Privacy Policy

The Steiff Shop Setchey, Norfolk privacy policy

1. Background
This privacy notice lets you know what happens to any personal data that you give to us, or any that we may collect from or about you. It applies to all products and services, and instances where we collect your personal data.

This privacy notice applies to personal information processed by or on behalf of The Steiff Shop Setchey, Norfolk . By using this website you agree to our terms and conditions.

Changes to this privacy notice:
We may change this privacy notice from time to time by updating this page to reflect changes in the law and/or our privacy practices. We are happy to supply you with a copy of any changes we make on request.

2. What kinds of personal information about you do we process?
Personal information that we’ll process in connection with all our products and services, if relevant, includes:

  • Personal and contact details, such as title, full name, contact details and contact details history
  • Records of your contact with us such as if you get in touch with us using our online services including Email, Amazon, or by telephone or in-person.
  • Products and services you hold with us, as well as have been interested in, and have held (if deemed as a business need) and the associated payment methods used
  • The usage of our products and services, such as rental agreement details and invoices.
  • Information we obtained from third parties, including information about insurance risk, pricing, claims history, instances of suspect fraud and usage history
  • Financial details about you, such as your bank account for BACS payments.

3. What is the source of your personal information?
We’ll only collect personal information from you or your business directly. 

4. What do we use your personal data for?
We use your personal data, including any of the personal data listed in section above, for the following purposes:

  • Assessing an application for a product or service, such as rental of space or account requests.
  • For processing and delivering orders
  • Managing products and services relating to that the product or service, or application for one
  • Updating your records, paying you monies due, and recovering any payments due to us.
  • Managing any aspect of the product or service
  • To make automated decisions on whether to offer you a product or service, or the price, payment method, risk or terms of it
  • To perform and/or test the performance of, our products, services and internal processes
  • To improve the operation of our business.
  • To follow guidance and best practice under the change to rules of governmental and regulatory bodies
  • For management and auditing of our business operations including accounting
  • To monitor and to keep records of our communications with you and our staff
  • To administer our good governance requirements
  • For direct marketing communications and related profiling to help us to offer you relevant products and service, including deciding whether to offer you certain products and service. We’ll send marketing to you by email, phone, post, social media and digital channels (for example, using Facebook). Offers may relate to any of our products and services which we think may interest you.
  • To provide personalised content and services to you, such as tailoring our products and services, our digital customer experience and offerings, and deciding which offers or promotions to show you on our digital channels
  • To develop new products and services and to review and improve current products and services
  • To comply with legal and regulatory obligations, requirements and guidance
  • To provide insight and analysis of our customers both for ourselves and for the benefit of business partners either as part of providing products or services, helping us improve products or services, or to assess or improve the operating of our businesses
  • To facilitate the sale of one or more parts of our business

Should a purpose not be listed above, but deemed necessary, we will explain it at the time

5. What are the legal grounds for our processing of your personal information (including when we share it with others)?
We rely on the following legal bases to use your personal data:

  • 1. Where it is needed to provide you with our products or services, such as:
    a) Assessing an application for a product or service you hold with us, including consider whether or not to offer you the product, the price, the payment methods available and the conditions to attach b) Managing products and services you hold with us, or an application for one c) Updating your records and contacting you about your account
  • 2. Where it is in our legitimate interests to do so, such as:
    a) Managing your products and services relating to that, updating your records,  b) To perform and/or test the performance of, our products, services and internal processes c) To follow guidance and recommended best practice of government and regulatory bodies d) For management and audit of our business operations including accounting e) To carry out monitoring and to keep records of our communications with you and our staff  f) To administer our good governance requirements using Facebook  g) Subject to the appropriate controls, to provide insight and analysis of our customers to provide products or services, helping us improve products or services, or to assess or to comply with our legal obligations
  • 3. With your consent or explicit consent:
    a) For some direct marketing communications

6. When do we share your personal information with other organisations?
We will not sell, rent, trade or otherwise any information, except where you give your express consent to do so, to any third parties. We only share information with PayPal, Stripe, Sagepay and Amazon for payment purposes.

7. How and when can you withdraw your consent?
Where we’re relying upon your consent to process personal data, you can withdraw this at any time by contacting us using the details below.

8. Is your personal information transferred outside the UK or the EEA?
We do not share your information outside the UK

9. What should you do if your personal information changes?
You should tell us so that we can update our records.

10. Do you have to provide your personal information to us?
We’re unable to provide you with our products or services if you do not provide certain information to us. In cases where providing some personal information is optional, we’ll make this clear.

11. Do we do any monitoring involving processing of your personal information?
In this section monitoring means any: listening to, recording of, viewing of, intercepting of, or taking and keeping records (as the case may be) of calls, email, text messages, social media messages, in person (face to face) meetings and other communications.
We may monitor where permitted by law and we’ll do this where the law requires it, or to comply with regulatory rules, to prevent or detect crime, in the interests of protecting the security of our communications systems and procedures and for quality control and staff training purposes. This information may be shared for the purposes described above.

12. Automated decision making
We only make automated decisions if we have tried to contact you for a quick decision and have been unable to do so.

13. For how long is your personal information retained by us?
Unless we explain otherwise to you, we’ll hold your personal information based on the following criteria:
For as long as we have reasonable business needs, such as managing our relationship with you and managing our operations
For as long as we provide goods and/or services to you and then for as long as someone could bring a claim against us; and/or
Retention periods in line with legal and regulatory requirements or guidance.

14. What are your rights under data protection laws?
Here is a list of the rights that all individuals have under data protection laws. They don’t apply in all circumstances. If you wish to use any of them, we’ll explain at that time if they are engaged or not. The right of data portability is only relevant from May 2018.

  • The right to be informed about the processing of your personal information
  • The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed
  • The right to object to processing of your personal information
  • The right to restrict processing of your personal information
  • The right to have your personal information erased (the “right to be forgotten”)
  • The right to request access to your personal information and to obtain information about how we process it
  • The right to move, copy or transfer your personal information (“data portability”)

Rights in relation to automated decision making which has a legal effect or otherwise significantly affects you

You have the right to complain to the Information Commissioner’s Office which enforces data protection laws: You can contact us using the details below.

15. Your right to object
You have the right to object to certain purposes for processing, in particular to data processed for direct marketing purposes and to data processed for certain reasons based on our legitimate interests. You can contact us by going to the Contact Us section of our website to exercise these rights.

16. What are your marketing preferences and what do they mean?
We may use your home address, phone numbers, email address and social media or digital channels (for example, Facebook, Google and message facilities in other platforms) to contact you according to your marketing preferences. You can stop our marketing at any time by contacting us using the details below or by following the instructions in the communication.