DAKS SIMPSON GROUP PLC
1. WHAT IS PERSONAL INFORMATION?
Personal data means any information about an individual from which that person can be identified. There are “special categories” of more sensitive personal data which require a higher level of protection, however we do not collect special category data.
When we ask for personal information we will ensure that it is:
- processed lawfully, fairly and safely in a transparent manner;
- collected for specified, explicit and legitimate purposes;
- adequate, relevant and limited to what is necessary;
- retained only for as long as necessary; and
- processed in an appropriate manner.
- People who have been involved in road traffic accidents and their insurance providers: to assist with insurance claims, legal claims and investigations
- Private and other investigators: to aid their investigations
- Any relevant regulators: where we are required to do so by law or to assist with their investigations or initiatives, and this includes but is not limited to the Information Commissioner's Office
2. THE KIND OF INFORMATION WE HOLD ABOUT YOU?
When you purchase something from our store/website, as part of the buying and selling process, we collect the personal information you give us such as:
- your name, title;
- your personal and sometimes business address such as telephone numbers and email addresses; signature;
- your image captured on CCTV (if you visit our store – please refer to our CCTV Policy;) and
- marketing (if you have consented to do so), so that we may send you emails about our store, new products and other updates.
3. WHY WE COLLECT YOUR DATA AND WHAT WE DO WITH IT.
Your personal data is being collected as an essential part of the service we provide, so that we can complete your buying and selling process. If we do not have access to this personal data we will not be able to provide the service expected of us to do. We may also use it to contact you about related matters if you have agreed to receive emails from us. We will not use your personal information for marketing purposes or pass it onto any other organization for that purpose unless you have given us prior express consent to do.
We do not disclose your personal data to anyone else except as set out above.
Your personal data are not sent overseas and remains in the UK.
Your personal data will not be used for any automated decision making without your consent.
4. HOW LONG WE KEEP YOUR PERSONAL DATA
We will not retain your data for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of data, however the longest we will normally hold any personal data is 6 years.
5. LAWFUL BASIS
We have a lawful basis for processing of your personal data for the performance of a contract to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, and using it for that specific reason only. If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
6. YOUR RIGHTS
The data we are collecting is your personal data, and you have certain rights bout what happens to it. You have the right to:
- see want data we hold about you;
- ask us to stop using your data, but keep it on record;
- have all or some of your data corrected if it is inaccurate or incomplete;
- lodge a complaint with the Information commissioner (ICO) if you think we are not handling your data fairly or in accordance with the law;
- opt out if you change your mind for marketing consent you have preciously given by contacting us at the contact details below.
You can get more details from us on:
- how to find out what information we hold about you and how to ask us to correct any mistakes;
- agreements we have with other organisations for sharing information, e.g. CCTV;
- circumstances where we can pass on your personal information without telling you, e.g. to prevent and detect crime;
- our instructions to staff on how to collect, use and delete your personal information; and
- how to make a complaint.
Please visit our Cookies Policy for information on how we deal with cookies on this website.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
9. THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us. However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
When we ask for personal information from you the provisions of the law including General Data Protection Regulation (GDPR) and the Data Protection Act 2018 as applicable will be applied at all times. For independent advice about data protection, privacy and data sharing issues or to lodge a complaint please contact the ICO at www.ico.gov.uk or call on 08456 306060.
14. QUESTIONS & CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact us at firstname.lastname@example.org or write to us at Group Legal Counsel DAKS, 10 Old Bond Street, London, W1S 4PL, United Kingdom.