Little Green Radicals Privacy Notice
*This privacy policy was last updated on 11 June 2018
Little Green Radicals is a company registered company in England and Wales with company number 4273928 and VAT Number 788 3848 56. Our Head Office is Unit 17, 49 Effra Rd, Brixton, London SW2 1BZ. If you have any questions about our Privacy Notice, or if you would like to contact us for any other reason you can get in touch:
- by post
- phone +44 (0)207 733 5027
- email customerservice@littlegreenradicals.co.uk
This policy shows what personal data we collect form you, or that is provided to us by you, or that we obtain from other sources and how it will be processed by us when you use:
- our website www.littlegreenradicals.co.uk
- receive emails from us
- purchase products from us
What data do we collect and why
1.1 To enter contracts with you: Where you place an order with us, we will process your personal data so that we can deliver these goods to you. Our use of personal data in this way includes sharing your personal data with our payment system provider, with our warehouse and with delivery companies. Sometimes, we’ll need to share your details with a third party who is providing a service (such as delivery couriers). We do so to fulfil our contractual commitments to you in connection with sales and returns. Without sharing your personal data, we’d be unable to fulfil your request.
The companies we use for these services are:
- Sage Pay and Paypal (all credit card details are encrypted)
- Warehouse
- Delivery Companies
1.2 To respond to your queries, refund requests and complaints: Handling the information you have sent us enables us to respond to you. We will also keep a record of this information to inform any future communication with us and to demonstrate how we communicated with you.
The legal basis on which we do this are our contractual obligations to you, our legal obligations and our legitimate interests in providing you with the best service, and understanding how we can improve our service and products based on your experience.
1.3 To protect our business and your account from fraud and other illegal activities: This includes using your personal data to maintain, update and safeguard your account.
For example, by checking your delivery addresses to identify potentially fraudulent transactions by third parties (eg if someone were to use your bank card).
1.4 To process payments and to prevent fraudulent transactions.
1.5 To contact you via email, phone or post in relation to your order, for example to advise when an order is shipped or to send a copy of your invoice.
1.6 To send you communications required by law or which are necessary to inform you about our changes to the services we provide you. For example, updates to this Privacy Notice, product recall notices, and legally required information relating to your orders. These service messages will not include any promotional content and do not require prior consent when sent by email or text message.
If we did not use your personal data for these purposes, we would be unable to comply with our legal obligations.
If we did not use your personal data for these purposes, we would be unable to comply with our legal obligations.
1.7 To administer any of our prize draws or competitions which you enter, based on your consent given at the time of entering.
1.8 To provide products to others: Where you have provided personal data about another person (for example, where you order goods as a gift to be delivered to someone else), we need to process such personal data in order to provide these products to the other person or people. This will include sharing their personal data with delivery companies and other potential subcontractors. We need to process their personal data in this way to be able to provide them with the goods you have ordered for them from us.
The legal basis on which we process their personal data in these circumstances is our legitimate interest to provide the person you have identified and requested with the products you have ordered.
1.9 We will also process personal data for the purposes of making our website more secure, and to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
The legal basis on which we process personal data in these circumstances is our legitimate interest to provide you with the best customer experience we can, and to ensure that our website is kept secure.
1.10 If our business is sold: We will transfer your personal data to a third party:
1.2 in the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets (at all times in accordance with all applicable data protection laws)
Categories of Information we will collect from you
2.1 We will collect and process the following personal data about you.
2.2 Information you give us: This is information about you that you give us when filling in forms on our website, making a purchase from our website or by corresponding with us by phone, e-mail or otherwise. It includes information provided when you register to use our website, place an order, enter a competition, participate in social media functions for example Facebook Live Chat or conduct a survey and when you report a problem with our website. The information you give us may include names, addresses, financial information, email addresses and phone numbers.
2.3 Information we collect about you: With regard to each of your visits to our website we will automatically collect the following information:
2.3.1 technical information, including the Internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, screen resolution, operating system and platform; and
2.3.2 information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our website (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the page.
