We really value your trust and are committed to protecting and respecting your privacy.
We know that there’s a lot of information here, but we really value your trust and it's important to us that you have all the information you need about your rights and how BearHugs uses your data.
We've tried our best to make sure that the information in this policy as easy to understand as possible but if you have any questions at all, please do get in touch with us.
+ The Legal Bits
You may have heard of the General Data Protection Regulation (GDPR), the European Union (EU) privacy law affecting businesses around the world from May 25th 2018. This law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:
1. Consent Collecting and processing your personal data for a specific purpose with your consent. For example, when you tick a box to receive email newsletters.
2. Contractual Obligations Using personal data to meet a contractual obligation. For example, when you order a BearHug for a friend, we’ll collect address details to deliver your gift, and pass them to our courier.
3. Legal Compliance Passing on data because the law requires us to do so. For example, we could pass on the details of someone involved in fraud to the police.
4. Legitimate interest Collecting data to explore our legitimate interests. We'd always do this in a way which might reasonably be expected as part of running our business and which does not impact your rights, freedom or interests. For example, we collect data about how our website is used to help us develop new products and improve customer experience.
+ Information about us
We are BearHugs Gifts Ltd. Our registered office is at Unit 1, 18 Stalker Walk, Sheffield, S11 8NF and our registered company number is 10705466.
If you have any questions our contact details are:
+ When do we collect your data?
We collect your data:
- When you visit our website, Etsy, Amazon or Tomorrow's Store online and use your account to buy our products.
- When you make an online purchase and check out as a guest (in which case we just collect transaction-based data).
- When you create an account with us.
- When you engage with us on social media.
- When you contact us by email, telephone or social media with queries.
- When you enter prize draws or competitions.
- When you sign up and opt in to our newlsetter list.
+ What sort of data do we collect?
- When you place an order or create an account: your name, billing/delivery address, orders and receipts, payment information, email and telephone number.
- Details of your visits to our website and which site you came from to ours.
- Your comments and product reviews.
- Technical information about your internet connection and browser as well as the country where your computer is located, the web pages viewed during your visit and any search terms you entered.
- Your social media username, if you interact with us through those channels, to help us respond to your comments, questions or feedback.
+ How and why do we use your personal data?
We want to make ordering a BearHug as easy, efficient and enjoyable as possible. One of the best ways to do this is by looking at the information we have about our customers to work out how we can improve the service we offer.
Specifically we use your personal data:
- To process any BearHugs orders that you make using our website, Etsy, Amazon or Tomorrow's Store Online.
- To respond to any queries, refund requests and complaints. Handling the information you sent enables us to respond.
- With your consent, we will use your personal data, preferences and details of your transactions to keep you informed by email about relevant products and services including discounts, promotions, events, competitions etc.
- To send you communications required by law or which are necessary to inform you about our changes to the services we provide you. For example, updates to this Privacy Notice, product recall notices, and legally required information relating to your orders. These service messages will not include any promotional content and do not require prior consent when sent by email.
- To develop, test and improve the systems, services and products we provide to you. We’ll do this on the basis of our legitimate business interests.
- To comply with our contractual or legal obligations to share data with law enforcement.
We will never sell your data and will keep it safe and secure.
+ How do we keep your data safe?
We really value your trust and we treat your data with the utmost care and take all appropriate steps to protect it.
We secure access to all transactional areas of our website using ‘https’ technology.
We take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. We follow all PCI-DSS requirements and implement additional generally accepted industry standards.
+ How long do we keep your data?
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected.
At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
+ Who do we share your personal data with?
In order to fulfil your BearHugs order, there are several trusted third parties involved in the order process who require your information.
Here’s the policy we apply to those organisations to keep your data safe and protect your privacy:
- We provide only the information they need to perform their specific services.
- They may only use your data for the exact purposes we specify in our contract with them.
- If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.
- For fraud management, we may share information about fraudulent or potentially fraudulent activity in our premises or systems. This may include sharing data about individuals with law enforcement bodies.
- We may also be required to disclose your personal data to the police or other enforcement, regulatory or Government body, in your country of origin or elsewhere, upon a valid request to do so. These requests are assessed on a case-by-case basis and take the privacy of our customers into consideration.
Third parties we use include:
- Royal Mail
- Mercado One
- Apple Pay
+ What are your rights over your personal data?
You have the right to request:
- Access to the personal data we hold about you, free of charge.
- The correction of your personal data when incorrect, out of date or incomplete.
- That we stop using your personal data for direct marketing (either through specific channels, or all channels).
- That we stop any consent-based processing of your personal data after you withdraw that consent.
You have the right to request a copy of any information about you that BearHugs holds at any time, and also to have that information corrected if it is inaccurate.
To ask for your information, please contact Faye Savory (Managing Director), BearHugs, Unit 1, 18 Stalker Walk, Sheffield, S11 8NF or email firstname.lastname@example.org.
To ask for your information to be amended, please update your online account, or speak to a member of Team BearHugs.
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent.
+ Any questions?
If you have any questions that haven’t been covered, please feel free to get in touch and we'll do what we can to help.
Drop us an email at email@example.com Or write to us at BearHugs, Unit1, 18 Stalker Walk, Sheffield, S11 8NF.
This policy was last updated on 23rd April 2018.