Crafty Bear Club | Privacy Statement
347611
page-template-default,page,page-id-347611,eltd-cpt-1.0,woocommerce-no-js,ajax_fade,page_not_loaded,,moose-ver-1.7, vertical_menu_with_floating,smooth_scroll,paspartu_enabled,woocommerce_installed,blog_installed,wpb-js-composer js-comp-ver-5.0.1,vc_responsive

Privacy Statement

Privacy Policy

Thank you for visiting www.craftybearclub.com (the “Website”). The Website is operated by Crafty Bear Club. References in this Privacy Policy to “we”, “us”, “our” and “ourselves” are references to Crafty Bear Club. References to “you” or “your” are references to any person reading this Privacy Policy.

We take the privacy of our Website users seriously and we are committed to protecting your privacy in compliance with European Union (EU) and United Kingdom (UK) data protection laws and regulations, including from the 25 May 2018, the General Data Protection Regulation (EU 2016/679) “Data Protection Laws”. This Privacy Policy explains what personal data (see below for details of what this means) is collected about you via the Website and what we do with that personal data. Please see our Cookies Policy below for information of how the Website uses cookies, and your choices regarding cookies use.

We encourage all of our customers to familiarise themselves with this Privacy Policy to understand our views and practices regarding your personal data collected via the Website and how we will treat it.

We reserve the right in our sole discretion to amend this Privacy Policy from time to time. In this event, we will post the revised policy on the Website and we will notify you of any material changes via a banner on the Website. This Privacy Policy sets out the basis by which any personal data we collect about you via the Website (or you provide to us) will be processed by us. By visiting the Website you are accepting the practices set out in this Privacy Policy.

Where you interact with us other than through the Website, this Privacy Policy may be supplemented by separate privacy policies, notices or other privacy related information which will apply to personal data obtained by us (or on our behalf) other than through the Website. This additional privacy information will be made available to you at the relevant point at which we collect your personal data.

If you do not agree to your personal data being used in the manner described in this Privacy Policy then please do not provide this to us. However, please note that some functionality of the Website may be restricted/ unavailable where you do not provide us with any personal data we request.

YOU HAVE A RIGHT TO KNOW HOW WE WILL USE YOUR PERSONAL DATA

We provide this Privacy Policy to make you aware of our practices in connection with your privacy and of the choices you can make about the way your personal data is collected via the Website and used.

We are committed to ensuring the security of your personal data.

Data Protection Laws place obligations on us to process your information fairly and lawfully and to keep it secure. For the purposes of Data Protection Laws, the controller of your personal data which is collected through the Website when users make an online enquiry is Crafty Bear Club, 40 King Street, Somersham, Cambrigshire, PE28 3EJ.

What is “Personal Data”?

Personal data broadly means information that relates to an identified or identifiable living individual (“identifiable” refers to being able to identify the living individual when the information held is combined with other information).

How Will We Comply With Data Protection Laws?

Data Protection Laws require that we meet certain lawful grounds before we are allowed to use your personal data in the manner described in this Privacy Policy and that we explain these legal grounds to you. We take our responsibilities under Data Protection Laws seriously, including meeting these conditions. To use your personal data, we will rely on the following lawful grounds (more than one ground may be relevant to each example of our processing):

Contract: Where you are an existing customer we will process your personal data to the extent required for us to provide you with services related to products that you have purchased from us in accordance with its terms. Additionally, if you are not an existing customer but you have requested further information about one of our products or services, we will use your personal data to provide you with such requested information;

Legitimate Interests: We will also process your personal data where this processing is in our “legitimate interests”. It is in our legitimate interests to collect your personal data as it provides us with the information that we need to run the Website or provide our services and/or products more effectively. When relying on this condition, we are required to carry out a balancing test of our interests in using your personal data (for example, in order to improve the Website or our services), against the interests you have as a citizen and the rights you have under Data Protection Laws (for example, to not have your data sold to third party marketing companies without your knowledge, or store your personal data in insecure or unstable countries/ regions). The outcome of this balancing test will determine whether we can use your personal data in the ways described in this privacy policy. We will always act reasonably and give full and proper consideration to your interests in carrying out this balancing test; and

Consent: Where you have provided your consent, we also rely on your consent to use your personal data in certain ways (for example, in some circumstances to market our products and services to you).

