Version 1.0: This policy was last updated on 21st May 2018 in line with GDPR requirements.
If ever updated, we’ll put the new version here on our website.
1. General information
Lindean Mill Glass Limited (“we”, “us”, “our” in this policy) take the security and privacy of your data seriously. This privacy and data policy explains how we collect, store and use your personal data when you browse our website, order or purchase from us, email us, write to us or otherwise provide your personal data to us.
2. What information do we collect?
Your personal data
By ‘personal data’, we mean any information that you provide to us, or that is given to us on your behalf (such as by a friend or relative ordering something for you) that might identify or be related to you or another person.
Your personal data may also be contained in information that we collect about you in connection with your use of the website and/or any means you or we use to contact one another. We endeavour to protect your personal data from misuse and to comply with our obligations under the General Data Protection Regulation and any other applicable data protection legislation.
Information you provide – Your personal data includes the information you provide, or that you authorise someone else to provide, when you purchase from us, or sign up to receive our emails, or sign our visitors book, or when you answer questionnaires, surveys, enter competitions or otherwise provide us with information.
Examples of this personal data include your name, your email address, your postal address and any correspondence when you contact us. It could also include your bank account details or (momentarily, for the purposes of completing a transaction) card details if you purchase from us and do not pay cash.
We do not collect or process special categories of personal data, as defined under GDPR. Also, we do not knowingly collect or solicit any personal data from anyone under the age of sixteen. In the event that we learn that we have collected personal data from a child under the age of sixteen without verification of parental consent, we will delete that information as quickly as possible.
Information we collect – We collect information about your website usage, to improve our service and to understand trends in order to enhance and customise the content of our site, and perhaps our own marketing materials. Some of this data may be “personal data”, where it identifies a person. Here’s the information that we collect and how we use it:
- We monitor patterns of usage so we can understand how people are using our website.
- We also monitor patterns of usage so that we can tailor any communications (including newsletters or marketing materials relating to us) that we may send you.
- For security reasons and to assist in monitoring patterns of usage, we log your IP address when you use the website. This is your computer’s individual identification number that is assigned to your computer when connected to the Internet.
3. What do we use your data for?
To provide you with our products – We use your personal data to enable us to take payment from you in exchange for our goods and to be able to contact you to provide support or advice relating to our products.
To improve our website and marketing materials – We use and analyse your personal data to help us administer, support, improve and develop our business, customer service, website and marketing materials. We may use third parties to assist us in doing these things from time to time, and in those cases may pass on your personal to them. We will only share your data with third parties that we trust, and where there are assurances in place as to how they will protect the data.
To contact you for marketing purposes – We may use your personal data to contact you by email, fax, post, SMS, social media and/or telephone to let you know about our products, product ranges, events, exhibitions, content, offers or our various activities which may be of interest to you. We will only use your data in this way where you have provided consent, we have legitimate business reasons for doing so, or where we are otherwise entitled by law to do so. If you would like us to stop providing you with such notifications, please contact us and let us know.
Legal requirements – We may use your personal data to comply with any legal obligations to which we are subject. In particular, we are obliged to store transaction and sales data (though not debit or credit card details, which we never store) for accounting purposes.
We shall periodically check that the personal data we store for you is accurate. If you would like to update the personal data we hold about you, please contact us.
4. Why do we use your personal data?
We collect and use your personal data for a variety of reasons. For example, we may need some data to enter into and perform our contract with you when you purchase from us, or when you contact us with an enquiry and want us to get back to you.
Other information we collect because we have legitimate business interests, such as to:
- ensure we have your contact details to hand within our customer database
- to gain insights into how our customers buy or products or use our website
- understand and respond to customer feedback, etc.
In some circumstances we may process your personal data because it is required for compliance with a legal or regulatory obligation.
5. Who do we share your information with?
We may share your personal data with third parties in certain circumstances, such as:
- designers and printers (‘data processors’ within the terms of the GDPR) who are involved in sending out physical mailshots such as invitations to our Annual Sale, or exhibitions
- data processors with whom we work on making improvements to our website and/or mailing list(s)
- our accountant(s)
We may also share your personal and financial data with third parties:
- in the event that our business is acquired by a third party (in which case personal information about customers will be one of the transferred assets)
- if we are legally obliged to disclose or share your personal data
As indicated above, we utilise a number of carefully selected third parties to help provide our services to you. Examples of these functions include email, providing marketing assistance and data analysis, data management and handling credit card transactions.
