Fezza and Del Privacy and Data Protection
This statement explains how Fezza & Del (“We”) collect personal data from you, why we collect it, how we process it and where we may disclose it to other entities.
New regulations regarding the collection and storing of personal data came into effect in 2018 and so the following information is more in depth than previously required.
We are committed to complying with these regulations for the purposes of data protection and privacy.
We only collect data for the purpose of processing and managing your order and so that we can keep in touch with you by newsletter occasionally. For this we need to keep your name, address, email address, phone number and details of your previous orders.
We do not retain your payment details within our systems. These are held externally within Paypal, Worldpay or Stripe.
In trusting us with your personal details you are entitled to rights under the Data Protection Act 1998 and the EU General Data Protection Regulation.
You have rights in relation to the privacy of your personal information. In the case of any request involving your rights, we will respond to your request without delay and at most within one month of receipt of your request. We are permitted to extend this time period by up to two months if your request is particularly complex.
The Right of Access Subject Access Requests allow your right to obtain a copy of the information that we hold about you.
You have the right to ask us to provide you with this information free of charge. However, should the request be deemed to be manifestly excessive, manifestly unfounded or repetitive, then we are permitted to charge a reasonable fee for providing the information.
In such circumstances, and as an alternative, we can refuse to comply with the request. If this is the case then we shall let you know the reasons for us refusing to comply.
You have a right to appeal such a decision via the UK Information Commissioner’s Office.
For further information visit https://ico.org.uk/ Subject access requests may be sent to our data administrator at email@example.com
The Right to Rectification
You are entitled to have the information that we hold about you rectified if it is inaccurate or incomplete. If you believe that the information that we hold about you is inaccurate, incomplete or out of date then please inform our data administrator.
We will also inform any third parties of the rectification in order that they can update their records too.
The Right to Erasure
You have the right to request that we delete the personal information that we hold about you where we have no compelling or legal reason to keep it.
This right applies:
• Where the original intention for collecting or processing the data is no longer relevant.
• Where you have withdrawn consent.
• Where you object to us processing the data and there is no overriding legitimate interest for us to continue to do so
• When the personal data has to be erased for us to comply with a legal obligation
• When the data has been unlawfully processed
• Where the data relates to a child
This right shall not apply:
• Where we are exercising the right of freedom of expression and information
• Where we are complying with a legal obligation
• When we need the data to exercise or defend a legal claim
Please email firstname.lastname@example.org if you object to or would like to withdraw your consent.
We will also inform any third parties of the request in order that they can erase their records too.
The Right to Restrict
Processing Processing in this sense means using your data, for example to send you a newsletter or marketing email.
You can request that we restrict the processing of your information.
This means that you may have requested one of your other rights, where until the request is concluded that we suspend the processing of your data.
This right will apply:
• Where you contest the accuracy of the information that we hold about you and you request that we restrict processing while we investigate
• You object to us processing your personal data, but we believe that processing is in the public interest or the performance of our legitimate interests and that these are legitimate grounds to override your interest
• Where you believe that processing is unlawful and you request restriction instead of deletion
• Where we no longer need that data, but you require the data stored in order to pursue a legal claim.
Restriction requests may be sent to email@example.com
Information We May Collect From You
We use the EU General Data Protection Regulation definition of personal data.
This is any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
We may collect and process the following data about you:
• Information that you provide by filling in forms on the website at www.fezzaanddel.com, This includes information provided at the time of registering to use the website, subscribing to our service, posting material or requesting further services.
We may also ask you for information if you report a problem with the website
• If you contact us by post or phone we may keep a record of that correspondence
• Details of transactions you carry out through the website and of the fulfilment of your orders
• Details of your visits to the website including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access
• We may also receive your information from another organisation that you have consented for them to share your data
Privacy Notice and Cookies
We may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer.
Cookies and other such software on our website contain information that is transferred to your computer’s hard drive.
They help us to improve the website and to deliver a better and more personalised service.
This includes, but is not limited to:
• Your IP address
• Your operating system
• Your browser type
• The name of your internet service provider
• The date, time and duration of your visit
• The name and URL of pages you access
The purpose of this is for system administration.
This contains statistical data about our users’ browsing actions and patterns, and does not identify any individual.
The website may, from time to time, contain links to and from the websites of our partners or makers.
If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.
Please check these policies before you submit any personal data to these websites. You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies.
However, if you select this setting you may be unable to access certain parts of the website.
We ask that children do not provide personal information through our website. If we become aware that we have collected personal information from a child under the age of sixteen, then we will delete that information from our records.
Where We Store Your Personal Data
The data that we collect from you may be transferred to, and stored at, a destination outside the European Union (“EU”). By submitting your personal data, you agree to this transfer, storing or processing.
We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with the appropriate EU General Data Protection Regulation Article, including;
Article 45 – Adequacy Decision
Article 46 – Appropriate Safeguards
Article 47 – Binding Corporate Rules
Article 49 (1) – Specific Situation Exemption or
Article 49(2) – Transfer to the Data Subject.
Where you have created (or we have given you) a password which enables you to access certain parts of the website, you are responsible for keeping this password confidential.
We ask you not to share a password with anyone. We use physical, technological and administrative safeguards to protect your personal information against loss, misuse or alteration.
All your personal information is stored securely and may only be accessed by employees with a legitimate business need to access the information.
Unfortunately, the transmission of information via the internet is not completely secure and we cannot guarantee the security of your data transmitted to the website.
Any transmission is at your own risk. How We Use Your Information We use information held about you in the following ways:
• To ensure that content from the website is presented in the most effective manner for you and for your computer
• To carry out our obligations arising from any contracts entered into between you and us
• To allow you to participate in interactive features of our service, when you choose to do so
• To notify you about changes to our service
We may use your data to enable us to send you post and emails with information about our goods and services that we believe may be of interest to you.
We will never share your data with any third parties for the purpose of direct marketing, advertising or email.
We may disclose your personal information to third parties:
• In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets
• If Fezza & Del or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets
In addition to the information that we share in order to comply with our legal obligations, we also may share or disclose the information:
• To third parties that process data on our behalf • To any other party with your prior consent Fraud Prevention. We may also exchange your information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Where false information or fraud is suspected, we may pass this information to fraud prevention and law enforcement agencies. Retention of Data We retain your information for as long as you hold an account with us. This enables us to maintain an ongoing relationship with you and allows us to service the orders that you place with us.
We follow a data retention schedule; this has been put in place to ensure that we retain the minimum amount of personal data about you. Sensitive Information We ask that you not send or disclose any sensitive personal information to us either through our website, post, email, telephone call or by any other method.
This means information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership. Breaches In the unlikely event that information that you have supplied us is compromised then we shall notify both the UK Information Commissioner’s Office and you that this is the case.
This notification will be made without due delay.
Changes to this statement We review this policy annually or after any significant changes in either our business or regulations.
Date of review: 8th Feb 2020
Date of Next Review: 8th Feb 2021
We can be contacted at firstname.lastname@example.org