privacy policy

SECURITY, PRIVACY AND COOKIE POLICY

OVERVIEW

We collect personal information from you when you shop online at www.kettlewellcolours.co.uk or if you place an order with us over the telephone. Maintaining the security of your data is a priority at Kettlewell Colours, and we are committed to respecting your privacy rights. We pledge to handle your data fairly and legally at all times. Kettlewell Colours is also dedicated to being transparent about what data we collect about you and how we use it. By shopping with us, you are agreeing to our Privacy Policy. We are registered under the Data Protection Act as Kettlewell Colours Ltd. We will only use the information that we collect about you lawfully in accordance with the Data Protection Act 2018 and the General Data Protection Regulation 2018.

This policy, which applies whether you shop with us online or over the telephone, provides you with information about:

  • how we use your personal information;
  • what personal information we collect;
  • how we ensure your privacy is maintained; and
  • your legal rights relating to your personal information.

HOW WE USE YOUR PERSONAL INFORMATION

Kettlewell Colours (and trusted partners acting on our behalf) uses your personal information:

  • to provide goods and services to you;
  • to make a tailored website available to you;
  • to manage any registered account(s) that you hold with us;
  • to verify your identity;
  • for crime and fraud prevention, detection and related purposes;
  • to contact you about promotional offers and products and services which we think may interest you;
  • to enable Kettlewell Colours to manage customer service interactions with you; and
  • where we have a legal right or duty to use or disclose your information (for example in relation to an investigation by a public authority or in a legal dispute).

Marketing

Kettlewell Colours uses your personal information for electronic marketing purposes and may send you postal mail to send you our catalogues or special offers.

Kettlewell Colours aims to update you about products & services which are of interest and relevance to you as an individual.

You have the right to opt out of receiving promotional communications at any time, by:

  1. through the settings in 'My Account' on the website
  2. making use of the simple “unsubscribe” link in emails; and/or
  3. contacting Kettlewell Colours via the contact channels set out in this Policy.

Please note that it takes 5 working days for you to stop receiving our emails, three months to stop receiving Kettlewell Colours catalogues and up to three months to stop receiving third party mailings from the date you unsubscribe.

You can also subscribe to the Direct Marketing Association’s (DMA) Mailing Preference Service to stop receiving any future unsolicited direct mail entirely. This can be done at www.mpsonline.org.uk/mpsr/

We may analyse your browsing and purchasing activity online, and your responses to marketing communications. The results of this analysis, together with other demographic data, allows us to ensure that we contact you with information on products and offers that are relevant to you. To do so, we use software and other technology (automated processing).

Sharing data with third parties

a. Our service providers and suppliers

In order to make certain services available to you, we may need to share your personal information with some of our service partners. These include IT, delivery and marketing service providers.

Kettlewell Colours only allows its service providers to handle your personal data when we have confirmed that they apply appropriate data protection and security controls. We also impose contractual obligations on service providers relating to data protection and security, which mean they can only use your data to provide services to Kettlewell Colours and to you, and for no other purposes.

b. Other third parties

Aside from our service providers, Kettlewell Colours will not disclose your personal information to any third party, except as set out below. We will never sell or rent our customer information to other organisations for marketing purposes. We will never pass your email address or telephone number on to a third-party for marketing purposes.

We may share your personal information with:

- similar companies to Kettlewell Colours whose products we think will be of interest to you. We send a single catalogue to their customers and in return they can send a single catalogue to our customers. Your details will not be added to their mailing list unless you request it;

- Marketing Services Providers - We will share your data with the Marketing Services Providers listed below, who will use it to help direct marketing organisations such as ourselves better understand the likely characteristics of their customers, communicate with them more effectively, and also identify prospective customers. This should mean that you receive direct marketing that is more relevant to you. To understand more please click through to the websites of the companies below:

To understand more please click through to the websites of the companies below:

  • Epsilon Abacus - Privacy Policy
    We work with Epsilon Abacus (registered as Epsilon International UK Ltd), a company that manages the Abacus Alliance on behalf of UK retailers and charities. The participating retailers are active in the clothing, collectables, food & wine, gardening, gadgets & entertainment, health & beauty, household goods, home interiors and travel categories.
  • Experian - Privacy Policy
  • Conexance - Privacy Policy
  • I-Behaviour - Privacy Policy

- credit reference agencies where necessary for card payments;

- governmental bodies, regulators, law enforcement agencies, courts/tribunals and insurers where we are required to do so: -

  • to comply with our legal obligations;
  • to exercise our legal rights (for example in court cases);
  • for the prevention, detection, investigation of crime or prosecution of offenders;
  • for the protection of our employees and customers;

Data co-operatives including Epsilon Abacus (registered Epsilon International UK Ltd) , Experian, Sub2 and I-behaviour. Epsilon Abacus manages the Abacus Alliance on behalf of UK retailers. The participating retailers are active in the clothing, collectables, food & wine, gardening, gadgets, entertainment, health and beauty, household goods and home interiors categories. They share information on what their customers buy. Abacus analysis this pooled information to help the retailers understand consumers wider buying patterns. From this information, retailers can tailor their communications sending people suitable offers that should be of interest to them, based on what they like to buy.

International transfers

We may transfer data outside the EEA, if we did, this would be subject to special rules under data protection laws. We would ensure that transfers would take place in the presence of appropriate safeguards, including standard data protection clauses adopted by the EU commission.

How long do we keep your data?

