Outlining the Basics
What personal data we collect?
Santa Sacks Co collects your provided personal data, or personal information, which means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We collect an array of information about our customers of the Santa Sacks Co website. This personal data falls into these categories:
Identity Data includes title, first name, last name, username or similar identifier. If you interact with us through social media, this may include your social media user name.
Contact Data includes billing address, delivery address, email address and telephone numbers.
Financial Data includes payment card details and transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
Profile Data includes your purchases or orders made by you, preferences, feedback and survey responses (if relevant), as well as any profile data which we have added (for example, using analytics and profiling).
Technical Data includes internet protocol (IP) address, your login data (if relevant), browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Usage Data includes information about how you use our website, products and services.
Tracking Data includes information we or others collect about you from cookies and similar tracking technologies, such as web beacons, pixels, and mobile identifiers.
Marketing and Communications Data includes your preferences in receiving direct marketing from us and our third parties and your communication preferences.
How is your data collected?
Your data is collected through multiple means. The majority being via direct contact with our staff. This can mean via verbal communication over the phone or via email with our Sales Team or Administrative Staff.
We use MailChimp, (an online marketing automation platform operated by the Rocket Science Group LLC) to reach you through our subscribed emails. These addresses are stored in ‘lists’ on Mail Chimp servers and have been updated to only those who have ‘Opted In’ before 25th May 2018 and are now are exclusively in our GDPR Lists.
Tracking Data, and in particular cookies, help us to deliver website and social advertising that we believe is most relevant to you and to potential new customers of Santa Sacks Co. The cookies used for this purpose are often placed on our website by specialist organisations.
Almost all the cookies that relate to advertising are part of third party online advertising networks. We do not control cookies which are set by advertising networks.
Storing of Data
We may share personal data with the following categories third parties:
- Suppliers and service providers, such as technology or print service providers, payment processing and fraud prevention providers, manufacturers and post and courier services.
- YPP Group companies
- Auditors and professional advisers such as bankers, accountants and insurers; and potentially the UK Government, regulators and or local law enforcement.
Retention of Data
We will only keep your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. This can also be affected by the complexity of your order; this can be affected by address, number of items ordered, artwork charge, design and materials included.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they stop being customers for tax purposes.
General Data Protection Regulation
If the General Data Protection Regulation applies to you because you are in the European Union, you have rights under data protection laws in relation to your personal data:
- The right of access – that’s a right to make what’s known as a ‘data subject access request’ for copy of the personal data we hold about you;
- The right to rectification – that’s a right to make us correct personal data about you that may be incomplete or inaccurate;
- The right to erasure – that’s also known as the ‘right to be forgotten’ where in certain circumstances you can ask us to delete the personal data we have about you (unless there’s an overriding legal reason we need to keep it);
- The right to restrict processing – that’s a right for you in certain circumstances to ask us to suspend processing personal data;
- The right to data portability – that’s a right for you to ask us for a copy of your personal data in a common format (for example, a .csv file);
- The right to object – that’s a right for you to object to us processing your personal data (for example, if you object to us processing your data for direct marketing); and
- Rights in relation to automated decision making and profiling – that’s a right you have for us to be transparent about any profiling we do, or any automated decision making.
General Data Protection Regulation
© Santa Sacks Co 2018