Privacy and Cookies Policy

 

  1. GENERAL

Bianca Elgar Limited, 9 Worton Park, Cassington, Witney, Oxon, OX29 4SX, company number 08252263 and registered in England and Wales ("We", "us", and "our") is the data controller who is responsible for your personal data.

We are committed to protecting and respecting your personal data and hope that this policy helps explain what data we collect, how we collect it, what we use it for, who we disclose it to, how we protect and store it and your privacy rights. Please read this policy carefully and If you have any questions contact privacy@biancaelgar.com

By using our website, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this website.

  1. WHAT DATA DO WE COLLECT ?

Personal data means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

In order to provide our Services to you we may collect, use, store and transfer Contact Information (Name, Address, Phone Number), Transaction Information (Bank Information, Payment Card Details), Technical Information (see Cookies section below) and/ or Communication Information (Communications, Consents).

  1. HOW DO WE COLLECT YOUR PERSONAL DATA ?

We collect your personal information, in a number ways, when you:

  • make an enquiry;
  • purchase something from our website;
  • browse our website;
  • sign up to receive news and exclusive offers from us;
  • enter a competition, promotion or survey;
  • report a problem with our website; and/ or
  • manage communications;
  • make a complaint and/ or provide feedback.

We may receive information from third parties or publicly available sources to allow us to respond to your enquiries, allow you to participate in interactive features of our website, where we have lawful basis and/ or need to comply with a legal or regulatory obligation. 

  1. WHAT PURPOSES DO WE USE YOUR PERSONAL DATA FOR?  

The table below sets out the ways in which we propose to use your personal data and the legal basis we rely upon to do so. 

Purpose/Activity

 

Type of Personal Data

 

Lawful basis for processing including basis of legitimate interest

Make an enquiry

Contact

Respond to your enquiry

 

Purchase something from our website

 

Contact

Transaction

Performance of a contract with you

Comply with legal obligation

Sign up to receive news and exclusive offers from us

 

Contact

Communications

Provide news and exclusive offers that you have signed up to

Enter a competition, promotion or survey

 

Contact

Technical

Communications

Performance of contract

Improve Products/ Services We Offer

Report a problem with our website

 

Contact

 

Address issue raised

Manage communications with you which will include, by email (e.g. notifying you about changes to our policy)

 

Communications

 

Comply with legal obligation

 

Make a complaint and/ or provide feedback.

 

Communications

 

Address complaint raised

Website management (improve our website, products/services, customer relationships and experiences, content delivery) and administration (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

Contact

Technical

Deliver website Manage business, service delivery

 

We may process your personal data without your knowledge or consent, in compliance with the lawful basis set out in the table above, where this is required or permitted by law. We will only use your personal data for the purposes for which we collected it, if we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

  1. WHAT COOKIES DO WE USE ? 

 What are cookies?

A cookie is a small text file that, subject to your acceptance using the cookies banner on your first visit to our website, is downloaded by your device to: recognise you on your return to our website, capture your preferences and improve your experience whilst using our website. You can customise your browser settings to change your cookie preferences however, please be aware that this may impact performance of website. To give you an understanding of how cookies work, here is an overview of the different types of cookies and their purpose:

COOKIE TYPE

 

COOKIE PURPOSE

 

Session – A cookie expires at the end of browser session

Persistent – A cookie is stored after the end of the browser session, which means that you (and any preferences) will be recognised on your return to our website.

Third Party – Cookies of a third party when you use our website (hosting platform,  advertising collaboration with First Party Recognises returning user or user who has visited ad network partner. understanding usage, improving website features or personalised advertising

 

Strictly Necessary Cookies – Essential in order to enable you to use the key features of the website (cannot be disabled) e.g. to provide online service at user’s request (Secure login, use shopping cart, e-billing)

Performance Cookies – Allows us to recognise you when you return, help us better understand how you use the website to improve its performance

Functional/ Targeting Cookies – Allows us to recognise your preferences and as applicable to your requirements personalise content and track your journey to, through and from our website.

 

We use the following types of cookies on our website (and related sales platforms):

Cookie Title

Cookie Domain

Cookie Type

Cookie Purpose

How Used ?

_gat

.biancaelgar.com

Persistent

Analytical/ Performance

 

_ga

.biancaelgar.com

Persistent

Analytical/ Performance

 

_gid

.biancaelgar.com

Persistent

Analytical/ Performance

 

_landing_page

www.biancaelgar.com

Persistent

Functionality/ Targeting

 

_orig_referrer

www.biancaelgar.com

Persistent

Functionality/ Targeting

 

_shopify_fs

www.biancaelgar.com

Persistent

Strictly Necessary

 

_shopify_sa_p

www.biancaelgar.com

Persistent

Strictly Necessary

 

_shopify_sa_t

www.biancaelgar.com

Persistent

Strictly Necessary

 

_shopify_s

www.biancaelgar.com

Persistent

Strictly Necessary

 

_shopify_y

www.biancaelgar.com

Persistent

Strictly Necessary

 

_s

www.biancaelgar.com

Persistent

 

 

_y

www.biancaelgar.com

Persistent

 

 

cart_sig

www.biancaelgar.com

Persistent

Strictly Necessary

 

secure_customer_sig

www.biancaelgar.com

Persistent

Strictly Necessary

 

shopify_recently_viewed

.www.biancaelgar.com

Persistent

Analytical/ Performance

 

