1. Contact Details
2. Our commitment to privacy
3. What Information do we collect about you?
For visitors who browse our web site and don’t enter information, the only data we capture is your source Internet Protocol (IP) address and a record of page visits in our web server logs. In some cases, an IP address can be unique to an individual and therefore regarded as personally identifying.
If you purchase items through this web site or register for an account, then we will collect additional data. The following personal data attributes may be collected grouped as follows:
- Identity Data includes first name, last name, username or similar identifier, marital status, title, date of birth and gender.
- Contact Data includes billing address, delivery address, email address, fax number and telephone numbers.
- Financial Data includes bank account and payment card details.
- Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- Profile Data includes your username and password, purchases or orders made by you, your interests, preferences and feedback.
- Usage Data includes information about how you use our website, products and services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
When asking for credit card payment information through our website, we do not transmit the card details though our network or store them on our servers. We use third-party payment services which are fully PCi compliant to handle your details securely using SSL encrypted connections.
Xeretec does not collect any sensitive data that is regarded as Special Category under GDPR (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data).
4. How will your information be used?
We may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. The following lists the way in which we might use personal data and our legal basis for doing so:
- To provide for preferred dashboard layouts, remember if menus are open or closed and otherwise provide store functionality in the database or in cookies stored on the user web browser. This is necessary for our legitimate interests of remembering your choices as you change the display options. The information is stored in session cookies until you clear them or close the browser.
- You might send us your email address specifically to sign up for our newsletter and email promotions. We store and process this information based on your consent. We will keep using the Contact Data for 12 months from the date of the last email promotion we've sent to you with an unsubscribe option in the footer.
- To register on the website, save lists of items (favourites) and to remember preferences storage of your data is necessary. When you register, we ask for your name, email address, Company name, telephone number, mobile number, fax number, resident country, gender, and communication preferences. We also ask you to store a password to allow secure login in the future. You can maintain the details in your online account to ensure they're accurate. You can store multiple addresses that can be listed when selecting where you want your order delivered. In performance of a contract of sale with you or in preparation for a contract of sale we must store and process these details. We will retain these details until you close your account with us. If there has been no activity for 12 months and no order history, we will delete your account unless you inform us otherwise.
- Taking orders, keeping a record for warranty purposes, keeping a record for tax purposes and to collect money owed are additional reasons we keep your details. We require your address for billing and shipping along with your name, email address, phone number, and other details that might be needed to fulfil your order. You will also have had the option to checkout as a guest or to use a new or existing online account. You should know that when you check out as a guest we still keep a copy of your details with the order for our records but we don't create a login record and no password is stored. We store and process this data in performance of a contract with you - contract of sale. We will retain the order history on your account until you close your account or 6 years has passed since your last order, whichever is greater.
- Automated collection. IP addresses and browsing behaviour is collected in several ways. We use this information in order to understand the buying behaviour on our website, to monitor the security of the website, and to improve the user experience. This information is shared with third party processors in order to provide these services but is never sold and can't be used other than to provide these services. Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business, to inform our marketing strategy, to define types of customers for our products and services and to keep our website updated and relevant). We retain some of these details with your account profile. Our third-party processors also retain these details for security and quality purposes but these details are not sold and are only used for these purposes.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. Where the basis for processing data is your consent, you are able to opt out at any time.
5. Who receives your information?
We may pass on to third party partners (see list below). We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
- Service providers who provide IT and system administration services.
- Professional advisers including lawyers, bankers, auditors and insurers based in the United Kingdom who provide consultancy, banking, legal, insurance and accounting services.
- HM Revenue & Customs, regulators and other authorities based in the United Kingdom who require reporting of processing activities in certain circumstances.
We will never pass your personal data to anyone outside of Xeretec and our contracted partners without your explicit permission, except under the following exceptional conditions
- To conform to legal requirements or comply with legal process under UK or EU law
- when demanded by a regulatory authority,
- if we believe in good faith that such action is necessary to:
- protect the rights or property of Xeretec or other Xeretec companies;
- prevent a crime or protect national security;
- protect the personal safety of website users or the public
We do not transfer your personal data outside the European Economic Area (EEA).
6. How is your information kept secure?
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
7. How long will information about me be held?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
8. What are my rights?
Rights for individuals are fully described on the ICO website. If you wish to exercise any of these rights on personal data that Xeretec hold about you then please contact the Data Protection Officer email@example.com
9. Our commitment to children's privacy
This website is not intended for children under 18 years of age, and no part of our website is structured to attract anyone under that age. We do not knowingly collect or maintain personal information from children under 18.
10. How to make a complaint about the way we have handled your data?
If you wish to complain to Xeretec, then please contact the Data Protection Officer firstname.lastname@example.org
If you would like to take your complaint to the supervisory authority, then you can report a concern to the ICO
11. Links to other websites
Xeretec complies with data protection legislation, which regulates the processing of information relating to you and grants you various rights in respect of your personal data. Our website contains links to other websites over which we have no control. Xeretec is not responsible for the privacy policies or practices of other websites to which you choose to link from this website. We encourage you to review the privacy policies of those other websites so you can understand how they collect, use and share your information.
Cookies and browser storage are two ways of storing data on your browser to read later. We do not store personal data in cookies or on your browser storage.
We store several temporary cookies which do not require consent as they are necessary for the security of the website and to operate the menu features as you click on them.
Where the website uses Google Analytics cookies you can opt out of these easily by installing the Google Analytics Opt-out Browser Add-on tool which is supported on all the major web browsers (https://tools.google.com/dlpage/gaoptout).
A cookie cannot read data from your hard drive.
This notice was last amended on 5th June 2018