Your shopping cart is empty
Simply Oysters is a controller of your personal data. We respect your privacy and we are committed to protecting your personal data. This Privacy Notice will inform you as to how we use your personal data when you visit our website at simplyoysters.com (hereafter called the "Website") and tell you about your privacy rights and how the law protects you.
This Privacy Notice provides you with information about:
· what personal data we collect
· how and when we use and process this data for our legitimate business interests
· the safeguards we have in place to ensure your privacy is maintained
· your legal rights relating to personal data and how you can instruct us if you prefer to limit the use of this data.
2. Data we may collect
We will not knowingly collect information from anyone under the age of 18. If you are under 18 years of age, you should not access or use the Website, or submit any personal information and/or order any product or service through the Website.
We may collect data from you:
· when you purchase products or services from us
· when you create an online account with us
· when you email us or receive emails from us
· when you request information or marketing from us
· when you enter a competition, promotion or survey
· when you contact us or provide us with feedback
· when you browse the Website
· when you interact with our social media channels.
This data may include:
· name and contact details including your address, telephone number and email address
· records of your transactions including what products you purchased and when you purchased those products from us
· payment card details. These details are collected, used, and stored on our payment service provider’s systems (PayPal’s merchant payment gateway system); not on our systems.
· usernames and passwords you create for your online account
· email and other correspondence and communications with us
· marketing preferences and survey responses
· other publicly available personal data, including any which you have shared via a social media channels (such as Twitter or Facebook).
This list is not exhaustive and, in specific instances, we may need to collect additional data for the purposes set out in this Privacy Notice. Some of the above personal data is collected directly, for example when you purchase a product or service from us, or set up an online account with us, or send an email to us. Other personal data is collected indirectly, for example, through your browsing activity on the Website.
3. What we do with this data
We may process and use your personal data:
· to provide products and services to you
· to provide an online account to you
· to register and manage the online account you set up with us
· to make the Website available to you
· to help us manage client service communications with you
· to improve our understanding of our clients and to improve our products, services and client relationships and experiences
· to contact you about special offers, prize draws, products, services and other news which we think may interest you
· for our own market research purposes
· for crime and fraud prevention and detection
· where we have a legal right or duty to use or disclose your data. For example in relation to an investigation by a public authority or in a legal dispute.
We will not rent or sell your personal data to other organisations for marketing purposes.
4. Marketing and special offers
You may receive electronic marketing from us if you provided your personal details to us when you registered with us or you purchased any product or service from us. We use your personal details for electronic marketing purposes primarily where we aim to update you about our products, service, special offers, prize draws, news and events which we believe are of interest and relevance to you. We will only do so where we have a lawful basis to do so.
You have the right to opt out of receiving our marketing emails at any time, by:
· the “unsubscribe” link; and/or
· the “update your preferences” link; and/or
· email us at firstname.lastname@example.org
5. Advertising cookies
6. Sharing data with third parties
In order to provide our products and services, securely fulfil transactions, and provide you relevant marketing communications, we may need to share your personal data or anonymous data with our service providers including payment processing companies, IT service providers (such as hosting companies), analytics companies and marketing services agencies. We only allow our service partners to handle your personal data when they conform to the appropriate data protection and security controls. Our service partners have obligations relating to data protection and security restricting their use of your data to provide services to us and to you, and for no other purposes. We will not rent or sell your personal data to other organisations for marketing purposes.
Aside from our service partners, we will not disclose your personal data to any third party, except as listed below:
· governmental bodies, regulators, law enforcement agencies, courts/tribunals and insurers where we are legally required to do so
· to comply with our legal obligations
· to exercise our legal rights. For example in court cases
· for the prevention, detection, investigation of crime or prosecution of offenders
· third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Notice.
7. How long we keep data
We will not retain your data for longer than necessary for the purposes set out in this Privacy Notice. In general, we will keep your data for the duration of our relationship with you and for a certain period afterwards. In considering how long to keep personal data, we take into account the nature of the information, the nature of the relationship with you, the relevance of the information, and our obligations to comply with applicable laws and regulations. The longest we hold any personally identifiable data is four years after your last order, or interaction with our marketing communications, or contact with us. After that time, we make anonymous any transaction data that we hold for the purposes of accounting records or business analysis.
