1. Definitions and Interpretation
Our Site” – www.worthandleah.com
Cookie” – a small text file placed on your computer or device by or through Our Site when you visit certain parts of Our Site and/or when you use certain features of Our Site. Details of the Cookies used by Our Site are set out in section 7, below.
Cookie Law” – The relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003.
Personal Data” – Any and all data that relates to an identifiable person who can be directly or indirectly identified from that data. In this case, it means personal data that you provide to us via Our Site or otherwise. This definition shall, where applicable, incorporate the definitions provided in the EU Regulation 2016/679 – the General Data Protection Regulation (“GDPR”).
we/us/our” – Worth & Leah of 2 Rectory Cottages, Weymouth, Dorset, UK DT3 5FP
you/your” – Any user or visitor to Our Site and any client or other party who provides us with data in the course of dealing with that party.
2. Our Site and other information
2.1 – Our Site is owned and operated by Worth & Leah.
3. Your rights
3.1 – As a data subject, you have the following rights under the GDPR:
Right to be informed about our collection and use of Personal Data.
Right of access to the Personal Data we hold about you.
Right to rectification if any Personal Data we hold about you is inaccurate or incomplete.
Right to “be forgotten” – meaning the right to ask us to delete any Personal Data we hold about you.
Right to restrict, or prevent, the processing of your Personal Data.
Right to data portability (obtaining a copy of your Personal Data to re-use with another service or organisation).
Right to object to us using your Personal Data for particular purposes.
Rights with respect to automated decision making and profiling.
3.2 – In addition to your rights under the GDPR, set out in section 3.1, whenyou submit Personal Data via Our Site, you may be given further options to restrict our use of your data in certain circumstances. In particular, you may opt-out of receiving emails from us which you may do by unsubscribing using the links provided in our emails.
3.3 – You have the right to ask for a copy of any of your Personal Data held by us. We will respond to your request without raising a charge. Please contact us using the details provided in section 8.
3.4 – If you have any cause for complaint about our use of your Personal Data, please contact us using the details provided in section 8 and we will do our best to resolve your concerns. If we are unable to help, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office, which can provide further information about your rights.
4. Types of data we collect
4.1 – Depending upon your use of Our Site or the way in which we deal with you, we may collect some or all of the following personal and non-personal data:
– Business/company name.
– Job title.
– Contact information such as postal and email addresses and telephone numbers.
– Financial information such as credit / debit card numbers.
– Data concerning your business activities obtained in the course of providing our goods and/or services.
– Information relating to your activity on Our Site.
– Documents, images and other material which you may upload to Our Site.
– Information about such documents, images and other material.
– Content of messages.
7.2 – By using Our Site you may also receive certain third party Cookies on your computers or devices, from time to time. Third party Cookies are those placed by websites, services, and/or parties other than us. Any such Cookies are not integral to the functioning of Our Site and your use and experience of Our Site will not be impaired by refusing consent to them.
7.3 – All Cookies used by and on Our Site are used in accordance with current Cookie Law.
7.4 – Before Cookies are placed on your computers or devices, you will be asked for your consent to set those Cookies, in the form of a pop-up or similar. You may, if you wish, refuse consent to the placing of Cookies, but if you do so, certain features of Our Site may not function fully or as intended.
7.5 – The following first party Cookies may be placed on your computer or device:
_ga– This is set by Google Analytics in order to track your use of this website. It is deleted from your computer after 2 years and data collected is non-identifiable.
XSRF-TOKEN–Used for security reasons udring session and is deemed essential.
hs–Used for security reasons during session time only and is deemed essential.
ssr-caching–Used to indicate the system from which the site was rendered. It is deleted from your computer after 1 minute and data collected is non-identifiable. This is deemed essential.
svSession–Usedin connection with user login. It is deleted from your computer after 2 years and data collected is non-identifiable. This is deemed essential.
consent-policy–Used for cookie banner parameters, system monitoring/debugging. It is deleted from your computer after 12 months and data collected is non-identifiable. This is deemed essential.
bSession–Used for system effectiveness measurement. It is deleted from your computer after 30 minutes and data collected is non-identifiable. This is deemed essential.
