1. IMPORTANT NOTICE
1.1 This is the Privacy Notice of Savetheearth.coop / the website is operated by Save the Earth Co-Operative Society Ltd (‘we’,’us’,’our’,’STE’). We are a (FCA) Financial Conduct Authority Society governed by the Co-operative and Community Benefit Societies Act 2014, registered in England and Wales under Mutuals Public Register number 4509 and with our registered office at 43B, Plains Road, Nottingham, Nottinghamshire NG3 5JU. Our VAT number is 264 0008 41.
1.2 This Privacy Notice sets out how Save the Earth Co-Operative Society Limited (‘we’, ‘us’, ‘STE’ or ‘our’) collect and process your personal information when you access and use our site www.savetheearth.coop (‘our site’). This Privacy Notice also provides certain information that is legally required and lists your rights in relation to your personal data.
1.3 We take our data protection responsibilities very seriously and we comply with all applicable Data Protection Legislation in force from time to time. For the purposes of this Privacy Notice, ‘Data Protection Legislation’ means: (i) the Data Protection Act 1998 (‘DPA’) and all related regulations in force from time to time; or (ii) with effect from 25 May 2018, the EU Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) (‘GDPR’) and any laws in England giving effect to its provisions.
1.4 This Privacy Notice relates to personal information identifying you. We refer to this information throughout this Privacy Notice as ‘personal data’ and section 2 sets out further detail of what this includes.
1.5 Please read this Privacy Notice to understand how we may use your personal data.
1.6 This Privacy Notice may vary from time to time so please check it regularly. These terms were most recently updated on Tuesday 5th May 2020.
2. THE PERSONAL DATA WE COLLECT ON YOU
We may collect the following personal data about you:
2.1 personal data you provide to us via our site, including information that you provide by filling in forms on our site. This includes information provided at the time of registering to use our site and when you make purchases from our site. For example:
2.1.1 your name and title;
2.1.2 your postal address, phone, fax and email addresses;
2.1.3 your gender (although this is not mandatory);
2.1.4 where you have registered with us, your user name and password; and
2.1.5 how you heard about us
2.1.6 Date of Birth;
2.1.6 we may conduct surveys, polls and quizzes from time to time and may ask for views, opinions and other information based on the topic or data gathering purpose;
2.2 personal data you provide when you enter a competition or promotion sponsored by us, and/or when you report a problem with our site;
2.3 we may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them;
2.4 details of transactions you carry out through our site and of the fulfilment of your orders;
2.5 details of your visits to our site including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access;
2.6 information about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual;
2.8 personal data you provide when you request our marketing material or email newsletter or submit a query to us or which is collected via social media;
2.9 personal data you provide when using membership features or interactive features of our site; and
2.10 personal data you provide when you apply for a job or voluntary position advertised or submit a speculative job application and/or your CV.
3. KEY INFORMATION ABOUT YOUR PERSONAL DATA
3.1 Data controller and contact details
3.1.2 If you have a concern or question regarding your privacy, you can contact our Data Protection Officer by emailing firstname.lastname@example.org
3.2 Legal grounds for processing
3.2.1 We collect and process your personal data for a variety of different purposes which are set out in further detail below.
3.2.2 In some cases, we will ask for your consent in order that we can process your personal data. However, in certain circumstances Data Protection Legislation allows us to process your personal data, without needing to obtain your consent. As examples, this may be because we need to use your personal data in order to provide you with the services or goods you have elected to receive from us (i.e. in the ordinary course of our business), to operate our site or for legitimate business or legal purposes.
3.3 How we use your personal data – matters which require your consent
3.3.1 We may ask for your consent to contact you by telephone, SMS, post and/or email about other offers, products, promotions, developments or services which we think may be of interest to you and for other marketing purposes. You can indicate your consent by ticking the relevant box.
3.3.2 We may ask for your consent to allow third parties to contact you by telephone, SMS, post and/or email about other third party offers, products, promotions, developments or services which may be of interest to you and for other marketing purposes. You can indicate your consent by ticking the relevant box.
3.4 Withdrawing your consent
3.4.1 You may at any time withdraw the consent you give to our processing your personal data for those purposes set out in section 3.3 above by contacting us at email@example.com
3.4.2 If you want to stop receiving future marketing messages and materials at any time, you can do so alternatively by clicking the ‘unsubscribe’ link which is included in all of our email marketing messages.
3.5 How we use your personal data – where your consent is not obtained
3.5.1 In some instances we may not obtain your consent to our processing of your personal data and instead we can rely on another lawful basis in order to do so. These lawful bases include those in the table below, along with the linked purposes for which we will process your personal data:
How we use your personal data
The legal basis on which we can do this (this is what the law allows)
In order to perform our contractual obligations to you. This would include our fulfilling orders you have placed for goods or services, contacting you in relation to any issues with your order or where we need to provide your personal data to our service providers (e.g. our courier company).
