Bork & Co Privacy Policy
What this Privacy Policy covers
We are providing this Privacy Policy to explain our data collection, use and storage of any personal data which we process. Bork & Co is the data controller and responsible for your personal data.
Bork & Co is committed to protecting your privacy and uses the most powerful and safe online experience. This statement of privacy applies to our processing activities in general. The conditions of processing of personal data and the purposes for which personal data may be collected, stored and used are described in this Privacy Policy.
New legislation
The General Data Protection Regulation (GDPR) provides new rights to individuals regarding the collection, storage and use of their personal data. This Privacy Policy has been updated to take account of any new requirements under GDPR, which has been enacted in the UK via the revised Data Protection Act 2018. Also covered in this Privacy Policy are the requirements of the Privacy and Electronic Communications Regulations 2003 updated 2004 and 2011 (PECR). A revised ePrivacy Directive will be enacted into UK law and any changes will be adopted in a revised Privacy Policy.
Who is the Data Controller?
Bork & Co.
Data Controller contact details
If You have any comments or questions about this privacy policy, please email gemma@gemmajohnson.co.uk
Responsible person
We have appointed a person to be responsible for overseeing questions in relation to this privacy policy. If you have any questions, please contact Gemma Johnson at gemma@gemmajohnson.co.uk
What is personal data?
Personal data means any information which relates to a living individual who can be identified either directly or indirectly by reference to an identifier such as their name, email address and other personal details such financial details etc.
Why do we process your personal data?
We process your personal data for the following purposes:
- Respond to enquiries or requests that you send us.
- To process and fulfill your order.
- To send you marketing information where we have lawful grounds.
- To help us improve the design and layout of the website, and to ensure that content is presented in the most effective manner for you and for your computer;
- In aggregate form, for statistical analysis and developing our marketing plans;
- To provide you with information about products, services or offers that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes (marketing emails). If you no longer wish to receive marketing emails, please send an email to gemma@gemmajohnson.co.uk
- To respond to any queries you make;
- To notify you about changes to our products and/or services (service emails).
We do not knowingly process personal data of children under 13.
Improved rights under the General Data Protection Regulation
You have some improved rights under the GDPR.
- Data Subject Access Request: You have the right to access the personal information we may hold about you. On receipt of such a request we will endeavour to respond to you as soon as possible, but at least within one calendar month. You must provide us with 2 forms of personal identity to ensure that we only disclose to you, information which is relevant to you personally. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
- Rectification: You have the right to request that we amend any personal information that may be incorrect or require updating.
- Erasure: You have the right to request that we delete any personal information pertaining to you. Any questions about these rights may be sent to gemma@gemmajohnson.co.uk
- Data Portability. Under GDPR there is a new right to data portability, primarily designed to make it easier for individuals to switch between service providers. This is unlikely to be relevant to your relationship with Bork & Co.
- The right to restrict processing. Individuals have a right to ‘block’ or suppress processing of personal data. If you decide to do this, we will continue to store the data, but not further process it until we have agreed a solution to the issue you have raised.
We do not collect any special categories of personal data, as defined by the GDPR.
Special categories of data under Article 9 of the GDPR are:
“racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation”
Is data collected from third parties or public domain sources?
Where we collect personal data from third party or public domain sources we provide a means to opt-out or unsubscribe on every message we send you.
What are our grounds for lawful processing?
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to perform the contract, we are about to enter into or have entered into with you.
- Where we need to comply with a legal or regulatory obligation.
- Where we have your consent.
Legitimate Interest: means the interest of our business in conducting and managing our organisation., our staff and our suppliers. We make sure we consider and balance any potential impact on the individuals to whom Legitimate Interest applies (both positive and negative) and your rights before we process your personal data for our legitimate interests and those of our business. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us at gemma@gemmajohnson.co.uk
Third parties
Bork & Co does not collect data from third parties.
How do we use your personal data?
All data that we obtain about you will be used in accordance with current data protection legislation and this Privacy Policy. We will use your data for the purposes of providing you with the services you have requested. We will also use it to analyse site usage and for marketing or promotional purposes. We believe this allows us to develop and improve the site and to provide a better service to you. We may also use your data to deal with any enquiries made by you, to resolve disputes and to troubleshoot problems.
Competitions
We operate competitions through the website which may require registration. The data you provide us with may be used to notify you that you have won, to confirm delivery of a prize or for other related purposes. On occasion, we may publicly post some of your data on the site, (for example on a winner’s page) where we will only identify you by your initials and place of residence. In some instances, a third party may operate or host a competition on the site and collect your data. In those cases, where we are not the operator or host of the contest or sweepstake, we have no control over the data collected and accordingly urge you to review the third party’s privacy policy before participating.
