Last updated 24th May 2018
Information we collect from you
When you purchase flapjacks from us we collect your name, address, email address and telephone number and also the name address, email address, and telephone number of the person receiving the flapjacks. This contractual data is held securely on our hosting company’s server. We also collect a debit or credit card number for payment via Paypal. This data is encrypted and held by Paypal only, who provide the payment system.
How we use the information we hold on you
We use your name and home address as part of the ordering process. We use your email address to send you confirmation of the order and details of the courier delivery. We use your telephone number to contact you in case of a problem with your order or a query.
How is your data stored?
All data you supply us is stored securely on our hosting company’s server. All card details are stored by Paypal, our PCI compliant payment system. Card details are erased automatically after your order has been dispatched. Neither we, nor Paypal will share your information with any third party unless there is a legal reason to do so.
If you use our website contact form, a record of your email is stored securely on the website and securely deleted after one year. We back up our website to an external secure server in a destination outside the European Economic Area (EEA) in which data protection laws may be of a lower standard than in the EAA. Regardless of location or whether the person is an employee or contractor, we will impost the same data protection safeguards that we deploy inside the EAA. All contact form information and reviews, submitted via our website, are accessible by our website manager. This information is used by the website manger as explained in this policy and is kept confidential and secure.
We send occasional emails (no more than four a year) to people with a legitimate interest in Flapjackery (either having placed an order or expressed an interest in our Flapjacks). The distribution list is managed by a secure third party, Mailchimp (https://mailchimp.com/legal/privacy/). You may change your preferences or unsubscribe via Mailchimp at any time. Neither we nor Mailchimp will pass your details onto any third party.
Retaining personal information
We retain personal information about you for the period necessary to fulfil the purposes outlined in this policy, to meet contractual requirements and legal obligations. We review our retention periods for personal information on a regular basis. When your information is no longer required, we will ensure it is disposed of securely.
No data transmission over the Internet can be guaranteed to be secure from intrusion. However, we maintain physical, electronic and procedural safeguards to protect your personal information in accordance with applicable data protection legislative requirements. We have put in places procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach as required by regulations.
Access to your information
You have a right of access to the information we hold on you, as well as the right to request we amend it or delete it, unless prohibited by law. This will be done within 30 days of the request. There is no charge to access, update or delete your information. You can contact us to request this by email: firstname.lastname@example.org or by post to: Flapjackery Unit 8 Crelake Ind Est, Pixon Lane, Tavistock PL19 9AZ. If you receive our newsletter via MailChimp you can amend the information and marketing permissions as well as unsubscribe via the links contained in the bottom of the newsletter.