Processing your data, in accordance with the requirements of the General Data Protection Regulation (GDPR)
Personal data is defined by the UK’s Information Commissioner’s Office as: “Information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.” This includes “name, identification number, location data or online identifier”.
Under some circumstances, such as biometrics or “next of kin” information, this can extend to images, and details about your family. However, unconnected facts – would not become personal data just on an individual’s say-so.
Definitin of Process – in relation to GDRP the term “process” means to: collect, store, transfer, use or otherwise act on data.
Organisations have six lawful bases for processing personal data: Consent, contract, legal obligation, vital interests, public task or legitimate interest – definitions of which are available on the UK’s Informations Commissinor’s (ICO’s) website.
Clocks & Chimes’s legal reasons for processing personal data are:
~ Contract – to enable the fulfilment of the purchase contract entered into by a customer when purchasing a clock from Clocks & Chimes / Tom Harris Clocks. In line with this requirement, the following personal data is processed: customers’ name, address, telephone number and email address.
This data is required to process customer orders and for the performance of the contract to which a customer is party. It is retained under secure password controlled access, for the length of the contract, including the warranty period and the provision of further after sales support.
Reference: Regulation (EU) 2016/679 of the European Parliament and the Council – Chapter 2 – Article 6 – Paragraph 1 (b) Lawfulness of processing
This data, processed by Clocks & Chimes, is not used for advertising, marketing or any other purpose.
Under GDPR you have the following rights:
~ Right of Access – You have the right to ask for a copy of the data that Clocks & Chimes hold about you;
~ Right to Data Portability – You have the right to ask us to supply you with the personal data we hold about you in a structured machine-readable format and/or to provide a copy of the data in such a format for use by another organisation.
~ Right of Erasure (or to be forgotten) – You have the right to ask for the removal of the data that Clocks & Chimes holds about you, when it is no longer a necessity of the purchasing contract, or we no longer have any legal reason to retain it .
~ Right to be Notified – You will be informed of any security breach of the data Clocks & Chimes holds about you.
~ Right of Rectification – You have the right to have any any out-of-date or incorrect personal data that Clocks & Chimes holds about you, corrected or updated;
~ Right to Restrict Processing – You can (in certain circumstances) ask us to ‘restrict processing of data’; which means that we would secure and retain the data for your benefit but not otherwise use it
What information is collected?
When you use Clocks & Chimes’s website, our analytics partner, Google, collects user data including IP address, geographical location, type of device and browser used. This data is used to provide informantion about site visits. Under GDPR, the IP address you use is considered to be sudo-anonymous personal data. For this reason we anonymise IP address’s collected by Google’s analytic processes.
When ordering a clock on our site, personal data is collected to progress your order. You are asked to provide your: name, e-mail address, billing and shipping address, and contact phone number.
When choosing online payment, you are also asked for your credit card information for payment through either Stripe or PayPal’s secure payments system. Stripe / PayPal payment gateway receives your card details – Clocks & Chimes do not receive or retain your credit card details.
For telephone payment Clocks & Chimes recieve your credit card details verbally, to input into Stripes secure payment system. These details are not retained by Clocks & Chimes.
The details of your clock purchase is also collected and retained for warranty and after sales support.
How is your personal data used?
The information we collect from you is used to process your order for the express purpose of fulfuling the purchase contract entered into, and to provide after sales support.
The IP address you provide may also be used by social media buttons, on this website, in line with their provider’s privacy policies – see Social Media Share Buttons below.
Yes – Cookies, which are small files transferred to your computer or other devices (such as smart ‘phones or ‘tablets’) as you browse this website, via your Web browser (if you allow it).
They are used by websites/service providers systems to recognize your browser and capture and remember certain information such as the IP address being used. Cookies are used by this website to determine visitor numbers, how visitors got here (e.g. directly, via search etc.) and to maintain visitors’ sessions on the site. Cookies are essential for the effective operation of our websites and to help you shop with us online.
If you prefer, you can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies via your browser settings. Like most websites, if you turn your cookies off, some of our services may not function properly. However, you can still place orders by email or phone. See our Cookies policy for more details
Do we disclose any information to outside/third parties?
The payment system provider(s) is the only outside/third party used by Clocks & Chimes that has access to your personal data- including credit card details , through their secure payment services, which are GDPR compliant. To deliver your clock, our shipping partner will receive your delivery address, and SMS number when provided to inform you of the delivery.
Clocks & Chimes do not sell, trade, or otherwise transfer any of your personal data to any other outside parties. Information would never be released by Clocks & Chimes to any other party; expect law enforcement agencies, if required to do so to comply with the law.
Clocks & Chimes use social media buttons on product pages. When clicking on any of these, the relevant social media provider may use the IP address you employ, in line with their privacy policies – see Social Media Share Buttons below.
How is your information protected?
Clocks and Chimes payment processes comply with the payment industries security standards. When you place an order all your sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into the payment-service provider’s database, only accessible by those authorised with special access rights to such systems, who are legally required to keep the information confidential and secure.
Clocks & Chimes has no access to your credit cards information when the payment is processed on the website by Stripe / PayPal or once the telephone payment is completed by Stripe Payment services. Clocks & Chimes do not retain credit card information in any form.
Address and contact details, are retained as part of each purchase order’s information file, which is stored electronically and secured by password.
Childrens’ Online Privacy Protection Act Compliance
Clocks & Chimes are in compliance with the requirements of COPPA (Childrens’ Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old or older.
Social Media Share Buttons
Updated 25 May 2018 – addition of content to coply with GDRP.
Updated 07 Jun 2018 – text adjustments only.