The type of personal data we will collect about you via the Website

The Website provides users who are interested in our products/services with an opportunity to submit online inquiries to us. The personal data that you may provide to us through the Website is set out below:

your name;

your contact details (including postal address, email address and phone number);

any personal data you choose to include when typing into Web-Chat or when typing additional comments in free text boxes;

your debit/credit card details (only when you choose to make a payment online through the Website); and

we may automatically collect technical information (including IP address, device details and your login information) and information about each visit you make to the Website (such as page response times and length of visit).

The Website also uses cookies. The way that we use cookies currently does not constitute processing of your personal data. Please see our Cookies Policy below for information about the cookies we use and your choices in relation to cookie use.

How we handle your personal data

We will only use the personal data you provide to us as described in this Privacy Policy, including any supplemental privacy information, as set out above.

We will observe the rights granted to you under applicable Data Protection Laws and will ensure that queries relating to privacy issues are dealt with promptly and in a transparent manner. See below for details about how to contact us and how to exercise your right to obtain copies of your personal data from us under Data Protection Laws.

We will only collect and process your personal data where we have lawful grounds to do so.

We will update our records if you inform us that your details have changed. Please tell us as soon as possible about this. We will update our records promptly once we are satisfied that the new information (such as your new address or contact detail) is accurate.

How we will use the personal data we collect about you

We will store and process your personal data on our computers. Please see the Data Security header below for details about how we keep your personal data secure, in line with our obligations under Data Protection Laws.

We will use your personal data collected (including from any third parties, where relevant and lawful) to:

contact you about our products/services (in response to your request for this contact which you have made via our Website);

provide our products/services to you if you decide to go ahead and obtain them (but please note as explained above that supplemental privacy information, notices and/or statements will also be relevant to that processing);

manage and contact you about any products or services that we provide to you;

contact you in respect of any complaints that you submit;

process payments you choose to make if you make a payment to us relating to any services via the Website; an

comply with our legal obligations;

Other Websites

Please note that our services / products may be available via other websites and we may link to other websites through the Website. We are not in control of these websites. Their use of your personal data is governed by their privacy policies.

We therefore recommend that you check the policy of each website that you visit and make sure that you are comfortable with the terms of such policies before providing any personal data.

Who do we pass your data to?

We may use third parties to provide services on our behalf which may include processing (but not using themselves for their own purposes) your personal data and this means we will disclose your personal data to them.

We will provide your personal data to the following categories of third parties:

companies that provide data hosting and website management services; and

companies that provide website analytics services such as Google Analytics or Response Tap.

In each case, we will, in accordance with our obligations under Data Protection Laws, put in place appropriate written protections for your personal data, including in our contract with them.

Other than set out in this Privacy Policy (and supplemental privacy information, notices and/or statements where relevant), we will not otherwise disclose, sell or distribute your personal data we collect via the Website to any third party without your permission unless we are required to do so by law.

In addition to the disclosures described above, we may disclose your personal data to:

our solicitors, professional advisors, who have agreed to treat your personal details as confidential;

anybody having a legal right to your personal data, including the police and any other legal and regulatory authorities and government bodies; and

to any third party who acquires all, or substantially all, of the assets or shares in Crafty Bear Club, and/or the Website, whether by sale, merger, acquisition or otherwise;

How long we keep your personal data

We take steps with a view to permanently deleting, destroying or anonymising your personal data (which means that we are no longer able to identify you from it) when it is no longer necessary for its purpose and we are not required by law to keep it.

