Privacy Policy

Introduction

This Privacy Policy is intended to help you better understand how we collect, use and store your information – whether you are a Retailer or End User/Consumer – when using our products or services or whether you’re simply visiting this website.

By using any of our services, you are agreeing to the terms of this Privacy Policy, and, as applicable, our Terms and Conditions.

What information do we collect about you?

As part of the buying and selling process, we collect the personal information that you give to us when you register online, purchase something from any of our webstores, purchase over the telephone or enter our competitions and surveys. This includes;

  • Your full name and personal details including home address, email address, telephone and mobile numbers
  • Date of birth and/or age to make sure that you’re eligible to purchase age restricted bladed items. We may send your details to, and also use information from credit reference agencies and fraud prevention agencies to prevent fraud and to verify your identity.
  • Business details including company name, shipping and billing address, telephone and mobile numbers and email address
  • When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.

We use this information to manage your account, support and process your order, authentication, processing of payments and marketing (unless you have opted out).

How long do we keep it for?

The periods for which we keep your information depends on the purpose for which your information was collected and used. We will not keep your personal information for longer than is necessary for our business purposes or for legal requirements. 

In all cases, our need to use your personal information will be reassessed on a regular basis, and information which is no longer required for any purposes will be disposed of.

Who do we share it with?

We share your information will the following business partners. They will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.

  • Our IT service providers when it is necessary for them to support our internal IT issues.
  • Our CRM Business Software provider – to enable us to process your orders and manage your account
  • Couriers to help deliver our products to you.
  • E-commerce platform providers which allow you to place orders and make payments online
  • Various credit reference agencies, electoral role and other sources of data/agencies to ensure we comply with our legal and regulatory obligations regarding bladed items
  • Anyone else where you have given consent for or as required by Regulators and the law

Email

Whilst we will take all reasonable steps to protect and secure your personal data, we cannot guarantee the confidentiality of any messages transmitted between you and us via email as these are potentially accessible by others. We will not be liable to you or anyone else for any loss relating to any email message sent by you to us or by us to you. 

Security

We know how much trust you place in us when you share your personal data. Because of that we place great importance on the security of your personal information and will always take appropriate precautions to protect it. 

This website and the "checkout" pages on our webstores use industry standard software protection for secure financial transactions. Your personal information such as your credit card number, name, and address, is securely encrypted so that it cannot be read as the information travels over the Internet. We never hold your credit card details on our website or in our own records. 

Even with all these precautions, no data transmission over the internet can be guaranteed to be 100% secure. So, whilst we strive to protect your personal information, we cannot guarantee the security of any information which you disclose to us online and you must understand that you do so at your own risk. 

We take care to protect your personal information. We take steps to ensure that access to personal information is restricted to employees who need it and that all employees who handle personal information are fully trained and kept up-to-date on our data management, security and privacy practices. Our employees are notified and reminded about the importance we place on privacy, and what they can do to ensure your information is protected

How do we protect your Information across borders?

The internet works as a global environment. This means that using it to collect and process personal data often involves the international transmission of data including outside of the European Economic Area (EEA)

Our third-party service providers, such as payment gateways and other payment transaction processors, are located in or have facilities that are located in a different country or territory to the UK. If you elect to proceed with a transaction that involves the services of one of our third-party service providers, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

Your personal data is protected under applicable laws such as the European Commission Data Adequacy or they are certified with the international Privacy Shield Framework.

Once you leave our webstore or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

Your Rights under applicable Data Protection Law

You retain all rights to your Personal Information and can request access to it at any time (please note that these rights don’t apply in all circumstances and that the date portability is only relevant from May 2018)

  • The right to be informed about the processing of your personal data
  • The right to have your personal data corrected if it’s inaccurate and to have incomplete personal data completed
  • The right to object to the processing of your personal data if there are compelling legitimate grounds. You may also object to your use of personal data for marketing purposes using the process set out in the section headed “Marketing”
  • The right to restrict processing of your personal data
  • The right to have your personal data erased (the “right to be forgotten”)
  • The right to request access to your personal data and information about how we process it
  • The right to move, copy or transfer your personal data (“data portability”), and,
  • Rights in relation to automated decision making including profiling - In the unlikely circumstances that we process information about you on a purely automated basis that has a significant impact on you, we shall give you the opportunity to discuss the output of such processing before making those decisions (save to the extent otherwise permitted under applicable law).

Subject Access Request

If you would like a copy of some or all of your personal information, please email or write to us at the following address;

Whitby & Co (UK) Ltd
Data Protection Enquiries
Aynam Mills
Canal Head North
Kendal
Cumbria
LA9 7BY

On receipt of a Subject Access Request, we may require additional documentation or information from you to verify that the Personal Information you are requesting does relate to you.Once we have verified your identity, we will provide you with the information we hold about you within 30 calendar days.

Cookies

A cookie is a small amount of data, which may include a unique identifier. Cookies are sent to your browser from a website and stored on your device, enabling companies to recognise your device across websites. Among other things, these store your preferences and settings; enable you to sign-in; provide interest-based advertising; combat fraud; and analyse how our websites and online services are performing.

We use cookies as well as the Device Information that we collect to recognise your device or IP address when you visit our website. Cookies allow our server to recognise your device for future visits.

For further information visit www.allaboutcookies.org

Personal Data Breach

In the case of a personal data breach (including electronic media, paper records and inappropriate access to information), where personal data is lost, compromised, misdirected or stolen, we will contact you without undue delay to explain what went wrong and what actions have been taken to fix it.

Marketing

Provided you have given us consent, we would like to send you information about products and services which may be of interest to you.

We’ll use your home address, company address, phone numbers, email address or social media to contact you according to your preferences. If after you have “opted – in”, you change your mind , want to change your preferences or want to unsubscribe at any time, please contact us by email or by writing to us at;

Whitby & Co (UK) Ltd
Marketing Enquiries
Aynam Mills
Canal Head North
Kendal
Cumbria
LA9 7BY

In the case of social media messages, you can manage these via the social media platform.

We do not and will never share, disclose, sell, rent or otherwise provide personal Information to other companies for the marketing of their own products or services.

Changes to our Privacy Policy

We may update this Privacy Policy from time to time in order to reflect, for example, changes to our privacy practices or for any other operational, legal, or regulatory reasons. If we make material changes to this Privacy Policy, we will give you notice of such changes by posting the revised policy on this website and where appropriate, by other means. By continuing to use this Website after these changes have been posted, you agree to the revised policy.

This privacy policy was last updated on 23rd March 2018. GDPR is effective from 25th May 2018.

Got a Question?

If you have a question please contact us by;

  • email
  • Or write to us at:

Whitby & Co (UK) Ltd,
Data Protection Enquiries,
Aynam Mills,
Canal Head North,
Kendal,
Cumbria,
LA9 7BY

Got a Complaint?

You have the right to complain to the Information Commissioner’s Office. It has enforcement powers and can investigate compliance with data protection law.  Further information is available at www.ico.org.uk