This privacy notice contains important details about the way we will treat your personal information, and your rights in respect of the personal data that we hold about you.
For the purpose of the Data Protection Act 1998 until 24 May 2018 and thereafter the General Data Protection Regulation (Regulation (EU) 2016/679, the “GDPR”), the data controller is The Sheriden Charles Partnership Limited (SCP Ltd), registered in England & Wales, company no. 8634717. HepKatz determines the purposes and way in which any personal data are, or will be, processed, but delegates this responsibility to our trusted 3rd party service provider, SCP Ltd, which provides our website and online store, along with the associated data processing requirements.
Should you need to contact us please write to:
The Sheriden Charles Partnership Ltd, Data Protection, 61 Bridge Street, Kington, Herefordshire, HR5 3DJ, UK or by email firstname.lastname@example.org with subject "HepKatz Security and Privacy Enquiry".
Information we collect from you
This is information that you give us by filling in forms on our website, by corresponding with us by phone, e-mail or otherwise, and if you interact with us at an event stall. It includes information you provide when you register to use our site, open an account, subscribe to our mailing list, search for a product, place an order on our site, use our social media platforms, enter a competition, promotion and when you report a problem with our site, products or services. The information you give us may include your name, address, e-mail address and phone number, financial and credit card information, and clothing sizes.
If you provide any information about any other individuals such as friends or family, you warrant to us that you are entitled to provide that information to us and to authorise us to process it on the same basis as we will process the rest of the data that you provide about yourself.
In order to personalise your website experience, we may also gather information about the devices you use to access our sites (desktop, tablet, and mobile), this may include the following:
Purposes for which we may process your information
We may use this information:
- to process, fulfil and provide you with information relating to your orders;
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
- to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
- to provide you, or permit selected third parties to provide you, with information about goods or services we offer, so long as, where required by law, you have given the relevant consent;
- to notify you about changes to our products and services;
- for fraud and theft prevention;
- to ensure that content from our site is presented in the most effective manner for you and for your computer;
- for our own legal and risk management purposes;
- to measure or understand the effectiveness of any advertising we might serve to you and to deliver relevant advertising to you;
- to make suggestions and recommendations to you and other users of our sites about goods or services that may interest you.
Please note that, where you are asked to provide information to us which is of the sort that is necessary to enable us to perform a contract or fulfill a request that you make (e.g. contact, delivery or payment information) – if you do not do so, we may not be able to perform your contract or fulfill your request. We consider that processing this type of information is of legitimate interest to both parties.
Who we share your information with and why
HepKatz Store works with a number of trusted suppliers, agencies and businesses in order to provide you with the highest quality products and services you expect from us e.g. delivery companies, payment providers and website technicians, amongst others. Some of the categories of third parties with whom we share your data are:
- business partners, suppliers and sub-contractors for the performance of any contract we enter into with you.
- advertisers and advertising networks that require the data to select and serve relevant adverts to you;
- analytics and search engine providers that assist us in the improvement and optimisation of our sites;
If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply the terms of any agreement or policy to which we are a party, or to protect the rights, property, or safety of HepKatz Store, our customers, or others. This may include exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
We may share your personal information, including your name, address, email address, as well as a record of any transactions you conduct on our website or offline with us with a third-party advertising partner and its service providers in order to deliver to you banner advertisements and other advertising tailored to your interests when you visit certain websites. Our advertising partner will make the data we provide it pseudonymous. To learn more about the use of this information or to make choices about receiving personalised advertising provided by third parties, please visit the European Digital Interactive Advertising Alliance by clicking here.
Keeping in touch with you
We want to keep you up to date with information about new ranges, special offers and improvements to our website. When you set your account up, we will ask you if you want to receive this type of marketing information.
If you decide you do not want to receive this marketing information you can request that we stop by writing to Sheriden Charles Data Protection, 61 Bridge Street, Kington, Herefordshire, HR5 3DJ, UK or by email email@example.com with subject "HepKatz Marketing Enquiry", by changing your contact preferences in the My Account section of your account online or by using the unsubscribe link within the email.
You may continue to receive mailings for a short period while your request is dealt with.
Legal basis of processing
Data Protection Law requires us to meet at least one “legal ground” for processing personal data, currently set out in Article 6 of the GDPR. The grounds applicable to the personal data to which this notice relates are:
- Where the processing is necessary for us to perform a contract that you are party to, or to take steps at your request prior to entering a contract, that is the ground on which we are processing that data;
- Where the processing is necessary for compliance with a legal obligation to which we are subject, that is the ground on which we are processing that data;
- Where processing is necessary for the purposes of our legitimate interests or the legitimate interests of a third party, that is the ground on which we are processing that data, provided that your interests or fundamental rights and freedoms which require protection of your data do not override those legitimate interests (our legitimate interests comprise the management, marketing and promotion of our business, products and services the supply of our products and services. Under the data protection law, it is considered legitimate business interest for us to use our customer details to contact you by post, share your details with third party advertisers to enable us to provide banner advertising and other advertising tailored to your interests when you visit certain websites;
- If you have given your consent to our processing the data, that is the basis on which we are processing that data.
