If you believe that any information we are holding on you is incorrect or incomplete, please write to us at the address shown at the bottom of this policy or send an email to email@example.com as soon as possible. We will promptly correct any information found to be incorrect.
The Curved Door Store Ltd (www.curveddoorstore.co.uk) may change this policy at any time by updating this page. You should check this from time-to-time to ensure that you are happy with any changes. This policy is effective from 1 January 2016.
Information Collected (PLEASE SEE GDPR DETAILS BELOW, WHICH COMPLIMENTS THIS INFORMATION)
Privacy Statement – What we do with your Information!
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Email marketing (if applicable): With your permission, we may send you E-Mails about our store, new products and other updates.
We may collect the following information:
- Login Details to our website, e.g. email address, password, company name (where relevant)
- Your contact information, including email address, billing address, delivery address, name and telephone/mobile number
- Demographic information such as postcode, preferences and interests
- Other information relevant to customer surveys and/or offers
By using our website you consent to us collecting and using this information.
How is Information Used? (PLEASE NB: GDPR DETAILS BELOW, WHICH COMPLIMENTS THIS INFORMATION)
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
- To send you an order confirmation
- To process your order and co-ordinate delivery
- To arrange to send you any products or materials ordered
- To contact you should there be any problems or queries with your order
- Internal record keeping
- We may use the information to improve our products and services
- We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided
- From time-to-time, we may also use your information to contact you for market research purposes. We may contact you by email, telephone, fax or mail. We may use the information to customise the website according to your interests
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online and we never sell any information to third parties. We will only provide information to a third party, who will also keep your details secure, when it is necessary for processing your order and facilitating delivery.
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by contacting us at firstname.lastname@example.org or mailing us at: Curved Door Store Ltd Block 3 Methley Rd. Ind. Est. 16 Methley Road Castleford West Yorkshire WF10 1LX United Kingdom
Data Protection Act
The UK Data Protection Act 1998 requires us to follow strict security procedures in the storage and disclosure of the information which you have given us. If you would like to learn more about Data Protection then please contact the government for more information, their link is: https://ico.org.uk/
Curved Door Store will never disclose information about you to third parties, except to fulfil your specific orders, we use third party companies, e.g. carrier companies for deliveries. These companies do not retain, share, store or use personally identifiable information for any secondary purposes.
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
Curved Door Store will never sell or rent your details to other third parties.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
Card transactions are processed using a secure gateway. Our website theme is supported by Shopify and Shopify provides us with a SSL certificate namely Shopify Secure with a lock symbol as denoted by the security badge on our website. Your payments are therefore protected.
Shopify - Payments
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service or their Privacy Statement.
Your privacy is extremely important to us at the Curved Door Store Ltd. If you have any queries about the privacy statement, the practices of this site or your dealings with us, please contact us and let us know.
A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customers’ needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
What are Cookies?
For almost any modern website to work properly, it needs to collect certain basic information on its users. To do this, this website will create files known as cookies, which are small text files, on its users’ computers or devices.
Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. For instance, cookies are used to remember your preferences on our website, to remember your user ID (if you have signed up) so you do not have to re-enter all your details each time you visit and to help you navigate between pages more efficiently.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
However, protecting our clients is part of our business as an online retailer and protecting your information is no exception.
This means that any cookies used on our website will not contain personally identifiable information about you.
Furthermore, we do not have access to your personal information outside the information you have provided with your consent to set up your user account.
Cookies likely to be deemed essential are those used for the shopping basket and checkout, those that provide security for online banking services and those that help ensure that your page loads quickly by distributing the workload.
Session cookies that are deleted after each visit.
Persistent cookies that remain in place across multiple visits to our website.
We do not use third party cookies that are used by other companies.
Accepting or Blocking Cookies
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
- _session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
- _shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
- _shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
- cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
- _secure_session_id, unique token, sessional
- storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
You can block any cookies from any website through your browser settings. For more information about how to disable cookies in your browser please visit the ‘about cookies website’, (www.allaboutcookies.org/index.html). (For example, in Internet Explorer you can refuse all cookies by clicking ‘tools’, ‘internet options’, ‘privacy’ and selecting ‘block all cookies’, using the sliding selector.
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United Kingdom, then your personal information used in completing that transaction may be subject to disclosure under United Kingdom legislation.
Security - Shopify
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
Age of Consent
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
Personal Information (PLEASE ALSO NB GDPR INFO BELOW, WHICH COMPLIMENTS THIS DATA)
You may choose to restrict the collection or use of your personal information in the following ways:
- If you do not wish to receive direct marketing or promotional material from us please write to us at the address at the bottom of this policy or email us at email@example.com
- If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to us at the address at the bottom of this policy or emailing us at firstname.lastname@example.org
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen.
You may request details of personal information which we hold about you under the Data Protection Act 1998. If you would like a copy of the information held on you please write to CurvedDoorStore.co.uk at the address below.
The CurvedDoorStore.co.uk is Registered as Curved Door Store in England and Wales; Registration no. is: 09913366
Office Address: Block 3 Methley Rd. Ind. Est. 16 Methley Road Castleford West Yorkshire WF10 1LX
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
Is Shopify PCI compliant?
