Privacy Statement – June 2019
Cromwell Business System Ltd is committed to protecting the privacy and security of your personal information. We take care to protect the privacy of our customers and users of our products that communicate online with us, through website and social media platforms.
By browsing or using our website you agree to this policy governing the use of the website. If you do not accept this policy then you must not use our website.
– To keep your data safe and private.
– Not to sell your data.
– To make it easy for you to manage and review your marketing choices at any time.
– To delete your data if it is no longer required.
How we use your information
As necessary, to perform a contract with you we will use the following information from you.
Your name and contact details
– To deliver your orders.
– Send order updates by text, e-mail or by telephone.
– Sending you information by e-mail or post about new products and services – we will only send you this with your consent.
– For fraud prevention.
– For customer service and product support.
– For training purposes.
Your date of birth information
– For Rental and Finance applications and for fraud prevention.
Your payment information
– We do not store credit card details on our servers these are processed directly by the credit card processing company Barclays Merchant Services on their secure Smartpay payment system. Paypal and Amazon Pay will use tokenization, which means that the primary account number is replaced with a series of randomly generated numbers called the token. These tokens can then be passed through the Internet to process the payment without actual bank details being exposed.
Your contact history with us
– For customer service and support.
Purchase history and saved items
– What you’ve bought and what you’ve stored in your basket for another time.
– To remember your wish list.
– To provide customer service, support and to deal with returns.
and to comply with a legal obligations about looking after your data, to prevent and detect fraud against either you or the Cromwell group
Visitors to our website
When someone visits www.cromwells.co.uk, we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
Sharing your information
We will not sell or rent your personal data to a third party – including your name, address, email address.
However, in order to fulfil your order or service we will share it with:
– Payment service providers.
– Delivery companies such as DPD, Arrow XL, APC, Hermes, Star Transport.
– Companies that provide services selected by you such as SKY UK, POP.
– Professional service providers, such as marketing agencies, advertising partners and website hosts who help us run our business.
– Online review platforms such as Reevoo and Trustpilot
– Credit reference agencies, finance companies, law enforcement and fraud prevention agencies.
– Manufacturers when spare parts are sent to you or for warranty purposes.
– Service engineers or technicians repairing products in your home or work premises.
– We may provide third parties with anonymised information and analytics about our customers and, before we do so, we will make sure that it does not identify you.
We also anonymise and aggregate personal information (so that it does not identify you) and use it for purposes including testing our IT systems and improving our website and to develop new products and services. We also share this information with third parties.
We will only send you marketing messages if you consent for us to do so.
You can stop receiving marketing messages from us at any time.
You can do this:
– Through your online account.
– By clicking on the ‘unsubscribe’ link in any email.
– By e-mailing email@example.com or by writing to Cromwell,
Once you do this, we will update your profile to ensure that you don’t receive further marketing messages.
Please note that we will update our systems as quickly as we can but you may still get messages from us while we process your request.
Stopping marketing messages will not stop communications in regards to orders or customer related issues.
We also engage in online advertising, also to keep you aware of what we’re up to and to help you see and find our products.
Like many companies, we target Hughes banners and ads to you when you are on other websites and apps. We do this using a variety of digital marketing networks and ad exchanges, and we use a range of advertising technologies like, pixels, ad tags, cookies, and mobile identifiers, as well as specific services offered by some sites and social networks, such as Facebook’s Custom Audience service.
The banners and ads you see will be based on information we hold about you, or your previous use of Hughes or on Hughes banners or ads you have previously clicked on.
We will keep your information for as long as you have an account, or as long as is needed to be able to provide the services to you, or for as long as is necessary to provide product related services. Unless otherwise required by law, your data will be stored for a period of 7 years after the last contact with you, at which point it will be deleted.
If required to meet legal or regulatory requirements, resolve disputes, prevent fraud, or enforce our terms and conditions.
– The right to be informed about how your personal information is being used.
– The right to access the personal information we hold about you – Access Request Form
– The right to request the correction of inaccurate personal information we hold about you.
– The right to request that we delete your data, or stop processing it or collecting it, in some circumstances.
– The right to stop direct marketing messages and withdraw consent for other consent-based processing at any time.
– The right to request that we transfer or port elements of your data either to you or another service provider.
– The right to complain to your data protection regulator — the Information Commissioner’s Office.
For more information about your privacy rights
The Information Commissioner’s Office (ICO) regulates data protection and privacy matters in the UK. They make a lot of information accessible to consumers on their website and they ensure that the registered details of all data controllers such as ourselves are available publicly. You can access them here https://ico.org.uk/for-the-public.
You can make a complaint to the ICO at any time about the way we use your information. However, we hope that you would consider raising any issue or complaint you have with us first. Your satisfaction is extremely important to us, and we will always do our very best to solve any problems you may have.
How long we retain your data
We retain a record of your personal information in order to provide you with a high quality and consistent service. We will always retain your information in accordance with the General Data Protection Regulation (GDPR) and never retain your information for longer than is necessary. Unless otherwise required by law, your data will be stored for a period of 7 years after our last contact with you, at which point it will be deleted.
Transfer of personal data outside the EEA
Although we are based in England, we may transfer your personal information to a location (for example, to a secure server) outside the European Economic Area, if we consider it necessary or desirable for the purposes set out in this notice.
In such cases, to safeguard your privacy rights, transfers will be made to recipients to which a European Commission “adequacy decision” applies (this is a decision from the European Commission confirming that adequate safeguards are in place in that location for the protection of personal data), or will be carried out under standard contractual clauses that have been approved by the European Commission as providing appropriate safeguards for international personal data transfers, or by the adoption of EU-US Privacy Shield.
Changes to our privacy statement
If significant changes are made to this statement than we will make that clear on our websites or by e-mailing you so that you are able to review the changes before you continue to receive marketing messages from us.
How to contact us
If you want to exercise your rights, make a complaint, or just have questions regarding the privacy statement then please contact us by e-mailing firstname.lastname@example.org or by writing to us at:
Cromwell Business Systems Ltd
King’s View House, 3 Bartholemew’s Walk
Cambridgeshire Business Park,
Ely, Cambs, CB7 4EA
You also have the right to complain to the Information Commissioner’s Office. Find out on their website how to report a concern https://ico.org.uk/your-data-matters/
Version 2 05.06.19