1. What this policy describes
This policy describes how we will collect and use personal data about you.
We process information about:
“Prospects” potential customers or referrers;
“Customers” who have bought goods or services from us;
“Suppliers”, “Associates” suppliers or potential suppliers of goods or services to us;
“Affiliates” who have signed up to our affiliate scheme (if we have one).
2. What information do we process, and WHY?
2.1 Prospect
Most of the information we process comes from you. We process it so we can reply to you, and when you contact us again we know what you asked before, what you were sent, and what you told us.
Typically, we are collecting name, contact details, how we came across you, and background information from you or published by you on social media or freely accessible on the internet, on why you might be interested in our products or services or a relevant contact for our business.
If you sign up to a newsletter list, you will be sent what you asked for. We operate ‘double opt-in’ lists and you will need to reconfirm your subscription before anything is sent. You can unsubscribe at any time by clicking the unsubscribe button on any email.
You are not automatically subscribed to any other lists, but may be invited to join an appropriate one.
If we email you individually using our own email system, or respond to an email sent to us at any of our business email addresses, a copy of that email will also be stored.
If you make an enquiry via our website, we will keep details of that enquiry and response for our data retention period.
We do not routinely keep special category data. To the extent we hold this, it was supplied or made publicly available by you.
2.2 Customer
Once you buy something from us, we will collect information from you at the point of sale.
This will include the information we collect from Prospects (above). We collect your email address, phone number and postal address so we can provide what we have contracted to, invoice you and keep proper records of our business relationship.
We process your data to support the delivery the goods and services you have bought. We keep records of the goods/services provided to you, and information you give us, so we can support you when needed and advise you of any additional services you may need.
Financial and credit card details
We do not receive or store your credit card details. Credit card payments are handled by an external secure processor in accordance with their data security policies.
We receive limited information from our processor for us to tie up your payment with your invoice.
If you pay us by BACS or direct transfer, we know only what the bank tells us, which is usually the name of the person who paid us and how much and the reference number.
We do not routinely keep credit scores nor use credit reference agencies.
When we are processing data about you on behalf of a customer, we are operating under the banner of our customer’s data privacy policy. We will refer any enquiry from you to them, as they are the ‘data controller’ responsible for dealing with your query. But we will support that by providing relevant information to our customer for passing to you.
2.3 Supplier and Associates
We collect information on potential and actual suppliers and associates. This is mostly provided by you, but we do add to it the same kind of data we use for Prospects (see above).
If you become a supplier or associate we keep a copy of the contract between us and your bank details so we can pay you. We also keep a record of invoices/payments for accounting purposes
We keep a record of the work you undertook for us/our clients along with any comments, reviews or suggestions about that work including complaints (if any) and their resolution.
This information is all needed to manage our customer relationships and our supply chain.
2.4 Affiliate
If we set up an affiliate scheme, affiliate data will be held in accordance with this policy. We will ask you for information when you apply and that will be kept to administer the affiliate scheme.
3. Newsletters, SMS and automated emails
We monitor who opens what in our newsletter lists, and pre-set sequences of information we send you. We do this, so we can see if content is popular and generate more of it, or if it is not read.
There may be sub-routines that trigger if you click on links or articles. These are designed to offer you more information about things you are interested in.
You can unsubscribe from these sequences at any time.
Existing customers may receive emails about specific offers relating to things you have already purchased. You can unsubscribe from these at any time.
From time to time, we contact individual email newsletter subscribers but it is extremely rare. This would normally be if something odd were going on and we wanted to check you could see and use the content or find out what was causing a problem.
We value your privacy and the information you consent to share in relation to our SMS marketing service. We use this information to send you text notifications (for your order, including abandoned checkout reminders), text marketing offers, and transactional texts, including requests for reviews from us.Opt-in data and consent for text messaging will not be shared with any third parties except for messaging partners, for the purpose of enabling and operating our text messaging program.
Opt-in data and consent for text messaging will not be shared with any third-parties except for messaging partners, for the purpose of enabling and operating our text messaging program.