How long we keep your personal data depends upon the purpose for which your personal data was collected was provided. Generally however:

we will keep the information no longer than is necessary to enable us to provide you with a service that you have requested for as long as it takes us to provide that service. After that, we will only keep information about you if it is necessary for us to do so to comply with our legal obligations; and

we will keep your contact details for a reasonable period after you have given us your consent to use them for marketing purposes (but we will not retain these details indefinitely or after your consent has been withdrawn).

Will my personal data be transferred outside of the European Economic Area?

We currently do not intend to transfer your personal data to third parties and organisations who hold data outside of the European Economic Area (EEA). However, some third party suppliers or service providers may have back up or disaster recovery data centres that are located in multiple jurisdictions outside the EEA (for example, in the United States). This may mean that in certain limited circumstances personal data is transferred to countries which do not provide the same level of protection for personal data as the EEA.

Where your personal data is being transferred outside the EEA, we will ensure that appropriate safeguards are in place, such as the use of the EU Commission approved model contract clauses to protect your information in accordance with Data Protection Laws.

Your rights in relation to your records

You have a number of rights under Data Protection Laws in relation to the way we process your personal data. These are set out below. You may contact us using the details below to exercise any of these rights and we will respond to any request received from you within one month from the date of the request.

DESCRIPTION OF RIGHT

Right 1

A right to access personal data held by us about you.

Right 2

A right to require us to rectify any inaccurate personal data held by us about you.

Right 3

A right to require us to erase personal data held by us about you. This right will only apply where (for example): we no longer need to use the personal data to achieve the purpose we collected it for; or where you withdraw your consent (if we are using your personal data based on your consent); or where you object to the way we process your data (in line with Right 6 below).

Right 4

A right to restrict our processing of personal data held by us about you. This right will only apply where (for example): you dispute the accuracy of the personal data held by us; or where you would have the right to require us to erase the personal data but would prefer that our processing is restricted instead; or where we no longer need to use the personal data to achieve the purpose we collected it for, but you require the data for the purposes of dealing with legal claims.

Right 5

A right to receive personal data, which you have provided to us, in a structured, commonly used and machine readable format. You also have the right to require us to transfer this personal data to another organisation, at your request.

Right 6

A right to object to our processing of your personal data (including for the purposes of sending marketing materials to you).

If you would like to exercise the rights listed above, you can send a request:

By mail to: Crafty Bear Club, 40 King Street, Somersham, Cambrigshire, PE28 3EJ

By e-mail to:info@craftybearclub.com

By telephone to: 07879444195

Data Security

In accordance with our obligations under Data Protection Laws, to prevent unauthorised access to or disclosure of your personal data (including card payments), maintain data accuracy, and ensure the appropriate use of your personal data, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the personal data we collect online.

However, you acknowledge that, unfortunately, the transmission of information via the internet, including the online enquiry forms you submit to us and/or any information provided Web-Chat, is not completely secure. We cannot guarantee the security of your data transmitted to the Website: any transmission (i.e. your sending of the personal data to us) is at your own risk. Once we have received your personal data, we will use the steps detailed above to protect it.

You should be aware that there are inherent risks in transferring personal data over the Internet. For example, if you send us an e-mail from your private mailbox, we cannot guarantee the security of the content during its transmission to us. For that reason, please do not send to us an unsecured e-mail with confidential information such as your National Insurance or bank account numbers, or any sensitive personal data.

Customer feedback and complaints

If you are not happy with the way in which your personal data is held or processed by us, or if you are not satisfied with our handling of any request by you in relation to your rights or any automated profiling that we carry out, our Data Protection Officer would be happy to help. You can contact our Data Protection Officer at 40 King Street, Somersham, Cambrigshire, PE28 3EJ. .

Alternatively, you have the right to complain to the Information Commissioner’s Office (ICO) by calling 0303 123 1113. The ICO is the UK’s independent body set up to uphold information rights. You can find out more about the ICO on its website (www.ico.org.uk/).