This privacy policy explains why we process personal data, how we collect it, what we collect, how your data is processed and how we protect any information you give Hurn & Hurn when you use this website.
We are committed to ensuring your privacy is protected and assure you any personal data collected will be used in accordance with this privacy statement.
Hurn & Hurn
For the purpose of General Data Protection Regulation (GDPR), Hurn & Hurn is the data controller, located at 4 Mackintosh Road, Rackheath, Norwich, NR13 6LJ in the United Kingdom.
GDPR
In accordance with GDPR, we will only collect and use personal data in a lawful, fair way.
Data will only be collected for valid, clearly explained purposes and not used in a way that is incompatible with those purposes.
Why we process personal data
We process personal data in order to fulfil a contract / contractual obligation with you or because you have asked us to take specific actions before entering into a contract. This is thelegal basis for us doing so.
We may process your data on a consent basis such as if you ask to be subscribed to our emails but if such activities require your consent, we will first obtain consent.
We may also process and disclose your personal data on a legitimate interest basis if necessary, such as informing the authorities about fraudulent or criminal acts.
How we collect data
We collect personal data when you contact us through our site, register your details, place an order through either our site or ebay store, buy a gift voucher, ask to be notified when an item is in stock, sign up to receive our newsletter, email or phone us.
Our website www.hurnandhurn.com may also automatically collect information such as details of your visits to our site and data about your computer.
The data we collect and process
We may collect and process the following personal data:-
Details collected of your visits to our website may include time spent browsing, searches made, products added to wishlists and other resources accessed.
How we process your data
Data collected is used to:-
Who we share your data with
We share your data when necessary with the following in order to fulfil any contractual obligations to you:
We also share your email details and order ID with:
We may also share your personal information in connection with any legal proceedings or for the purpose of fraud prevention.
We will not sell, lease or distribute your personal information to any other third parties without your permission unless required by law to do so.
How long we store your data
We store some personal data permanently or for an extended period of time if legally required to do so.
For example it is currently necessary to store order and financial records for a minimum of 8 years to comply with any HMRC audits and tax requirements. Similarly it is necessary for us to retain other data for 6 years for contract purposes.
Information will only be held for as long as it is required for the purpose it was collected.
Your data rights
You have the following rights in respect of your personal data:
The right to access your personal data. At any time you can contact us to request details of the personal data we hold on you, along with why we are holding the data. Once received, we will respond within 30 days. There are no fees for the first request but further requests or requests which are manifestly unfounded or excessive could be subject to an administrative fee.
The right for your data to be accurate and kept up to date. If any personal information we hold about you needs to be corrected or updated, please let us know.
The right to have your personal data erased. If you would prefer that we no longer hold and use your personal data, or believe we are unlawfully using it, you can request that it is erased. We will confirm when it is deleted or if it cannot be deleted and the reason why (for example compliance with legal obligations).
The right to object to the processing of your personal data. You have the right to ask that we stop processing your personal data, or alternatively to ask us to restrict processing of it. We will contact you to let you know that we will comply or if we are legally obliged to continue processing your data.
The right to withdraw consent. You can withdraw your consent to the processing of your data at any time by emailing, phoning or writing to us.
The right to data portability. You have the right to request that we transfer your data to another controller. Providing this is feasible, we will do so within 30 days.
The right to complain. If you believe there is an issue with how we handle your personal data, you have a right to complain to the ICO.
Please note to access your data, have it amended, corrected or erased, evidence of your identity will be required (a certified photocopy of your passport or driving licence plus an original copy of a recent utility bill). Similarly, confirmation of your identity will be required if objecting to the processing of your personal data.
Protecting your data
We are committed to ensuring the information collected is secure. Suitable electronic, physical and managerial procedures have been put in place to prevent unauthorised access or disclosure.
Information provided is stored on secure servers.
All financial transactions are handled through our payment services providers, Sagepay and PayPal who use the latest most secure technology. We do not hold a copy of any debit or credit card information.
When you place an order, make payment or access your account, we use Secured Socket Layer (SSL) encryption, which encrypts your information before it is sent to us to protect it from unauthorised access.
You are responsible for keeping your password and user details confidential.
Further data processing
If we intend to use your personal data for a new purpose, not notified above, we will provide a new notice and wherever necessary seek your consent prior to the new processing.
Links to external websites
Our website may contain links allowing you to visit other websites. However, you should note that we do not have any control over these other sites. If a link is used, such websites are not governed by this privacy policy and we cannot be held responsible for the privacy and protection of information you provide while visiting these sites.
Policy Updates
Hurn & Hurn may change this policy from time to time. Any changes will be found on this page. This policy is effective from 15 May 2018.