Stampback Limited ("We") are committed to protecting and respecting your privacy.
For the purpose of the General Data Protection Regulation and other relevant data protection legislation in the UK, the data controller is Stampback Limited of The Long Lodge, 265-269 Kingston Road, London, SW19 3FW.
1. Information we collect
We may collect and process the following data about you:
· Information that you submit to us on our Website https://www.stampback.com (our "Website") or by corresponding with us by telephone, e-mail or otherwise. It includes information you provide when you register to use our Website, search for a product, place an order on our Website, enter any competition, promotion or survey, and when you report a problem with our Website. The information you give us may include your name, address, e-mail address, telephone number, financial, credit/debit card and other billing information, records of correspondence and any other personal information you provide.
· Information that we automatically collect about you when you visit our Website, including:
· technical information, which may include the Internet protocol ("IP") address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
· information about your visit, which may include the full Uniform Resource Locators ("URL"), clickstream to, through and from our Website (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number.
· Information we receive from other sources if you use any of the other websites we operate or the other services we provide.
· Information we receive from third parties we work with, including business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers.
3. How we use your personal data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
· Where we need to perform the contract we are about to enter into or have entered into with you.
· Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
· Where we need to comply with a legal or regulatory obligation.
Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.
4. Purposes for which we will use your personal data
More specifically, we may use information held about you in the following ways:
· Information you have submitted to us will be used:
· to carry out our obligations arising from any contracts entered into between you and us;
· to provide you with information about other goods and services we offer that are similar to those that you have already enquired about;
· to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you. If you are an existing customer, we will only contact you by electronic means (e-mail) with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your data (the order form or registration form);
· to notify you about changes to our service;
· to ensure that content from our Website is presented in the most effective manner for you and for your computer.
· Information collected from you will be used:
· to administer our Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
· to improve our Website to ensure that content is presented in the most effective manner for you and for your computer;
· to allow you to participate in interactive features of our service, when you choose to do so;
· as part of our efforts to keep our Website safe and secure;
· to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
· to make suggestions and recommendations to you and other users of our Website about goods or services that may interest you or them.
· Information we receive from other sources will be combined with information you give to us and information we collect about you. We will use this information and the combined information for the purposes set out above (depending on the types of information we receive).
5. Disclosure of your information
You agree that we have the right to share your personal information with selected third parties including:
· business partners, suppliers and sub-contractors for the performance of any contract we enter into with you;
· advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users; and
· analytics and search engine providers that assist us in the improvement and optimisation of our Website.
We will disclose your personal information to third parties:
· In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.
· If Stampback Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
6. Data retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
7. Data security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
8. Your rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data:
· Request access to your personal data.
· Request correction of your personal data.
· Request erasure of your personal data.
· Object to processing of your personal data.
· Request restriction of processing your personal data.
· Request transfer of your personal data.
· Right to withdraw consent.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You can exercise the above rights at any time by contacting us The Long Lodge, 265-269 Kingston Road, London, SW19 3FW or emailing us at firstname.lastname@example.org.
Our Website may, from time to time, contain links to and from other Website. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.