Last updated: 15th May 2020
We intend only to process personal information fairly and transparently as required by data protection law including the General Data Protection Regulation (GDPR). In particular, before obtaining information from you we intend to alert you to this Notice, let you know how we intend to process the information and (unless the processing is necessary for at least one of the 5 reasons outlined in clause 2 below) we’ll only process the information if you consent to that processing. The GDPR also defines certain ‘special categories’ of personal information that’s considered more sensitive. These categories require a higher level of protection, as explained below.
Of course, you may browse parts of this Website without providing any information about yourself and without accepting cookies. In that case, it’s unlikely we’ll possess and process any information relating to you.
Sometimes, when you take a new service or product from us or discuss taking a new service or product but decide against it, we might wish to provide you with further information about similar services or products by email or other written electronic communication. In that situation, we’ll always give you the opportunity to refuse to receive that further information and you can change your mind at any point (opt-out) by contacting our Data Protection Officer (DPO) as set in clause 1.4. We’ll endeavour to remind you of your right to opt-out on each occasion that we provide such information.
1. 1 Identity and contact details
Co-opted Name – The Wedding Collective
Registered office: This will be the same as for Designer Wedding Planner 98a Gloucester Road Croydon CR0
Our Data Protection Officer (DPO) would welcome communication from you regarding any matter relating to data protection, and can be contacted by email at [email protected]
2. When we’re allowed to collect information from you
We will only collect personal information relating to you if one of the following conditions have been satisfied:
2.1 You have clearly told us that you are content for us to collect that information for the certain purpose or purposes that we will have specified.
2.2 The processing is necessary for the performance of a contract that we have with you.
2.3 The processing is necessary so that we can comply with the law.
2.4 The processing is necessary to protect someone’s life.
2.5 The processing is necessary for performance of a task that’s in the public interest.
2.6 The processing is necessary for our or another’s legitimate interest – but in this case, we’ll balance those interests against your interests.
3. How to consent
3.1 At the point of collecting the information, we’ll endeavour to explain how we intend to use the information and which of these purposes apply. If we rely on consent, we’ll provide you with the opportunity to tell us that you’re happy to provide the information.
3.2 If at any point in time you change your mind and decide that you don’t consent, please let us know and we’ll endeavour to stop processing your information in the specified manner, or we’ll delete your data if there is no continuing reason for possessing it.
3.3 If you don’t consent to a particular bit of processing, we’ll endeavour to ensure that the Website and our service continue to operate without the need for that information.
Information we expect to collect from you
4. We envisage asking for the following types of information from you:
|Information type||Purpose and related details||Justification|
|Contact information such as name and e- mail
|• We ask for this to enable us to reply to your contact us request||• It is necessary for a legitimate interest, having weighed this against competing
|Contact information such as full name and email address||• We ask for this to enable us to send out newsletters and or information.
• We intend to share this data with MailChimp so that they can distribute our newsletter. They will be processing it for our purposes, under our directions and under a contract to ensure compliance with data protection law
|• We’ll ask for your consent|
|Contact information such as full name and email address and payment details
|• We intend to share this data with our payment providers PayPal – our payment processors so that they may process payments for products and services you request from us. They will be processing it for our purposes, under our directions and under a contract to ensure compliance with data protection law||• It is necessary for us to be able to process your payments for our services and products.|
4.1 We may collect personal information about you from a number of sources, including the following:
4.2 From you when you agree to take a service or product from us, in which case this may include your contact details, date of birth, how you will pay for the product or service and your bank details.
4.3 From you when you contact us with an enquiry or in response to a communication from us, in which case, this may tell us something about how you use our services.
4.4 From documents that are available to the public, such as the electoral register.
4.5 From third parties to whom you have provided information with your consent to pass it on to other organisations or persons – when we receive such information, we will let you know as soon as is reasonably practicable.
4.6 If you refuse to provide information requested, then if that information is necessary for a service, we provide to you we may need to stop providing that service.
4.7 At the time of collecting information, by whichever method is used, we’ll endeavour to alert you and inform you about our purposes and legal basis for processing that information, as well as whether we intend to share the information with anyone else or send it outside of the European Economic Area. If at any point you think we’ve invited you to provide information without explaining why, feel free to object and ask for our reasons.
5 Using your personal information
5.1 Data protection, privacy and security are important to us, and we shall only use your personal information for specified purposes and shall not keep such personal information longer than is necessary to fulfil these purposes. The following are examples of such purposes. We have also indicated below which GDPR justification applies, however it will depend on the circumstances of each case. At the time of collecting we will provide further information, and you may always ask for further information from us.
5.2 To help us to identify you when you contact us. This will normally be necessary for the performance our contract.
5.3 To help us to identify accounts, services and/or products which you could have from us or selected partners from time to time. We may do this by automatic means using a scoring system, which uses the personal information you’ve provided and/or any information we hold about you and personal information from third party agencies (including credit reference agencies). We will only use your information for this purpose if you agree to it.
5.4 To help us to administer and to contact you about improved administration of any accounts, services and products we have provided before, do provide now or will or may provide in the future. This will often be necessary, but sometimes the improvements will not be necessary in which case we will ask whether you agree.
5.5 To allow us to carry out marketing analysis and customer profiling (including with transactional information), conduct research, including creating statistical and testing information. This will sometimes require that you consent but will sometimes be exempt as market research.
5.6 To help to prevent and detect fraud or loss. This will only be done in certain circumstances when we consider it necessary or the law requires it.