Our website uses cookies to keep track of items you put into your shopping cart, including when you have abandoned your checkout. This information is used to determine when to send cart reminder messages via SMS.
4. Data sharing – 3rd parties
We do not sell or exchange your personal data with organisations who may want to sell you something or use your data for research or other purposes.
4.1 Platforms
We keep a list of the software platforms we use to run our business. If you would like a list of all the platforms we use, please email us [email protected]
4.2 People
We have an outsourced support team for our own business which may include Virtual Assistants, Web Designers, IT support, Sales and Marketing, Accounting and more. They have limited access to your data, where the service they provide to us means they need it.
For example, if our IT support wants to check the functionality of a laptop or back up, they may need temporary access to information that may include something about you.
For example, if we invoice you, our Accountant needs to process the information in the invoice.
Your information/advice is held in the strictest confidence. Our team are all contracted to strict confidentiality clauses.
4.3 Hotjar
We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behavior and their devices (in particular device's IP address (captured and stored only in anonymized form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to display our website). Hotjar stores this information in a pseudonymized user profile. Neither Hotjar nor we will ever use this information to identify individual users or to match it with further data on an individual user. For further details, please see Hotjar’s privacy policy by clicking on this link.
You can opt-out to the creation of a user profile, Hotjar’s storing of data about your usage of our site and Hotjar’s use of tracking cookies on other websites by following this opt-out link.
4.4 Mention-Me
Mention-Me Ltd (www.mention-me.com) is the 3rd party service provider managing our refer-a-friend programme. Mention-Me will process customer email addresses and certain order data for the purposes of:
• Enrolling customers onto our refer-a-friend programme;
• Monitoring the programme and safeguarding against gaming or fraudulent use of the programme;
• Communicating with customers in connection with operation of the programme and delivery of rewards;
• Reporting to Vegetology on the performance of the programmeIf you interact with the refer-a-friend program,
Mention-Me will place functional cookies. Details of this can be found here:
https://mention-me.com/help/privacy_policy_s#cookies
5. Where is your data located?
Like most small businesses, we do not have any tailor-made software – we use mainstream packages for everything from our customer records, to email, to accounting.
This means that some of your data may be held in the EEA, and some may be held in services in the USA (with suitable data privacy shields) or elsewhere. We have picked mainstream suppliers with appropriate security standards.
6. Retention periods
Your information will be kept for a set length of time, a retention period.
We need to keep customer information long enough to satisfy HMRC and our insurers. We keep information on prospective customers long enough to make our sales enquiry system effective.
If you subscribed to a newsletter and SMS or updates list, you will remain on the list(s) you joined until you unsubscribe from that list.
7. Your rights
You have the right to know what information we are collecting on you, and to amend it if it is inaccurate.
If you feel for some reason we have information we should not be keeping, or it is out of date or otherwise wrong, please let us know and we will take appropriate action.
Most of the information we hold is not based on your individual consent but is based on our needing the information to run our business and provide our products and services.
If you want to know what information we have about you (if any) email us at the email address set out above and give us your name, email address(es) and we will happily do a search and let you know what information we hold on you and how we are using it/have used it.
You have a “right to be forgotten” - but that does have some legal limits to it. If you want us to remove information about you, let us know. If you have been a customer, we may not be able to remove all data as we will have to ensure that we can continue to comply with legal, accounting, taxation and our insurer’s requirements.
8. Complaints
If you have a complaint about the way we are handling your information or how we have responded to a request for information or removal, you can take this up in the first instance by emailing us at the email address set out above.
If we can’t sort it out, the relevant supervisory authority for us is the Information Commissioner for the UK. You can contact them here.
9. Cookies
We may obtain information about your general internet usage by using a cookie file which is stored on your browser or the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive. They help us to improve our site and to deliver a better and more personalised service. Some of the cookies we use are essential for the site to operate.
Cookies are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
You can block cookies by activating the setting on your browser which allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be to access all or parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies as soon you visit our site.
By using our site or by registering with us, you acknowledge and agree to our use of cookies. If you do not agree to our use of cookies or are not able to block the cookies use on our site, please cease using our site immediately.
Version 1.4 Date: 24/05/2018