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”).
6. How long do we store your data for?
We only store your credit or debit card data for as long as necessary for the purposes of carrying out a transaction. We do not keep your credit or debit card data on file.
We hold your contact details, for the purpose of mailing you our newsletters, until such time as you inform us that you no longer wish to receive such communications from us. If you would like to unsubscribe, please contact us.
To ensure the integrity of our systems and your data, we utilise various technologies to continually take secure backups. Data (though never credit or debit card details, unless you inadvertently send us these via email, which you should never do) remains archived within these backups until such time as they are deleted (generally after one year at most).
7. You can request a copy of your data at any time
You may ask us for a copy of any personal data of yours that we hold (see Section 10: What are your rights? below).
8. You can request deletion of your data at any time
You have the option to request the deletion of any data we hold on you at any time. After receiving your request, we may not immediately delete residual copies from our active servers and may not remove information from our backup systems. Generally, we will retain your personal data for a reasonable period, or for as long as the law requires.
We will retain historical details about your payments to Lindean Mill Glass Ltd for accounting purposes, as we need to do so by law.
9. We don’t store your credit or debit card details
When you purchase from us via the online shop on our website, you need to provide payment details. This information is passed directly to our payment service provider (PayPal – https://www.paypal.com/uk/webapps/mpp/home) over an encrypted link and is never stored on our systems.
When we take card payments over the phone, at our studio or at other venues, we use WorldPay (https://www.worldpay.com/uk) to process the transactions. We do not hold your credit or debit card details in any form for longer than the purposes of the transaction. We do store transaction details and your personal details for the purpose of being able to contact you and for accounting purposes, but we never store your card details.
10. What are your rights?
- The right to access your personal data: You can ask us to confirm whether or not we hold any of your personal data and you may request a copy of any of your personal data that we hold. Please do so by contacting us.
- The right to change or withdraw your consent: Where you have given us consent to make use of your personal data for any of the purposes outlined in this policy, you may withdraw that consent by contacting us.
- The right to rectification: Please contact us to update out-of-date or inaccurate information we hold about you.
- The right to erasure: In certain circumstances you may ask us to erase your Personal Data. If you would like us to erase the personal data we hold about you, please contact us, specifying why you would like us to do so. Please note that by law we are required to hold some data for accounting purposes if you have ever purchased from us.
- The right to data portability: In certain circumstances you may ask us to provide you with the personal data that we hold about you in a structured, commonly used, machine readable form, or ask for us to send such personal data to another data controller.
- The right to object: In certain circumstances you may object to our processing of your personal data. Please let us know if you wish to do so.
- The right to restrict processing: You can ask us to restrict the processing of personal data we hold about you in certain circumstances. Again, please let us know, should you ever wish to do this.
- The right to make a complaint: You may make a complaint about our data processing activities to the UK supervisory authority – the Information Commissioner’s Office (ICO). Further details can be found on their website at https://ico.org.uk.
If you want to manage or disable cookies for our site (or any site), you can do so by changing your browser settings. Please consult the Help section of your browser or go to the About Cookies website for further information on relevant settings to use for all modern browsers.
12. Security and data storage
We take security and privacy seriously. We will endeavour to take all reasonable steps to keep your personal data secure once it has been transferred to our systems.
In particular, our site uses SSL technology to encrypt your payment data when carrying out purchases through our site via PayPal.
Please note, however, that the internet is not a secure medium and although we do our best to protect your data, we cannot guarantee the security of any data transmitted to us. Any transmission is at your own risk.
You should never, under any circumstances, enclose sensitive data (such as credit or debit card details) in an email. Email is inherently insecure. If you do not wish to place an order by using the add-to-cart buttons, shopping cart and PayPal, please order over the phone rather than by email.
You can call us on:
+44 1750 20173
13. Changes to this privacy and data policy
We may make changes to this privacy and data policy, so please review this page from time to time. When we alter the policy in a significant way we will update the ‘last updated’ section towards the top of this page.
14. Getting in touch
If you have any queries relating to this privacy and data policy or our use of your personal data, please contact us online or by writing to us at:
Lindean Mill Glass Ltd
GALASHIELS TD1 3PE