5.7 To allow us to contact you by written electronic means (such as email, text or multimedia messages) about products and services offered by us where:
- These products are similar to those you have already purchased from us,
5.9 You were given the opportunity to opt out of being contacted by us at the time your personal information was originally collected by us and at the time of our subsequent communications with you, and
5.10 You have not opted out of us contacting you.
5.11To allow us to contact you in any way (including mail, email, telephone, visit, text or multimedia messages) about products and services offered by us and selected partners where you have expressly consented to us doing so.
5.12 We may monitor and record communications with you (including phone conversations and emails) for quality assurance and compliance.
5.13 Before doing that, we will always tell you of our intentions and of the specific purpose in making the recording. Sometimes such recordings will be necessary to comply with the law. Alternatively, sometimes the recording will be necessary for our legitimate interest, but in that case, we’ll only record the call if our interest outweighs yours. This will depend on all the circumstances, in particular the importance of the information and whether we can obtain the information another way that’s less intrusive.
5.14 If we think the recording would be useful for us but that it’s not necessary, we’ll ask whether you consent to the recording, and will provide an option for you to tell us that you consent. In those situations, if you don’t consent, the call will either automatically end or will not be recorded.
5.15 When it’s required by law, we’ll check your details with fraud prevention agencies. If you provide false or inaccurate information and we suspect fraud, we intend to record this.
5.16 We will not disclose your personal information to any third party except in accordance with this Notice, and in particular in these circumstances:
5.17 They will be processing the data on our behalf as a data processor (where we’ll be the data controller). In that situation, we’ll always have a contract with the data processor as set out in the GDPR. This contract provides significant restrictions as to how the data processor operates so that you can be confident your data is protected to the same degree as provided in this Notice.
5.18 Sometimes it might be necessary to share data with another data controller. Before doing that we’ll always tell you. Note that if we receive information about you from a third party, then as soon as reasonably practicable afterwards we’ll let you know; that’s required by the GDPR.
5.19 Alternatively, sometimes we might consider it to be in your interest to send your information to a third party. If that’s the case, we’ll always ask whether you agree before sending.
5.20 Where you give us personal information on behalf of someone else, you confirm that you have provided them with the information set out in this Notice and that they have not objected to such use of their personal information.
5.20 We may allow other people and organisations to use personal information we hold about you in the following circumstances:
5.21 If we, or substantially all of our assets, are acquired or are in the process of being acquired by a third party, in which case personal information held by us, about our customers, will be one of the transferred assets.
5.22 If we have been legitimately asked to provide information for legal or regulatory purposes or as part of legal proceedings or prospective legal proceedings.
5.23 We may employ companies and individuals to perform functions on our behalf and we may disclose your personal information to these parties for the purposes set out above, for example, for fulfilling orders, delivering packages, sending postal mail and email, removing repetitive information from customer lists, analysing data, providing marketing assistance, providing search results and links (including paid listings and links) and providing customer service. Those parties will be bound by strict contractual provisions with us and will only have access to personal information needed to perform their functions, and they may not use it for any other purpose. Further, they must process the personal information in accordance with this Notice and as permitted by the GDPR. From time to time, these other people and organisations to whom we may pass your personal information may be outside the European Economic Area. We will take all steps reasonably necessary to ensure that your personal information is treated securely and in accordance with this Notice and the GDPR.
6 Links to other sites
6.1. We may have links on our site to other sites that we do not operate, such as links to other wedding suppliers. If you click on a third-party link, you will be taken directly to that site which is governed by its own privacy notice. We strongly encourage you to read that privacy notice. We do not control that site and assume no responsibility for the content, policies or its practices.
7 Information collected automatically
- Log & Device data. When you visit our site, we may automatically record information (“log data”), including information that your browser sends whenever you visit our site. This log data may include your web address you came from or are going to, your device model, operating system, browser type, unique device identifier, IP address, mobile network carrier, and time zone or location.
8.1. We believe we use reasonable administrative, logical, physical and managerial measures to safeguard your personal information against loss, theft and unauthorised access, use and modification. Unfortunately, no measures can be guaranteed to provide 100% security. Accordingly, we cannot guarantee the security of your information.
8.2. We do not provide our own IT servers. However, third party shall not have access to your personal data unless the law allows them to do so. We do our utmost to ensure that our server hosts are secure and fully accredited. Unfortunately, we cannot be responsible for any illegal breaches that may occur.
9. Our policy on children’s information
9.1. Our site is not directed to children under 16. If you learn that your child has provided us with personal information without your consent, please contact us.
10 . Your rights under certain circumstances
You may opt out of emails at any time.
To access and receive a copy of the Personal Data we hold about you.
To rectify any Personal Data held about you that is inaccurate
To request the deletion of Personal Data held about you
You have the right to data portability for the information you have provided to us. You can request to obtain a copy of this information in a commonly used electronic format so that you can manage and move it. We will need to verify your identity before being able to respond to such requests. Please contact us at [email protected]
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).
CHANGES TO THE POLICY
We may change this policy from time to time, and if we do make changes, we’ll post any changes on this page. If you continue to visit our site after those changes are in effect, you agree to the revised policy. If the changes are significant, we may provide more prominent notice or get your consent on the new policy.
If you have any questions or comments about this policy, please contact us at [email protected]
8 FURTHER INFORMATION
8.1 We will tell you if there is a breach, or a likely breach, of your data protection rights.
8.2 ‘The Wedding Collective’ as of the 15th May 2020 consists of the businesses who have been coopted into this project by Designer Wedding Planner and are added to and removed as situation changes. Especially in the current climate with the world Pandemic of Covid19.
WHERE YOU CAN FIND INFORMATION ABOUT COOKIES
You can learn about cookies and the following third-party websites:
- All About Cookies: http://www.allaboutcookies.org/
- Network Advertising Initiative: http://www.networkadvertising.org/
This policy was last updated: 01 June 2020