The processing is necessary for the performance of a contract which you have entered into, or where you request us to process your data prior to entering into a contract
In order to comply with our own legal obligations or to assist in an investigation (e.g. from the police).
The processing is necessary for compliance with a legal obligation to which we are subject
In order to use your personal data to operate our business, but otherwise than in performing our contractual obligations to you.
Where processing is necessary for the purposes of the legitimate interests pursued by us or by a third party for our business activies
3.5.2 We will do our best to inform you when we carry out any of the above activities, but it may be that we are unable to do so in each case.
3.6 Who receives the personal data you provide to us
3.6.1 We will share your personal data with the following recipients:
(a) MailChimp, Mailpoet & Sendfox in relation to our marketing email communications with our customers;
(b) Stripe – and PayPal – to process payments made on our site;
(c) SocialMako in relation to social media marketing with our customers;
(d) Hubspot in relation to online transactional services and delivery of services;
(e) WordPress in relation to online transactional services and delivery of services;
(f) Facebook in relation to our social customer audience segments;
(g) Ultimate Membership Pro in relation to customer support software;
(h) Happyforms in relation to customer surveys;
(i) Quickbooks for finance, accounting and logistical purposes;
(j) WordPress in relation to online transactional service
(k) Use of first party data (cookie data, email addresses) to build remarketing audiences on Google Adwords and Bing.
(l) Use of first party data (cookie data, email addresses) to build custom audiences for targeting on Facebook and Instagram.
Please note that the above is not a complete list of third party providers, we use several plugins to help provide service to our users, you can request a complete list of wordpress plugins which may change from time to time without notice by contacting us at firstname.lastname@example.org
However, we do not forward personal data to these third parties for any promotional purposes by those companies.
3.6.2 In addition, we may disclose the personal data you provide to us to our group companies or any third party data processors other than those listed above who may process data on our behalf for the purposes set out in section 3.5 above.
3.6.3 We may also disclose your personal information to other third parties in order to undertake any of the activities listed in sections 3.3. and 3.5.
3.7 Transfers of your personal data to other countries
3.7.1 The personal data we collect from you is currently held within the European Economic Area (‘EEA’). However, it is possible that in the future such personal data may be transferred, stored and/or processed outside the EEA.
3.7.2 By submitting your personal data, you agree to this transfer, storing and/or processing. You should be aware that countries outside the EEA may not offer the same level of data protection as the United Kingdom. However, we will take reasonable steps to ensure that your data is given equivalent protection in accordance with the Data Protection Legislation.
3.8 How long we will hold your personal data for
3.8.1 We will only hold your personal data for so long as is necessary for us to do so, however because this depends in each case on how each of our customers interact with us, we keep the length of time that we hold your personal data for under review.
3.8.2 Where we no longer need to process your personal data for the purposes set out in this Privacy Notice then we will delete your personal data from our system.
3.9 Why should you provide us with personal data?
3.9.1 Please be aware that we do need to use certain of your personal data in order to fulfil our contractual obligations to you and to provide you with the goods and services you have elected to receive. If you do not provide it then we may not be able to perform the contract to the level you expect or at all. Please see our Terms and Conditions of Sale for further details.
3.9.2 Where we ask for your consent to process your personal data, you are free to withdraw any consent you may give (see section 3.4 above). In addition you are entitled to object to any other processing of your personal data we carry out where we do so in accordance with our own legitimate interests, a list of which is set out in section 3.5 (please also see section 4.5 below for a list of your rights in this respect). Please note, however, that where you do withdraw your consent or otherwise object to our processing of your personal data then this may impact on our ability to provide you with goods and services or (in the case of cookies) affect the functionality of our site
3.10 Where we store your personal data
3.10.1 All information you provide to us is stored on our secure servers.
3.10.2 We will keep your information secure by taking appropriate technical and organisational measures against its unauthorised or unlawful processing and against its accidental loss, destruction or damage.
3.10.3 Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
3.10.4 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site. Any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
3.10.5 Payment transactions are made using payments providers. All credit/debit card transactions on our site are processed using, a secure online payment gateway that encrypts your card details and cannot be accessed by us.
4 SUBJECT ACCESS RIGHTS
4.1 Your right to access your personal data in our possession
4.1.1 You have the right in certain circumstances to obtain from us confirmation as to whether or not we are processing your personal data and, where that is the case, access such personal data and be made aware of the information set out in this Privacy Notice in relation to such data.
