Privacy & Cookies

Introduction

Paxton & Whitfield “we” are committed to protecting and respecting your privacy. This Privacy Notice explains in detail the types of personal data we may collect about you when you interact with us. It also explains how we’ll store and handle that data and keep it safe.

We hope the following sections will answer any questions you have but if not, please do get in touch with us.

It’s likely that we’ll need to update this Privacy Notice from time to time so please come back and check it whenever you wish. By visiting www.paxtonandwhitfield.co.uk you are accepting and consenting to the practices described in this policy.

Paxton & Whitfield Ltd is the data controller.

Purpose of processing and legal basis

The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:

Consent

In specific situations, we can collect and process your data with your consent.

Contractual obligations

In certain circumstances, we need your personal data to comply with our contractual obligations.

Legal compliance

If the law requires us to, we may need to collect and process your data.

Legitimate interest

In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.

When do we collect your personal data?

  • When you visit our website
  • When you pre-order some products or services in store or by phone (for example, Cheese Wedding Cakes, Advance Orders, Mail Orders)
  • When you engage with us on social media
  • When you contact us by any means with queries, thanks or complaints
  • When you ask one of our team to email you information about a product or service
  • When you enter a prize draw or competitions
  • When you book to attend an event, tasting or training event
  • When you fill in any form, for example, Cheese Society membership

What sort of personal data do we collect?

  • If you have a web account with us: your name, title, billing/delivery address, orders and receipts, email and telephone number. We use SagePay as our secure payment provider. Your credit card information is entered directly on their secure server and we do not record or hold these details
  • If you place an order by phone or in store: your name, title, billing/delivery address, orders and receipts, email and telephone number. We store your credit card details securely until they are processed and then shred them.
  • Details of your interactions with us by telephone or email.
  • Copies of documents you provide to prove your age or identity where the law requires this.
  • Details of your visits to our website and which site you came from to ours.
  • Information gathered by the use of cookies in your web browser. See below for more information on how we use cookies.
  • To deliver the best possible web experience, we collect technical information about your internet connection and browser as well as the country and telephone code where your computer is located, the web pages viewed during your visit, and any search terms you entered.
  • Your social media username, if you interact with us through those channels, to help us respond to your comments, questions or feedback.

Cookies

Cookies are pieces of data your web browser stores on your hard drive. We use cookies so we can recognise you when you pay a repeat visit to our website and to track the items in your shopping basket. Cookies let us personalise your shopping experience based on your preferences. Cookies are enabled on behalf of Google Analytics, enabling us to gather statistics on the usage of our site in order to continue to improve our site and enhance the customer experience. Only domain names or IP Addresses are gathered by Google, personal information is not recorded. If you would prefer to restrict, block or delete cookies from ours, or any other website, you can use your browser to do this. Each browser is different, so check 'Help' menu of your particular browser (or your mobile phone's handset manual) to learn how to change your cookie preferences. If you set your browser to refuse cookies, you may have difficulties in submitting an order online.

This is a list of the main cookies set by the Paxton and Whitfield website, and what each is used for:

How and why do we use your personal data?

We want to give you the best possible customer experience. The data privacy law allows us to use your personal data as part of our legitimate interest in providing the highest levels of service.

If you wish to change how we use your data, you’ll find details in the ‘What are my rights?’ section below.

Remember, if you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide some services you’ve asked for. The information that we collect and when we collect it is outlined above.

Sometimes, we’ll need to share your details with a third party who is providing a service (such as delivery couriers). We do so to complete our transaction with you. Without sharing your personal data, we’d be unable to fulfil your request.

With your consent, we will use your personal data, to keep you informed by email and post, about information on the cheese world and also relevant products and services including promotions, events and competitions. Of course, you are free to opt out of hearing from us at any time.

How we protect your personal data

We know how much data security matters to all our customers. With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it.

We secure access to all transactional areas of our website using ‘https’ technology.

Access to your personal data is password-protected, and sensitive data such as payment card information is either processed by a specialist third party SagePay who have the highest level of security compliance (PCI DSS Level 1) or physically locked away until it is needed.

We are compliant with Cyber Essentials a Government-backed, industry supported scheme to help organisations protect themselves against online threats.

How long will we keep your personal data?

Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected.

At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.

Who do we share your personal data with?

We sometimes share your personal data with trusted third parties. We provide only the information they need to perform their specific services, for example couriers or IT companies who support our website and other business systems.

What are your rights over your personal data?

You have the right to request:

  • Access to the personal data we hold about you, free of charge
  • The correction of your personal data when incorrect, out of date or incomplete
  • That we stop using your personal data for direct marketing
  • Erasure of personal data that we hold on you

You can contact us to request to exercise these rights at any time:

Please contact Paxton & Whitfield, 6 Willow Court, Bourton Industrial Park, Bourton on the Water, Gloucestershire, GL54 2HQ, 01451 823460 or email gdprcompliance@paxtonandwhitfield.co.uk.

Your right to withdraw consent

Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.

Where we rely on our legitimate interest

In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.

Direct marketing

You have the right to stop the use of your personal data for direct marketing activity. We must always comply with your request.

Checking your identity

To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to gdprcompliance@paxtonandwhitfield.co.uk

If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.

You can contact them by calling 0303 123 1113 or go online to www.ico.org.uk/concerns.

May 2018