_shopify_ga

www.biancaelgar.com

Persistent

Functionality/ Targeting

Used in Checkout Process

cart_ts

www.biancaelgar.com

Persistent

Functionality/ Targeting

Used in Checkout Process

Cart

www.biancaelgar.com

Persistent

Functionality/ Targeting

Used in Checkout Process

_secure_session_id

www.biancaelgar.com

Persistent

Functionality/ Targeting

Used in Checkout Process

checkout_token

www.biancaelgar.com

Persistent

Functionality/ Targeting

Used in Checkout Process

checkout

www.biancaelgar.com

Persistent

Functionality/ Targeting

Used in Checkout Process

tracked_start_checkout

www.biancaelgar.com

Persistent

Analytical/ Performance

Used in Checkout Process

checkout_locale

checkout.shopify.com

Session/Third Party

Functionality/ Targeting

Used by Checkout Shopify

akavpau_ppsd

.www.paypal.com

Session/Third Party

Functionality/ Targeting

Used by Paypal

AKDC

www.paypal.com

Third Party

Used by Paypal

LANG

.paypal.com

Third Party

Analytical/ Performance

Used by Paypal

nsid

www.paypal.com

Session/Third Party

Strictly Necessary

Used by Paypal

tsrce

.paypal.com

Third Party

 

Used by Paypal

ts

.paypal.com

Third Party

 

Used by Paypal

x-csrf-jwt

.paypal.com

Third Party

Strictly Necessary

Used by Paypal

X-PP-SILOVER

.paypal.com

Third Party

Strictly Necessary

Used by Paypal

x-pp-s

.paypal.com

Session/Third Party

Strictly Necessary

Used by Paypal

 

We have set out below a detailed list of the cookies we use on our websites. Our websites are checked regularly to ensure this list is as accurate as possible.

  1. WHO DO WE DISCLOSE YOUR PERSONAL DATA TO ?

 We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know and for the purposes set out in the table in section 4 above, these will include our contractors, technical service providers (technology hosting/ support services, email delivery and related services), professional advisers, legal, tax and regulatory bodies. If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law (for those located outside European Economic Area ("EEA") a similar standard).  We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. 

  1. THIRD PARTY SERVICES 

When purchasing items from our website, please be aware that certain third party service providers (such as other platforms, payment gateways and other payment transaction processors), have their own privacy policies in respect of the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy and related policies, so you can understand the manner in which your personal data will be handled by these providers.

Please note once you leave our store’s website or are redirected to a third-party website or application, by clicking on links or enabling connections, you are no longer governed by this Privacy and Cookies Policy or our Terms of Service as we have no control over these websites/ and or applications and are not responsible for their privacy statements. In particular, remember that some providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located. As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal data used in completing that transaction may be subject to disclosure under United States legislation.

  1. HOW LONG DO YOU KEEP MY PERSONAL DATA FOR ?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for and to meet any legal, accounting, or reporting requirements. In determining the retention period we will consider the amount, nature, and sensitivity of the personal data, potential impact of unauthorised use or disclosure, the purposes for which we process your personal data and the applicable legal requirements. In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

  1. DATA SECURITY

To protect your personal information, we have put in place appropriate security measures to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. Although we will do our best to protect your personal data in accordance with industry practice, due to the nature of the internet, we cannot guarantee the security of your data transmitted to our website. Once we have received your information, we use strict procedures and security features to try to prevent unauthorised access to, or loss, misuse, disclosure or modification of the personal information that you provide to us.

 Where we have given you (or where you have chosen) a password or passcode which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone in order to avoid illegitimate intrusion into your privacy or your business transactions.

If you choose a direct payment gateway to complete your purchase, Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

  1. WHAT ARE MY LEGAL RIGHTS ?

Your Rights

You have the right to exercise the following rights in respect of your personal data, for full details please see https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/:

  • Request access to a copy of your personal data we hold to check that we are lawfully processing it.
  • Request correction of your personal data to correct incomplete and/ or inaccurate personal data that we hold about you.
  • Request erasure, deletion and/ or removal of your personal data where you have successfully exercised your right to object to processing or where we have no lawful reason to continue to process it.
  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on reasonable grounds.
  • Request the restriction of processing of your personal data through suspension of processing to allow you to better assess its accuracy or the reason for processing it or retaining it.
  • Withdraw consent where we are relying on your consent in the collection, processing and transfer of your personal data for a specific purpose (subject to our right to process on legitimate basis under the Legislation).
  • Request the transfer of your personal data in a structured, commonly used, machine-readable format to you or another party. Please be aware that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

How to Exercise Your Rights

If you wish to exercise any of the rights set out above, please contact us at privacy@biancaelgar.com Before we can respond to your request, we will contact you provide us with certain information to enable us to confirm your identity and rights of access your personal data and we may ask you for further information to speed up our response. You will not have to pay a fee to exercise your  rights, a reasonable fee may be payable if your request is assessed by us to be unfounded, repetitive or excessive. In certain circumstances we we may refuse to comply with your request. We will do our best to respond to your request within one month, sometimes it may take us longer if you have made a number of requests or your request is complex. In this case, we keep you updated.

  1. CHANGES TO OUR POLICY

We reserve the right to modify this policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.

  1. JURISDICTION AND APPLICABLE LAW

Any dispute or claim arising out of or in connection with this policy shall be governed by and construed in accordance with the laws of England and the parties agree that the courts of England shall have exclusive jurisdiction.

  1. CONTACTING US

If you have any questions regarding this Policy or to access or correct your information, please contact us by writing to us at  privacy@biancaelgar.com or Data Privacy Manager, 9 Worton Park, Cassington, Witney, Oxon, OX29 4SX.