7.7 – In addition to the controls that we provide, you can choose to enable or disable Cookies in your internet browser. Most internet browsers also enable you to choose whether you wish to disable all cookies or only third-party Cookies. By default, most internet browsers accept Cookies but this can be changed.
7.8 – You can choose to delete Cookies on your computer or device at any time, but this may affect your ability to access and use Our Site.
6. Data storage and sharing
6.1 – We only keep your Personal Data for as long as we need to in order to use it as described above in section 5, and/or for as long as we have your permission to keep it.
6.2 – Your data will only be stored within the European Economic Area.
6.3 – Data security is very important to us, and to protect your data we have taken suitable technical and organisational measures to safeguard and secure data collected through Our Site and otherwise. For example, where we hold your data ourselves (as distinct from having access to it on your own systems), we store your Personal Data on secure servers. Whilst we will use all reasonable efforts to safeguard your Personal Data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of Personal Data that is transferred from you or to you via the internet.
6.4 – To the extent necessary for us to provide any goods and/or services to you, or in connection with any contract or order we may enter into with you, we may share your Personal Data with our group companies and/or certain carefully chosen third parties with whom we engage from time to time for such purposes alone. For example, these may include access to and provision of third party software, data storage and backup facilities, payment processing and marketing and engaging freelance and sub-contracted services. In some cases, such third parties may require access to some or all of your data.
6.5 – We may also share your Personal Data with our third party IT contractors, for the purpose of them managing and improving our IT systems and Our Site.
6.6 – Where we share your Personal Data with such third parties, we will take reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under the law.
6.7 – Subject to the remainder of section 6, we will not share any of your data with any other third parties for any purposes.
6.8 – In certain circumstances, we may be legally required to share certain data held by us, which may include your Personal Data, for example, where we are involved in legal proceedings, where we are complying with legal obligations, a court order, or a governmental or regulatory authority.
6.9 – We may compile statistics about the use of Our Site including data on traffic, usage patterns, user numbers, sales, and other information. All such data will be anonymised and will not include any personally identifying data, or any anonymised data that can be combined with other data and used to identify you. We may from time to time share such data with third parties.
5. Using your data
5.1 – All Personal Data is processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. We will comply with our obligations and safeguard your rights under the GDPR at all times.
5.2 – Our use of your Personal Data will always have a lawful basis, either because it is necessary for our performance of a contract with you, because you have consented to our use of your Personal Data, or because it is in our legitimate interests. Specifically, we may use and you consent to us using your data for the following purposes:
5.3 – With your permission and/or where permitted by law, we may also use your data for marketing purposes which may include contacting you by email, telephone, social media and/or post with information about our business and our goods and/or services. We will not send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
5.4 – Third parties whose content may appear on Our Site may use third party Cookies. Please note that we do not control the data which may be collected and used by any such third parties and we advise you to check the privacy policies which may apply to them.
5.5 – You have the right to withdraw your consent to us using your Personal Data at any time, and to request that we delete it.
5.6 – We do not keep your Personal Data for any longer than is necessary in light of the reason(s) for which it was first collected. Data will therefore be retained for the following periods (or its retention will be determined on the following bases):
Providing and managing your access to Our Site.
Personalising and tailoring your experience on Our Site.
Providing you with cost guidance about our goods and/or services.
Providing you with other information about our goods and/or services.
Supplying our goods and/or services to you.
Communicating online, through social media, by post, email or telephone or by any other means, with you.
Providing you with newsletters and other material, which may include marketing material, relevant to our goods and/or services, by post, email or other means (provided that you may unsubscribe or opt-out at any time, and where practicable, we will include a link to facilitate that).
Analysing your use of Our Site to enable us to improve Our Site and your user experience.
Names and contact details will be retained indefinitely for marketing and monitoring purposes (unless you ask us to delete them).
Data collected or accessed in the course of providing goods and/or services to you under a contract, will typically be retained for the duration of that contract.
Other data will typically be held for not less than 24 months but we may assess the appropriate period of retention, according to its nature and the reason(s) for its collection.
The retention periods in this section are a guide and we reserve the right to assess the appropriate period for retention on an individual basis, provided that we will always comply with our legal obligations.
8. Contacting us