Yes, Shopify is certified Level 1 PCI DSS compliant. This compliance extends to all online stores powered by Shopify.
The following is an extract from Shopify:
'We are very serious about securely hosting your online store and have invested significant time and money to certify our solution is PCI compliant. From annual on-site assessments validating compliance to continuous risk management, we work really hard to ensure our shopping cart software and ecommerce hosting is secure.
Shopify is certified PCI compliant and can be found on Visa's and MasterCard's lists.
For additional information on PCI Compliance, visit the PCI Compliance Guide website.
Questions and Contact Information
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at email@example.com or by mail at Curved Door Store Ltd at the address below:
Paul Dixon Block 3 Methley Rd. Ind. Est. 16 Methley Road Castleford W Yorkshire WK10 1LX United Kingdom
Tel: 01977 277 280
GUIDELINE DATA PROTECTION REGULATION 25/05/2018 UP-DATE SUPERSEDES ALL RELEVANT DATA
Paul Dixon is The Data Protection Compliance Manager/The Owner
An identifiable person is one who can be identified directly or indirectly in particular by reference to an identifier such as a name, id no, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social id of that person.
GDPR 2018 regulations require the company (Curved Door Store Ltd) to describe how personal information on its customers’ and employees are held and used. GDPR is designed to safeguard the use of personal information for the company’s legitimate purposes.
In terms of personal information kept for employees of the company, this is held confidentially and for emergency use only i.e. if employee is taken ill etc. Unless in an emergency situation (i.e. taken ill and name and dob given to ambulance services) personal data held will not be shared without consent. Employees have a right to request to see their data, which is held by the company, usually a formal request in writing is made.
Data is held for up to 2 years from the date they leave and then this is deleted and/or destroyed using a cross cutter shredder. However, the ex-employee has a right to ask for their information to be destroyed before this time.
Employees’ may be asked to take part in a photo shoot for the company’s website but this is not mandatory, relevant consent will be obtained.
Customer’s personal data held is in relation to orders only. This will include name and billing address and/or delivery address, a contact telephone or mobile no. and/or contact E-Mail address. This information is for orders only and relevant contact details given to the carrier for delivery purposes only. We keep invoices up to 6 years for accounting purposes but the data, after an order has been completed, is not used, unless a refund is required or used for guarantee purposes or indeed any complaints. (After 6 years, the paper data held will be cross cut shredded). We will delete any computer invoices, order acknowledgements, quotes or Proformas. These will hold name and billing address and/or delivery address, E-Mail and/or contact telephone/mobile phone number.
We deal with subject access requests promptly and within 1 calendar month; no charge is levied for this information. As far as we can tell, we never intentionally hold Children’s details. We delete data after 12 months, which is on a password-protected computer. We do not hold customers’ bank details. Following a suspected data breach, we would notify the Police of a crime, obtain a crime number. All relevant customers’ will be contacted to inform them what information was taken. A review would be carried out to see what we could put in place to protect data in the future.
To protect our business and your account from fraud and other illegal activities. We may also monitor your browsing activity with us to quickly identify and resolve any problems and protect the integrity of our websites. We will do all of this as part of our legitimate interest.
To process payments and to prevent fraudulent transactions. We do this because of our legitimate business interests. This also helps to protect our customers from fraud.
With your consent, we may use your personal data, preferences and details of your transactions to keep you informed by email, web, telephone about relevant products and services including tailored special offers, discounts, promotions, events, competitions and so on.
We comply with the GDPR and the rights for individuals:
- We will keep individuals informed in respect to their orders
- We deal with subject access requests promptly
- Each individual has the right to rectify any incorrect data
- Each person has the right to ask for their data to be removed from marketing campaigns
- All individuals have the right to restrict processing of data, particularly that of any marketing campaigns
- All relevant data is shared with carriers for completion of orders. Otherwise, data is not sold on to third parties
- Individuals have the right to object to the way there data is held and/or used
- Each person will have full control over what data they supply and how it is handled, in particular for marketing purposes
Suppliers & Customers - Summary
General Data Protection Regulations (GDPR)
Both of my companies (William Dixon Ltd) hold our customers’ data to fulfill our contractual obligations. We do not use your details for marketing purposes nor do we sell them on to third parties. Please find detailed below what data we hold on our individual customers and suppliers.
- Full business name, registered and business addresses (if different)
- Billing, delivery and site address (where applicable)
- Sales and Accounts contact name and e-mail address(es)
- Job titles (where available)
- Company telephone numbers (where applicable, including mobile numbers), Fax numbers
- Suppliers bank details may also be held for payment purposes
This information will be used and maintained by me and my employees, who are data processors under the new regulations. You have the right to request details of any information we hold on you or your business. To do this, simply e-mail firstname.lastname@example.org using the heading ‘data request’.
Data is securely held on computer. For accounts purposes, invoices are kept in paper format for up to 6 years, whereby this will be disposed of by cross-cutter shredder.
We trust that this information is satisfactory and clearly outlines our intentions, which is strictly for a legitimate interest.
We will treat your data with the utmost care and do everything we can to protect it.