4.1.2 If you would like to exercise this right, please contact us using the contact details set out above.
4.2 Your right to have inaccurate personal data rectified
4.2.1 You have the right in certain circumstances to obtain from us the rectification of inaccurate personal data that we hold and which concerns you. This includes the right to request that incomplete personal data is completed (and you may submit a supplementary statement to us in order to do so).
4.2.2 We will rectify inaccurate personal data without undue delay, and will do the same in respect of incomplete personal data although in such instances we are entitled to take account of the nature of our processing of the data in assessing whether we are required to complete the missing information. If you would like to exercise this right, please contact us using the contact details set out above.
4.3 Right to erasure (“right to be forgotten”)
4.3.1 You have the right to obtain from us the erasure of personal data that we hold and which concerns you. This right applies in certain circumstances where:
(a) the relevant personal data is no longer necessary in relation to the purposes for which they were collected or otherwise processed;
(b) you withdraw your consent using the mechanism set out above and there is no other legal ground for our processing your personal data;
(c) where you object to our processing your personal data using the mechanism set out in section 4.5.1(a) below and there are no overriding legitimate grounds for our processing your personal data, or where you object to our processing your personal data using the mechanism set out in section 4.5.1(b)below;
(d) where we have processed your personal data unlawfully;
(e) the relevant personal data have to be erased in order to comply with law; or
(f) where the personal data have been collected in relation to the offer of information society services directly to a child.
4.3.2 If you would like to exercise this right, please contact us using the contact details set out above. We will do this without undue delay unless there is a legal reason as to why we should not comply with your request.
4.4 Right to restriction of processing
4.4.1 You have the right to restrict the way we process your personal data in certain circumstances:
(a) if you contest the accuracy of the relevant personal data, we will suspend our processing of your personal data for such a period as we require in order to verify the accuracy of such personal data;
(b) where the processing of the relevant personal data is unlawful and you would prefer that we restrict how we process it rather than erase the data altogether;
(c) where we no longer need the relevant personal data for the purposes of processing it, but the personal data are required by you for the establishment, exercise or defence of legal claims; or
(d) where you object to our processing your personal data using the mechanism set out in section 4.5.1(a)below, you may request that we restrict the way we process your personal data pending verification of whether our legitimate grounds for processing your personal data override yours.
4.4.2 Except for storing the personal data, we will only process it with your consent or for limited reasons such as the establishment, exercise or defence of legal claims, for the protection of the rights of another person or for reasons of important public interest.
4.4.3 If you would like to exercise this right, please contact us using the contact details set out above.
4.5 Right to object to processing of personal data
4.5.1 In addition to your ability to withdraw your consent, you have the right:
(a) to object, on grounds relating to your particular situation, at any time to our processing of your personal data where we consider that processing your personal data is necessary for: (i) the performance of a task carried out in the public interest or in the exercise of official authority vested in us; or (ii) the purposes of the legitimate interests pursued by us or by a third party, including in each case profiling based on those provisions. In such instances we will no longer process the relevant personal data unless we can demonstrate to you compelling legitimate grounds for our processing the relevant personal data which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims; and/or:
(b) to object at any time to our processing your personal data for direct marketing purposes, which includes profiling to the extent related to such direct marketing. In such instances we will cease to process your personal data for such purposes.
4.5.2 If you would like to exercise these rights, please contact us using the contact details set out above.
4.6 Right to data portability
4.6.1 You have the right to receive from us the personal data concerning you which you have provided to us, in a structured, commonly used and machine readable format and have the right to transmit those data to another controller without hindrance from us. This right shall include the right to require us to transmit the relevant personal data to another controller on your behalf, where technically feasible. This right only applies to personal data that: (i) we gain your consent to process pursuant to section 3.3; or (ii) we obtain in order to perform our contractual obligations to you, and in each case to the extent we process your personal data by automated means.
4.6.2 If you would like to exercise this right, please contact us using the contact details set out above.
4.7 Right to lodge a complaint about us to the Information Commissioner
You are entitled to complain to the Information Commissioner’s Office about the way we process your personal data. Please see https://ico.org.uk/concerns/ for how to do this.
5 LINKS TO OTHER WEBSITES
This policy only applies to Save the Earth Co-Operative Society Limited. Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy notices or policies and that we do not accept any responsibility or liability for any use of your personal data that is made by unconnected third party websites. You should remember to read and understand those websites’ privacy notices or policies as well.
We exclude liability for actions taken in response to breaches of this Acceptable Use Policy. The responses described in this Acceptable Use Policy are not limited, and we may take any other action we reasonably deem appropriate.
You warrant that you will comply with the above standards, and you will be liable to us and indemnify us for any breach of that warranty. This means that you will be responsible for any loss or damage we suffer as a result of your breach of warranty.
Thank you for visiting our site.
© Copyright 2020 – Save the Earth Co-Operative Society Limited
All rights reserved