Loyalty Before Ltd T/A Loyalty Before Royalty GDPR Privacy notice (UK).

What is the purpose of this document?

Loyalty Before Ltd T/A Loyalty Before Royalty is a “data controller”. This means that we are responsible for deciding how we hold and use personal information. This privacy notice explains what we do with your personal data when you are shopping with us. This will include the data you enter and delivery updates. It makes you aware of how and why your personal data will be used, namely for the purposes of the email, and how long it will usually be retained for. It provides you with certain information that must be provided under the General Data Protection Regulation ((EU) 2016/679) (GDPR).

We are committed to protecting the privacy of our customers and suppliers and users of our website and ensuring a secure user experience by complying with data protection law and principles. This privacy notice applies to the personal data of our website users, customers and suppliers and other people whom we may contact in order to find out more about our Loyalty Before Ltd T/A Loyalty Before Royalty. This privacy notice aims to give you information on how Loyalty Before Ltd T/A Loyalty Before Royalty collects and processes your personal data.

You have a legal right to object at any time to the use of your personal information for direct marketing purposes and the processing of your personal information which is based on our legitimate interests, unless there are compelling legitimate grounds for our continued processing.

This policy can be changed by Loyalty Before Ltd T/A Loyalty Before Royalty from time to time and was last updated in August 2019. If we change our privacy policy, we will post the changes on our website and, where appropriate notify you by email. The date of issue will be indicated. We recommend that you check the terms of this privacy policy periodically to keep up to date with any changes.

Data protection principles

We will comply with data protection law and principles, which means that your data will be:

  • Used lawfully, fairly and in a transparent way.
  • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
  • Relevant to the purposes we have told you about and limited only to those purposes.
  • Accurate and kept up to date.
  • Kept only as long as necessary for the purposes we have told you about.
  • Kept securely.

The kind of information we hold about you

In connection with your purchase with us, we will collect, store, and use the following categories of personal information about you:

  • The information you have provided to us with your purchase such as items purchased, date of purchase, address details, email address, social media addresses and contact number.

How is your personal information collected?

We collect personal information about customers reference purchases on the website:

  • When you create an account on our website.
  • When you subscribe to updates including marketing and email alerts.
  • Professional social media and networking sites (including LinkedIn).

How we will use information about you

We will only use your personal data when the law allows us to. Most commonly, we will use the personal information we collect about you for our legitimate business purposes including to:

  • Email marketing
  • Delivery purposes
  • Tracking our company sales

The legal basis for processing your personal information

  • If it is necessary for entering into or performing a contract and it is in order to perform obligations that we undertake in providing a service to you, or in order to take steps at your request to enter into a contract with us;
  • Delivery purposes
  • In some circumstances we may ask for your consent to process your personal data in a particular way.

Data sharing

  • We will only share your personal information with trusted third parties, where we have retained them to provide services that you have requested, such as those listed in the section above “how is your personal information collected”.

Data security

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents and other third parties who have a business need-to-know. They will only process your personal information on our instructions, and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Should our website include links to third party websites, clicking on those links may allow third parties to collect or share data about you. We do not control such third-party websites and have no responsibility for their privacy statements. We encourage all website users to read the privacy notice of every website he or she visits.

Data retention

How long will you use my information for?

We will usually retain your personal information for a period of five years. As we track our sales and may contact you about potential deals. After this period, we will securely destroy your personal information in accordance with applicable laws and regulations.

We conduct regular data cleansing audits with our candidates to ensure that we do not hold data for longer than is necessary. To determine the appropriate retention period for personal data, we take into account the amount, nature and sensitivity of personal data and the purposes for which we process such personal data. We also take into account, whether we can achieve those purposes through other means and the applicable legal requirements.

We will only use your personal data for the purposes for which it was collected, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. Anybody who wishes to obtain an explanation as to how the processing for the new purpose is compatible with the original purpose, he or she should not hesitate to contact Rik Baynes (details below).

Rights of access, correction, erasure, and restriction

Your rights in connection with personal information

Under certain circumstances, by law you have the right to:

  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it. You will not be charged a fee to access such personal data. However, we may charge a reasonable fee if your request was clearly unfounded, repetitive or excessive.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party.

If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact Rik Baynes in writing.

Right to withdraw consent

When you applied for this role, you provided consent to us processing your personal information for the purposes of the recruitment exercise. You have the right to withdraw your consent for processing for that purpose at any time. To withdraw your consent, please contact Rik Baynes. Once we have received notification that you have withdrawn your consent, we will no longer process your application and we will dispose of your personal data securely.

Data protection officer

We have appointed a data protection officer (DPO) to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact the DPO (contact details below). You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.

Full name of legal entity: Loyalty Before Limited (Company No. 12002048)

DPO: Rik Baynes – Director

Email: info@loyaltybeforeroyalty.co.uk

Complaints or queries

If you wish to complain about this privacy notice or any of the procedures set out in it please contact Rik Baynes as set out above. You also have the right to raise concerns with Information Commissioner’s Office on 0303 123 1113 or at https://ico.org.uk/concerns/ or any other relevant supervisory authority should your personal data be processed outside of the UK, if you believe that your data protection rights have not been adhered to.