How to stop receiving communications
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We have established the following personal data control mechanisms:
Opting out
You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time at gemma@gemmajohnson.co.uk
We will not send marketing communications to individuals who have unsubscribed, opted-out or have otherwise asked us to
stop direct marketing.
Disclosure of your data to third parties and overseas transfers of your data
With your consent we, and if applicable, our partners or other trusted third parties, may use your data for marketing, market research, promotions and related purposes. We may also send you offers from Bork & Co, its affiliates and our promotional partners based on the data you have given Us. We may also pass your data to other parties as follows: (i) to the police, regulatory bodies, legal advisers or parties whose request we reasonably consider to be justified in connection with any alleged criminal offence, any suspected breach of the Bork & Co Terms of Use or any other abuse of our services by You.
Is data shared with 3rd parties and if so, who?
- We may have to share your personal data with the parties set out below for the purposes set out in the following information below. External Third Parties are all based in the United Kingdom
- Service providers acting as processors who provide IT and system administration services.
- Wuffoo
- MailChimp
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
Cookie policy
Cookies are small text files saved to Your computer and used to track Your navigation around the Site. Like many other website operators, we use “cookies” to record how you navigate the site on each visit. Cookies help us to determine the most popular areas of our site. Most web browsers automatically accept cookies, but you do not have to. If you do not want data collected through the use of cookies, or if you want to be notified when you receive a cookie, you can readjust your browser settings (usually via the “Help” section of the tool bar). However, please note that by disabling cookies your experience of the site may be affected as access to some parts of it may be limited. We do not control the use of cookies by third parties on third party websites.
What cookies do we use?
Strictly necessary Cookies
Generally, these cookies will be essential first-party session cookies. Not all first-party session cookies will fall into the strictly necessary category for the purposes of the Cookie legislation. Strictly necessary cookies will generally be used to store a unique identifier to manage and identify the user as unique to other users currently viewing the website, in order to provide a consistent and accurate service to the user.
Essential Cookies
These cookies are essential in order to enable you to move around the website and use its features, such as signing-up to receive emails from us.
Performance Cookies
These cookies generally collect information about how visitors use our website, for instance which pages visitors go to most often, and the pages that they don’t. This helps us to understand and improve the site, so it is easy to use and includes helpful content. They allow us to fix bugs or glitches on the website. These cookies don’t collect information that identifies visitors, so we can’t identify you. For example, we use “Google Analytics” cookies (a web analytics service provided by Google, Inc).
Data security – how we protect your data
We follow appropriate security procedures in the collection, storage and use of your Information so as to prevent unauthorised access by third parties.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
However, unfortunately, the transmission of information via the Internet is not completely secure. We cannot ensure the security of your Information transmitted by you to us via the internet. Any such transmission is at your own risk and you acknowledge and agree that we shall not be responsible for any unauthorised use, distribution, damage or destruction of your Information, except to the extent we are required to accept such responsibility by the GDPR, the Privacy and Electronic Communications Regulations or the Data Protection Act. Once we have received your Information we will use security procedures and features to prevent unauthorised access to it.
How we protect your information
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information and data stored on our website.
External links not covered by this policy
Please remember that when you use a link to go from our website to another website or you request a service from a third party, our Policy no longer applies. Your browsing and interaction on any other website or your dealings with any other third-party service provider, is subject to that website’s or third-party service provider’s own rules and policies. We do not monitor, control, or endorse the information collection or privacy practices of any third parties. We encourage you to become familiar with the privacy practices of every website you visit or third-party service provider that you deal with and to contact them if you have any questions about their respective privacy policies and practices. This policy applies solely to information collected by us through our website or services and does not apply to these third-party websites and third-party service providers.
Data Retention Policy
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
We will keep your personal data in connection with the services/products you have bought for 5 years after the last purchase. We need to retain this data for our own accounting purposes and for legal and tax purposes. In terms of personal data we use for marketing, we will keep this data for as long as we are able to market to you and if you withdraw your consent or opt-out of marketing communications, we will keep your contact details only to ensure that we do not contact you again for marketing purposes.
What to do if you have a concern
Please contact us first on gemma@gemmajohnson.co.uk and we will do our best to help you. If you are not satisfied you may contact the Regulator of GDPR, the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations 2003, updated 2004 and 2011 is the Information Commissioner’s Office. If you feel you wish to draw the Regulator’s attention to the way and the purposes for which we are processing personal data, you may contact the ICO by clicking on the following link https://ico.org.uk/concerns/
Changes to this Privacy Policy
Bork & Co reserves the right to change the policy from time to time. We encourage users to be responsible about their privacy and recommend that you consult this page frequently so that you are aware of our latest policy and can update your preferences if necessary. Your continued use of this site shall constitute your acceptance of any revised privacy policy.
When was this Privacy Policy last updated?
August 2020