If more than one of the above grounds apply to the processing of data in question, the applicable ground will be the one that is set out first above.
Special categories of personal data
We do not intentionally collect any special categories of personal data (that is to say information as to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health, sex life or sexual orientation or genetic or biometric data) or personal data relating to criminal convictions and offences.
Accordingly, if you do not want us to process any such categories of personal data, please do not provide it to us in any form!
Where we store your personal data
The data that we collect from you will be stored on our servers or those of our service providers.
Some of the information you provide to us may be transferred outside the UK or European Economic Area to countries such as the USA. This is a transfer to a “third country”. For example, HepKatz Store has a business relationship with Company A who provide us with IT support. Colleagues in the USA may access it to undertake the activities described above.
If you place an order with us and you are outside of the UK we will transfer the data that we hold on you to HepKatz Store in the UK.
We also work with suppliers and partners who may make use of cloud and/or hosted technologies. We undertake data security due diligence on our partners and ensure that that these partners conform to appropriate accreditations.
Wherever transfers of data to third countries occurs HepKatz Store will ensure that the recipient is either (i) within the UK/EEA, or (ii) in a country that the European Union has decided has adequate data protection laws in place, or (iii) has provided appropriate data protection safeguards of the sort approved by the European Union and which provide effective rights and remedies for you, further details of which are available from the contact details below.
All information you provide to us is stored on our secure servers, and our website uses an encrypted https (digital certificate) connection which encrypts any data entered or passed between you and our website. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our sites, you are responsible for keeping this password confidential, and for all use made of your account with such password. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our sites; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Length of data storage
Our policy is to ensure that personal data is only stored for as long as is necessary for the purposes it was provided. This may vary according to the type of information and the specific purpose and our obligations under other laws.
We may need your personal information to establish, bring or defend legal claims. For this purpose, we will always retain your personal information for 7 years after the date it is no longer needed by us for any of the purposes listed under Purposes for which we may use your information above. The only exceptions to this are where:
- the law requires us to hold your personal information for a longer period, or delete it sooner;
- you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law;
- we bring or defend a legal claim or other proceedings during the period we retain your personal information, in which case we will retain your personal information until those proceedings have concluded and no further appeals are possible; or
- in limited cases, existing or future law or a court or regulator requires us to keep your personal information for a longer or shorter period.
What are your rights
You have various rights under Data Protection Law. These include:
- The right to ask us not to process your personal data for direct marketing purposes, even if you have given consent;
- If our processing is based on your consent, the right to withdraw any consent you may have given for our processing of your data – if you exercise this right, we will be required to stop such processing if consent is the sole lawful ground on which we are processing that data;
- The right to ask us for access to the data we hold about you and how we use it;
- The right to ask us to rectify any data that we hold about you that is inaccurate or incomplete;
- The right to ask us to delete your data in certain circumstances;
- The right to ask us to restrict our processing of your data in certain circumstances;
- The right to object to our processing of your data in certain circumstances;
The right to data portability to electronically move, copy or transfer your personal information in a standard form in certain circumstances.
You can exercise any of the rights set out above by contacting firstname.lastname@example.org. In respect of certain of the rights referred to above, we may need more information from you, e.g. to provide further information in order to confirm your identity.
You also have the right to lodge a complaint with the applicable data protection supervisory authority if you are concerned that we are not respecting your rights under Data Protection Law. The Information Commissioner’s Office (www.ico.orgis the authority in the UK which is responsible for overseeing the application of, and enforcing, Data Protection Law.
Removal of your data will not limit in any way the system functionalitiesBelow, you can browse services which collects your personal data on this website. Check services you wish to be forgotten by. This will send a request to the website admin. You will be notified by email once this is done."
Removal of your data will not limit in any way the system functionalitiesBelow, you can browse services which sign up users to newsletters. Check services which newsletters you wish to be unsubscribed from. The subscription will stop immediately.
We may, based on information that you provide, make certain decisions on an automated basis. Such decisions include deciding if you pose a fraud or money laundering risk. In certain circumstances, you have the right to object to such decisions being made on an automated basis, if you want to know more please contact us on the details above.
Our sites may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Changes to this privacy notice
Any changes we make to our privacy notice in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy notice.
Questions, comments and requests regarding this privacy notice are welcomed and should be addressed to email@example.com
Last Modified: November 21, 2020