We will not retain your data for longer than necessary for the purposes set out in this Policy. Different retention periods apply for different types of data, however the longest we will normally hold any personal data is 12 years since your last purchase from us.

WHAT PERSONAL INFORMATION DO WE COLLECT

Kettlewell Colours may collect the following information about you:

  • your name, age/date of birth and gender;
  • your contact details: postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and e-mail address;
  • purchases and orders made by you;
  • your on-line browsing activities on our website;
  • your password(s);
  • when you make a purchase or place an order with us, your payment card details. We use the latest secure server technology to ensure this information is protected to the highest standards;
  • your communication and marketing preferences;
  • your location;
  • your correspondence and communications with Kettlewell Colours; and
  • other publicly available personal data, including any which you have shared via a public platform (such as a Twitter feed or public Facebook page).

Our website is not intended for children and we do not knowingly collect data relating to children.

This list is not exhaustive and, in specific instances, we may need to collect additional data for the purposes set out in this Policy. Some of the above personal information is collected directly, for example when you set up an on-line account on our websites, or send an email to our customer services team. Other personal information is collected indirectly, for example your browsing or shopping activity.

We may also obtain your information from a third-party supplier, in order to send you postal communications, where you have given permission for your details to be shared with other organisations. This could be when buying a product or registering for an event, service or competition. We will only collect your information in this way if we believe you may be interested in hearing from our partners, and where you have not opted-out of receiving unsolicited marketing communications, by checking your details against the Mailing Preference Service. We will always tell you where we have obtained your details from and how to stop your details from being processed in this way in the future should you object . We will only deal with reputable companies that take privacy and data protection as seriously as we do, and we will always let you choose not to receive further communications from us.

We randomly monitor and record telephone calls. This helps to ensure that we provide you with the highest level of services and maintain quality standards.

HOW WE PROTECT YOUR DATA

Our controls

Kettlewell Colours is committed to keeping your personal data safe and secure.

Our security measures include: -

  • encryption of data;
  • regular scenario planning and crisis management exercises to ensure we are ready to respond to cyber security attacks and data security incidents;
  • security controls which protect the Kettlewell Colours IT infrastructure from external attack and unauthorised access; and
  • internal policies setting out our data security approach and training for employees.

WHAT YOU CAN DO TO HELP PROTECT YOUR DATA

Kettlewell Colours will never ask you to confirm any bank account or credit card details via email. If you receive an email claiming to be from Kettlewell Colours asking you to do so, please ignore it and do not respond.

If you are using a computing device in a public location, we recommend that you always log out and close the website browser when you complete an online session.

In addition, we recommend that you take the following security measures to enhance your online safety both in relation to Kettlewell Colours and more generally:

  • keep your account passwords private. Remember, anybody who knows your password may access your account.
  • when creating a password, use at least 8 characters. A combination of letters and numbers is best. Do not use dictionary words, your name, email address, or other personal data that can be easily obtained. We also recommend that you frequently change your password. You can do this within your account section on our website.
  • avoid using the same password for multiple online accounts.

YOUR RIGHTS

You have the following rights:

  • the right to ask what personal information that we hold about you at any time,
  • the right to ask us to update and correct any out-of-date or incorrect personal information that we hold about you; and
  • (as set out above) the right to opt out of any marketing communications that we may send you.

If you wish to exercise any of the above rights, please contact us using the contact details set out below.

Legal basis for Kettlewell Colours processing customers’ personal information

General

Kettlewell Colours collects and uses customers’ personal information because it is necessary for:

  • the pursuit of our legitimate interests (as set out below);
  • the purposes of complying with our duties and exercising our rights under a contract for the sale of goods to a customer; or
  • complying with our legal obligations.

Our legitimate interests

The normal legal basis for processing customer data, is that it is necessary for the legitimate interests of Kettlewell Colours including:-

  • selling and supplying goods and services to our customers;
  • protecting customers, employees and other individuals and maintaining their safety, health and welfare;
  • promoting, marketing and advertising our products and services;
  • sending promotional communications which are relevant and tailored to individual customers. Our communications are designed to tell you about the benefits we can offer, so that you have exclusive access to our best deals. We use the information we have about you to tailor the content and try to ensure that the offers are as relevant to you as possible;
  • understanding our customers’ behaviour, activities, preferences, and needs;
  • improving existing products and services and developing new products and services;
  • complying with our legal and regulatory obligations;
  • preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies;
  • handling customer contacts, queries, complaints or disputes;
  • managing insurance claims by customers;
  • protecting Kettlewell Colours, its employees and customers, by taking appropriate legal action against third parties who have committed criminal acts or are in breach of legal obligations to Kettlewell Colours;
  • effectively handling any legal claims or regulatory enforcement actions taken against Kettlewell Colours; and
  • fulfilling our duties to our customers, colleagues, shareholders and other stakeholders.

CREDIT CARD ENCRYPTION

We accept online payment in a secure environment using Secure Socket Layering technology (SSL). All of the information sent to us as you browse our site, including payment and address information, is encrypted to safeguard your details. Encryption prevents other internet users from accessing this information. You can check that you are shopping in a secure environment by looking for either a locked padlock icon or an image of a key in the grey bar at the bottom of your screen.

The encryption technique we use is the highest standard available for e-commerce and certified by Thawte, part of the Verisign group - the world's most respected certification body for Internet firms. If you have questions regarding our credit card security policies, please call us on 01460 279800 (option 2).