Privacy & Data Policy
Table of Contents
Introduction
Information which Aylsham Candles may hold or retain
How we use your information
Your Choices
Sharing and Disclosure
General Policies / Further information
Introduction
In this document (“Privacy & Data Policy”) the partners in Aylsham Candles (“we”) explain how we use data and handle privacy and why and how we collect and use information. We also cover the choices available to you in accordance with your rights and our obligations.
Aylsham Candles is a business manufacturing and supplying hand-made candles and associated complementary products to both trade and consumer customers. In referring to “Services” or our activities we are referring to our day-to-day business in those sectors, including in meeting the needs of existing and prospective customers.
Although we regularly attract custom by way of trade-fair and other face-to-face dealings, we also offer our goods via technology platforms, including through our website and online shop, accessible by desktop and mobile devices. In the interests of our business, our business relationships, including with customers, and our commitment to respecting the rights of all those we deal with, we retain information only in so far as lawful, necessary and appropriate, and we aim to comply at all times with requirements of privacy and confidentiality, and with applicable data protection legislation, including the Data Protection Act 1998 and the UK General Data Protection Regulation, or GDPR.
The partners determine data management practices and safeguards according to our stated purposes of trading with trade partners and customers and in supplying goods and certain services and the partners are the controllers of all relevant information. Our guiding principle is only to use information fairly and for the bona fide purposes of our business doing so at all times with regard to the consent obtained from you and your instructions in relation to the use of information.
Information which Aylsham Candles may hold or retain
1 Customer Data
Information which you supply to us in the exercise of your choice to do so for the purposes of enquiry or contract between us, which may include certain information which we request, which may be compulsory or not. In general, compulsory information is oriented towards establishing a proper basis for contractual relations, for example, as to identity, address (necessary for financial processing and also delivery), usual contact information, including email and at least one active telephone number, necessary age and non-compulsory information is oriented to our better understanding customer needs and preferences including, where the customer wishes it, marketing communications – all of this is “Customer Data”.
In so far as a unique customer i/d and account is allocated to you, which is always the case once a transaction arises between us, the Customer Data will be retained as long as the account is active, and if it is closed, for such period as may be required by law.
You should be aware that all businesses may be required in specified circumstances to report to the police or other relevant authorities activities regarded to be criminal, otherwise unlawful or potentially so, including in relation to so-called identify fraud, and that your rights and our obligations to you in respect of Customer Data or otherwise, may be subject to and overridden by public interest and our obligation to comply with the investigations and enquiries of proper authorities.
We will only hold Customer Data which you provide with your consent. We may reasonably assume consent on a continuing basis where you place an order with us.
2 Other information
For the purposes of the proper running and administration of our business, including accounting, we may handle the following “Other Information”:
Information necessary for the creation and maintenance of a customer or trade partner account. In addition to Customer Data, this might include password and security information;
Financial information relating to orders, invoicing and payment. We may collect and store billing address and credit card information but only in compliance with applicable legislation or regulation and with your permission;
Information relating to visits to our web services and other activities connected with the Services. This may include information about how you are accessing and using our website and the Services, including past orders, administrative and support communications, including in respect of any complaints and returns, and how you engage with features, content, and any links, and what integrations and embeds you use (in so far as we operate them);
Contact information, including any you elect to share with us by way of any application (e.g. by way of so-called “sharing”);
Log data. This is information compiled, for example, whenever you visit a website, or your mobile app sends and receives data as you use it. This log data may include your so-called Internet Protocol address, the address of the web page or pages you visited before accessing our Services, your browser type and settings, the date and time of your use of the Services, information about your browser configuration and plug-ins, language preferences, and cookie data. This list is not exhaustive;
Device information. We may collect information about the device you are using the Services on, including what type of device it is, what operating system you are using, device settings, application IDs, unique device identifiers, and crash data. Whether we collect some or all of this information often depends on what type of device you are using and its settings;
Geo-location information. Precise GPS location from mobile devices is collected only with your permission. Wi-Fi and IP addresses received from your browser or device may be used to determine approximate location;
Services integrations. If, when using the Services, you integrate with a third-party service, we will connect that service to ours. The third-party provider of the integration may share certain information about your account with Aylsham Candles. However, we do not receive or store your passwords for any of these third-party services. Any such third-party services will be clearly flagged and identified as such;
Third-party data. We may also receive information from our trading partners, or others that we use to make our own information better or more useful. This might be aggregate level information, such as which IP addresses go with which zip codes, or it might be more specific information, such as about how well an online marketing or email campaign performed;
In respect of Other Information, we will always respect such rights as you may exercise to block, restrict or manage information as set out above in so far as it relates to the above, including by way of settings in your relevant device/s;
3 Cookies
“Cookies” are small items of data sent from a website and stored locally on a user's computer by the user's web browser whilst the user is browsing. They may be retained if not cleared or blocked. They make “tailoring” of web-activity possible in storing reference data particular to a user. Aylsham Candles may use cookies and similar technologies to provide and support our websites and Services in accordance with this Privacy and Data Policy and the codes of practice of.
How we use your information
We use your information to provide, maintain and improve the Services and in protecting, enhancing and administering our business.
