilities on the site.