8. How we protect data
We are committed to keeping your personal data safe and secure and we follow strict security procedures which include:
· regular network vulnerability scans
· scanning to protect against malicious threats to our IT infrastructure
· security controls which protect our IT infrastructure from external attacks and unauthorised access
· secure disposal of all redundant IT hardware.
9. EEA transfers
If you are based within the European Economic Area (EEA), please note that we may transfer personal information to countries outside the EEA. Not all countries provide the same level of protection in relation to personal information as within the EEA. Where necessary to make such transfers, we will comply with our legal and regulatory obligations in relation to the personal information. This will include having a lawful basis for transferring the personal information and putting appropriate safeguards in place to ensure an adequate level of protection for the personal information.
10. Our legal basis for processing data
We process client data on a carefully considered and specific legal basis. This basis may be where you have given your consent, or for the performance of a contract, or where necessary to comply with a legal obligation, or where necessary to protect the safety or other vital interests of an individual, or where it is necessary for the purposes of the legitimate interests of us or another party.
Legitimate interest examples include the conducting and managing our business to enable us to provide the best experience to our customers including:
· operating networks and systems to allow us to securely sell and supply our products and services
· handling client contacts and enquiries
· processing and analysing data to get a more informed picture of the behaviour, activities, preferences and needs of our clients
· using this insight to help us enhance the products and services we offer our clients
· understanding how our clients interact with the Website to help us improve the functionality and content of our client’s online experience
· promoting, marketing and advertising our products and services and determining the effectiveness of these campaigns to help us improve the relevance of our communications to our clients
· protecting us and our clients, by taking appropriate legal action against third parties who have committed criminal acts or are in breach of legal obligations to us
· preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies
· handling any legal claims or regulatory enforcement actions taken against us
· complying with our legal and regulatory obligations
· fulfilling our duties to our clients, our team members, and other stakeholders.
When we process your personal data based on our legitimate interests we make sure we consider and balance any positive or negative impacts on you and your data protection rights against our rights and interests. We will not use your personal data for activities where our interests are over ridden by the impact on you (unless we have your consent or are otherwise permitted by law). Whenever we process your personal data we ensure that we always take account of your rights.
11. Your rights
Subject to certain exemptions, you have the following rights relating to updating, rectifying and deleting your personal data held with us:
· the right to opt out of any marketing communications that we may send you
· the right to ask what personal data that we hold about you and receive a copy of it
· the right to ask us to update and correct any out-of-date or incorrect personal data that we hold about you
· the right to erasure of your personal data in certain circumstances or to restrict the processing of your data rather than having it erased
· the right to object to the processing of personal data when we processes personal data for legitimate purposes but you do not feel that your interests or fundamental rights or freedoms have been protected
· with effect from 25 May 2018, you have the right, in certain circumstances, to obtain personal information you’ve provided us with (in a structured, commonly used and machine readable format) and to reuse it elsewhere or to ask us to transfer this to a third party of your choice
· you have the right not to be subject to a decision when it’s based on automatic processing, including profiling, if it produces a legal effect or similarly significantly affects you, unless such profiling is necessary for entering into, or the performance of, a contract between you and us
· if we rely on your consent (or explicit consent) as our legal basis for processing your personal information, you have the right to withdraw that consent at any time
· the right to lodge a complaint about how your data is being used or processed with a supervisory authority (in the UK, please visit the Information Commissioner's Office at www.ico.org.uk
12. No fee usually required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
13. What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
14. Time limit to respond
We will respond to all legitimate requests to your request for access to your personal data within one month.
1. Definition of cookies
Cookies are small data files that are stored on your web-enabled device as you browse the Website. Cookies are safe and do not harm your web-enabled device. Cookies are an essential part to the how the Website works. If you would like to view further information about cookies, please visit “All About Cookies” at www.allaboutcookies.org (a third party website on cookies).
We have classified the four different types of cookies that we use on the Website and why we use them:
3. Management of cookies
The website at simplyoysters.com is owned and operated by Jeremy & Carol Stevens T/A Simply Oysters. Our email address is email@example.com. Our phone number is 07806773526. Our postal address is: Simply Oysters, C/- 6 Ribblesdale Place, Chorley, Lancashire, PR7 1LT.
If you have any enquiries, please email us at: firstname.lastname@example.org