1 Customer Data
We access and make reasonable use of Customer Data in accordance with the terms of a customer’s consent and instructions in order to (a) provide, maintain and improve the Services, (b) address service, security, technical issues or in accordance with a customer’s request for assistance or support, or in addressing any grievance or complaint (c) comply with the law or any lawful data request or instruction and (d) to service any matter arising from our terms and conditions from time to time in accordance with them. This we do in accordance with our statutory and contractual security and confidentiality obligations.
2 Other Information
We use Other Information for the following purposes, to:
improve and better understand our business and the Services, including through selective surveys and other research to analyze and understand how our Services are being used and our products seen in terms of quality and customer satisfaction;
To communicate with you and other parties by for example:
Responding to your requests, If you contact us with a problem, query or question, we will use available information, including any you give us, to respond;
Sending emails and messages. We may send you Services and administrative emails and messages. We may also contact you to inform you about changes in the Services, our Service offerings, and important notices related to the Service and our website, such as in relation to security, fraud and data breach. These emails and messages are an essential part of the Services and our mutual interests and you may not opt-out of them other than by closing your customer account. We occasionally may send emails about new product features or other news about our activities and products. You may opt out of these at any time;
Manage our billing and account systems and records. We use account data, including typical goods supply software packages to administer accounts and keep track of billing and payments;
Conduct marketing exercises, including with selective partners – you may opt out of these at any time;
Investigate and prevent abuse and security breaches;
This policy is not intended to place any limits on what we do with data that is aggregated and/or de-identified so it is no longer associated with an identifiable customer or other data subject – in other words information which is a general nature and not specific to your identity or Customer Data.
Your Choices
1 Customer Data
Subject to retaining information necessary to maintain an active customer account, we will always respect your wishes in relation to Customer Data. We have only basic and simple records, so there is limited scope for self-management of your customer profile. You may always elect to close your account or advise us by email, telephone or through our ‘CONTACT’ page as to your particular requests or instructions.
2 Other Methods for Choice
Many browsers have functions which provide you with privacy, security and control tools, for example in relation to cookies and other aspects of data storage. Your mobile device will include a broad range of settings options for you tailor what the device and your use of it may reveal to other parties, for example, location data and notifications. These controls are not within our remit or control and are matters of your preferred use of options available to you in your particular devices operating systems and installed apps. If we offer any mobile device app, it will be subject to this Privacy & Data Policy.
3 Other information
If you have any questions about our use of Other Information you may contact us at any time with your enquiry.
Sharing and Disclosure
On occasion information described in this Privacy & Data Policy may be shared by us.
1 Customer Data
Aylsham Candles may share Customer Data in accordance with our agreement with any customer and the customer’s instructions, and this may be with third party service providers and agents. We may engage third party companies or individuals to process Customer Data on our behalf. We combined with other businesses and partners in conduction or business and delivering goods and services. We may for the purposes of our business and in servicing customers integrate elements into our platforms and customer pages, which may include integrations added by a customer.
We do not assume responsibility for and have no liability in respect of the use of third parties of information which is not gathered directly from us or which is provided by the choice of the customer or other relevant business partner.
2 Other Information
We may share Other Information in the lawful operation of our business, and for purposes of assessment and review of quality control and our performance indicators and in order to resolve any issue or controversy that arises between us and a customer or otherwise in connection with or because of our business. We may use third parties to process and analyze Other Information.
3 Other Disclosure
Below are examples of when we may otherwise disclose Customer Data and Other Information which may occur:
During changes to our business structure. If we engage in a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of our assets, financing, acquisition of all or a portion of our business, a similar transaction or proceeding, or steps in contemplation of such activities (including so-called “due diligence”);
To comply with applicable laws and regulations or to confirm to any code of practice or conduct to which we are subject, including in relation to proper and valid requests for disclosure, other the requirements of a court order or police or other authority’s investigation;
To enforce our rights, prevent fraud and for safety. To protect and defend the rights, property, or safety of us or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud;
In the case of aggregated or de-identified information, then for any purpose. For example, we may share aggregated or de-identified information with our partners or others for bona fide business or research purposes.
General Policies / Further information
1 Security
Aylsham Candles takes security seriously and has appropriate and up to date systems to protect information you provide to us from loss, misuse, and unauthorized access or disclosure. These systems take into account the sensitivity of the information we collect, process and store, and the current state of available technology having regard to the nature, size and scale of our business from time to time. Details of our prevailing security practices may be requested at any time.
2 Under-age
Although sales of candles are not age-restricted in the UK, our policy is not to open on-line accounts for or supply goods and services by way of online sales to persons under the age of 16 or to request or keep any information personal to such persons. In the event that we discover that an account has been opened with us in breach of this policy, we will take appropriate steps, including closing the account with immediate effect.
3 Changes to this Privacy & Data Policy
We may change this Privacy and Data Policy from time to time, and if we do we will post any changes on this page. If you use the Services or deal with us after those changes are in effect, you will be deemed to have agreed to and accepted the revised policy.
4 More questions?
Please also feel free to contact us if you have any questions about our Privacy & Data Policy or our associated practices. You may contact us at aylshamcandles@gmail.com or through our ‘CONTACT’ page.