1. Key points and introduction
We gather and use certain information or Data about individuals in order to provide products and services, and to enable certain functions on this Website. We also collect certain information to better understand how visitors use the Website.
Under the General Data Protection Regulation [GDPR], you, the “Data Subject”, have the right to:
- Privacy by Design
- Breach notification
3. Functionality of the Website
To use all features and functions available on the Website, such as the shop and the forums, you may be required to submit certain Data. However, you will be able to access the majority of this website without registering any details with us.
4. Data collected
- Company name;
- Contact Information such as email addresses, postal addresses, and telephone numbers;
- Financial information such as credit / debit card numbers and the related billing addresses;
- Other information relevant to client or customer enquiries
- Other information pertaining to special offers and surveys
We do not collect any Sensitive Personal Data (“Special Categories”) unless you have given explicit consent.
We do not knowingly collect or solicit Personally Identifiable Information from or about children under the age of 13 except as permitted by law. If we discover that we have received any information from a child under 13 in violation of this policy, we will delete that information immediately.
General Technical Information
Like many website providers, we may your IP address to help diagnose problems with our server and provide a better web experience. Your IP address is used to help identify you and your shopping cart and gather General Information.
5. Our use of Data
We will retain any Data you choose to submit for our mailing lists (which are managed through MailChimp), online forum, events, and shop, unless you subsequently request that we erase or amend it.
Unless we are obliged or permitted by law to do so, and subject to any third party disclosures specifically set out in this policy, your Data will not be disclosed to third parties. [7. Third party websites and services]
All personal Data is stored securely in accordance with the principles of the GDPR 2018. For more details on security see the clause below [10. Security].
We will only* use your Personal Data for our internal record-keeping and to fulfil the purpose for which you supplied it, namely:
- to supply products or services to you, the customer, and—if you have requested it—to retain it for use in your future orders;
- to give you access to the online forums;
- to register you for an event;
- to respond to an enquiry;
- to keep you up-to-date on news and offers through our mailing lists (in accordance with your Preferences).
*ie. we will not add customers to our mailing list automatically or vice versa.
General Technical Data will be used to improve the functionality of the Website and gather statistics on how Users interact with the Website.
Cookies help us provide you with a better website. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
We may use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We may also use “session” and “persistent” cookies as described above [4. Data Collected], for a better User experience.
- Analyse our web traffic using an analytics package.
Aggregated usage data helps us improve the website structure, design, content and functions.
- Identify whether you are signed in to our website.
A cookie allows us to check whether you are signed in to the site.
- Test content on our website.
For example, 50% of our users might see one piece of content, the other 50% a different piece of content.
- Store information about your preferences.
The website can then present you with information you will find more relevant and interesting.
- To recognise when you return to our website.
We may show your relevant content, or provide functionality you used previously.
7. Third party websites and services
Second Spring Oxford Ltd may, from time to time, employ the services of other parties for dealing with certain processes necessary for the operation of the Website and our Services. The providers of such services have access to certain personal Data provided by Users of this Website, but only in accordance with the GDPR: they must agree to keep it secure and confidential, and may only use it to fulfil the service for which you provided the information (for example, to send your book order or provide you with information you requested).
8. Links to other websites
9. Accessing and Controlling use of your Data
As stated above, wherever you are required to submit Data the purpose will be made clear and the use of the Data will be restricted to the purpose for which you supplied it.
Our newsletters always contain a link option for you to opt-out or edit your preferences, if you so desire.
You have the right to ask for a copy of any of your personal Data held by Second Spring Oxford Ltd and for it to be erased if you choose to withdraw your consent at any time.
You also have the right to Data Portability. This means we must, upon your request, provide you with a comprehensible summary of all the Data we have on file for you.
To request removal of your Personal Information from our forums, please contact us here and we will do our best to help. Please note that in some cases we may be unable to remove your Personal Information (see the Forum policies in the Terms and Conditions).
Data security is of great importance to Second Spring Oxford Ltd and to protect your Data we have put in place multiple levels of suitable physical, electronic, and managerial procedures to safeguard and secure Data collected via this Website.
If password access is required for certain parts of the Website, you are responsible for keeping this password confidential.
We endeavour to do our best to protect your personal Data. However, transmission of information over the internet is never 100% secure and is done at your own risk. We cannot ensure the security of your Data transmitted to the Website.
11. International transfers of data
12. Changes of business ownership and control
In the above instances, we will take steps with the aim of ensuring your privacy is protected, and the same laws will apply to the new Data Controller.
13. General legal details
Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.
This Agreement will be governed by and interpreted according to the law of England and Wales. All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the English and Welsh courts.
15. Your consent
Last Updated 25 May 2018