1.About This Policy
1.1 This policy explains the personal data we hold about our customers, website visitors, authors, business partners, employees and shareholders: how we use it; how we keep it safe and what your rights are in relation to it. It applies when we are acting as a data controller of the personal data of such people.
1.2 We may amend this Data Privacy Policy from time to time without giving advanced notice. Please check our website (www.fernhurstbooks.com) for any amendments.
1.3 We are Fernhurst Books Limited (contact details in Section 6).
1.4 We may collect, use and store your personal data, as described in this Data Privacy Policy and as described when we collect data from you.
2.The Personal Data We Collect, Why & How We Will Use It
|
PERSONAL DATA
|
WHY & HOW USED
|
LAWFUL BASIS FOR PROCESSING
|
|
Customers
Personal & Employees /
Representatives of Trade Customers
Name
Address
Telephone number(s)
E-mail address(es)
Books ordered
Credit card details (personal only)
Bank account details (personal only)
Mailing preferences
Correspondence
|
To process orders
|
Performing our contract with the customer
|
|
To provide service & information to customers & to manage the relationship
|
Our legitimate interest in managing our business
|
|
To feed order information through to our distributors and wholesalers
|
Our legitimate interest in managing our business
|
|
To market to personal customers
|
By informed consent through a tick box on the shopping cart or the individual signing up to our mailing list on our website or in other ways.
|
|
Website Visitors
Data about use of website:
IP address
Geographical location
Browser type & version
Operating system
Referral source
Length of visit
Page views
Website navigation paths
Timing, frequency & pattern of use
|
To allow us to analyse use of the website. We would never tie this information to individuals, even though the information potentially allows us to do so.
|
For the purposes of our legitimate interests in operating our business, specifically monitoring & improving our website.
|
|
PERSONAL DATA
|
WHY & HOW USED
|
LEGAL BASIS FOR PROCESSING
|
|
Author / Royalty Holders
Personal & Employees /
Representatives of Trade Royalty
Holders
Name
Address
Telephone number(s)
E-mail address(es)
Bank account details (personal only)
Correspondence
Photographs
|
To pay royalties
|
Performing our contract with the author / royalty holder
|
|
To communicate with & manage the relationship
|
Our legitimate interest in managing our business
|
|
To promote the author and their books and to illustrate their books
|
Performing our contract with the author / royalty holder
|
|
Licence Rights Holders
Personal & Employees /
Representatives of Trade Rights
Holders
Name
Address
Telephone number(s)
E-mail address(es)
Bank account details (personal only)
Correspondence
|
To pay & receive royalties
|
Performing our contract with the licensed rights’ holder
|
|
To communicate with & manage the relationship
|
Our legitimate interest in managing our business
|
|
Suppliers
Personal & Employees /
Representatives of Trade Suppliers
Name
Address
Telephone number(s)
E-mail address(es)
Bank account details (personal only)
Correspondence
|
To place & manage orders
|
Our legitimate interest in managing our business
|
|
Media Contacts
Name
Address
Telephone number(s)
E-mail address(es) Correspondence
|
To notify of new books & send review copies
|
Our legitimate interest in managing our business
|
|
Employees Name
Address
Telephone number(s)
E-mail address(es) Date of birth
Bank account details
National Insurance number
Correspondence
Photographs
|
To pay & act as employer
|
To fulfil our contract with the employee
|
|
To provide information to government / tax authorities
|
To meet our legal obligations
|
|
To use in the company’s publicity, including press, websites & other social media platforms
|
Our legitimate interest & the staff’s role in promoting our business
|
|
PERSONAL DATA
|
WHY & HOW USED
|
LEGAL BASIS FOR PROCESSING
|
|
Employees
Record & outcome of disciplinary hearings
|
Managing employees
|
To fulfil our contract with the employee
|
|
Shareholders
Name
Address
Telephone number(s)
E-mail address(es)
Bank account details
Correspondence
|
To pay dividends
|
Performing our contract with the shareholder
|
|
To communicate with & manage the relationship
|
Our legitimate interest in managing our business
|
3.Protecting Your Personal Data
3.1 We use generally accepted standards of technology and operational security to protect personal data and keep it secure.
3.2 We will promptly tell you of any breach of your personal data which might expose you to serious risk.
3.3 We may disclose your personal data to specific third parties to whom we subcontract in order for them to conduct transactions for you and provide services to you on our behalf. However, this will only be personal data that is required for them to undertake this task and we will have a contract requiring them to keep your personal data secure, not to use it for their own purposes and to delete it at the end of the contract.
3.4 Financial transactions may be processed through a secure payment system which will have its own privacy policy.
3.5 The only other times we will share your personal data with any other third party without your consent is when we are required to do so by law.
4.Retaining & Deleting Your Personal Data
4.1 We will not keep your personal data for longer than is necessary for the purpose(s) it is held and to fulfil our legal obligations. (We are expected to keep information for 6 years for: claims in contract; tort [excluding personal injury]; tax and VAT; payroll and employment.)
4.2 Excepting the above, we will retain your personal data as follows:
- Communication data (name, address, telephone number(s), e-mail address(es): for up to 2 years after you cease to be a customer / business associate / employee of ours.
- Transactional data (books ordered, credit card details, bank account details): up to 1 year after the transaction.
- Financial data (bank account details, National Insurance number): up to 2 years after you cease to be a customer / business associate / employee of ours.
5.Your Rights
5.1 Under the GDPR your principle rights with regard to your personal data are:
- to have access to the data held
- to have the data held corrected
- to have the data held erased (in certain circumstances)
- to object to or restrict the processing of the data (in certain circumstances)
- to have the data transferred (in certain circumstances)
- to withdraw consent
- to complain to the Information Commissioner:
www.ico.org.uk/concerns
0303 123 1113
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.
This is a very brief summary of your rights. Please refer to the Information Commissioner’s website for a full explanation of your rights.
6.Our Details
6.1 We can be contacted at:
Fernhurst Books Limited, Regent House, 50 Holly Walk, Leamington Spa, Warwickshire. CV32 4HY.
01926 337488
Please address any questions, comments and requests regarding our data processing practices to our Director by contacting: [email protected]
14th May 2018