2.3.1 technical information, including the Internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, screen resolution, operating system and platform; and
2.3.2 information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our website (including date and time), page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the page.
2.4 Information we receive from other sources: We may receive information about you when you use our site. We are also working closely with third parties (including, for example business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, hosting providers and search information providers) from whom we may also receive information about you.
2.5 We do not process any special categories of personal data, meaning personal data revealing:
2.5.1 racial or ethnic origin;
2.5.2 political opinions; religious or philosophical beliefs or trade union membership;
2.5.3 genetic or biometric data that uniquely identifies you; or
2.5.4 data concerning your health, sex life or sexual orientation.
2.6 We do not collect data relating to criminal convictions or offences or related security measures.
2.5.1 racial or ethnic origin;
2.5.2 political opinions; religious or philosophical beliefs or trade union membership;
2.5.3 genetic or biometric data that uniquely identifies you; or
2.5.4 data concerning your health, sex life or sexual orientation.
2.6 We do not collect data relating to criminal convictions or offences or related security measures.
Where we store personal data
6.1 Some of our suppliers are based outside the EEA.
6.2 Whenever we transfer personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
6.2.1 We will only transfer personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
6.2.2 Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
6.2.3 Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.
6.3 If further information on the specific mechanism used by us when transferring your personal data out of the EEA is required, please contact us directly (please see section 12).
Learn more on the European Commission Justice website: https://ec.europa.eu/info/law/law-topic/data-protection_en.
All information you provide to us is stored on secure servers. Any payment transactions will be encrypted using PCI compliant technology.
We have implemented measures designed to secure your personal information from accidental loss and from unauthorised access, use, alteration and disclosure. Any payment transactions will be encrypted using PCI compliant technology. Although we will do our best to protect your person data, we cannot guarantee the security of data transmitted via the internet. Any transmission is at your own risk.
6.2 Whenever we transfer personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
6.2.1 We will only transfer personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
6.2.2 Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
6.2.3 Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.
6.3 If further information on the specific mechanism used by us when transferring your personal data out of the EEA is required, please contact us directly (please see section 12).
Learn more on the European Commission Justice website: https://ec.europa.eu/info/law/law-topic/data-protection_en.
All information you provide to us is stored on secure servers. Any payment transactions will be encrypted using PCI compliant technology.
We have implemented measures designed to secure your personal information from accidental loss and from unauthorised access, use, alteration and disclosure. Any payment transactions will be encrypted using PCI compliant technology. Although we will do our best to protect your person data, we cannot guarantee the security of data transmitted via the internet. Any transmission is at your own risk.
Categories of Recipients of Personal Data
3.1 The details in our Privacy Policy relating to third parties are for your information only. We are not responsible for the privacy policies or practices of third party recipients of your personal data. Where third parties are recipients of your personal data from us, please read any information those third parties provide you.
3.2 Your personal data may be shared by us with categories of recipients that include:
3.2.2 Business partners, suppliers and sub-contractors for the performance of any contract we enter into with you.
3.2.3 Analytics and search engine providers that assist us in the improvement and optimisation of our website.
3.2.4 In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
3.2.4 In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
3.2.6 If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions and other agreements; or to protect the rights, property, or safety of our company, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Period of Storage
7.1 Where you order goods and/or services from us, we will retain your data for a period of six (6) years after the goods were delivered and/or the services performed, to ensure that we are able to assist you should you have any questions or feedback in relation to our goods and/or services or to protect, or defend our legal rights.
7.2 Where we have processed your personal data to provide you with marketing communications with consent if you tell us that you no longer wish to receive such communications, your personal data will be removed from our lists.
7.3 Where we have processed your data for any other reason (such as where you have contacted us with a question in connection with our goods and/or services), subject to section 7.1, we will retain your data for twelve (12) months.
Your Rights to Data
To find out about your rights please visit the Information Commissioner’s Office
https://ico.org.uk/
https://ico.org.uk/
