Chi Chi Cards UK Privacy Statement
This policy (together with our terms and conditions and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. We keep certain basic information when you visit our website and recognise the importance of keeping that information secure and letting you know what we will do with it.
For the purpose of the Data Protection Act 1998 (the Act), the data controller is Chi Chi Cards UK of Stockton-On-Tees, UK.
This policy only applies to our site. If you leave our site via a link or otherwise, you will be subject to the policy of that website provider. We have no control over that policy or the terms of the website and you should check their policy before continuing to access the site.
Information we may collect from you
We may collect and process the following data about you:
IP addresses and cookies
We only record, where available, the IP address of the computer from which you signed up to our website by creating an account, We will not record details about the operating system and browser type, nor any other technical data, nor will we use this data for any purposes other than potential fraud prevention.It will not be passed on to any third party. This data does not identify any individual and we will not collect personal information in this way.
Storage of cookies on your computer/device:
Cookies are tiny text files stored on your computer. Most frequently, cookies are stored for the duration of the current session, i.e. until you close your browser, but in some cases they are stored longer than this. Cookies help us to display our site with the relevant language and country information.
We only use a session cookie:
You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting the site will be displayed with the default language and country settings, which will be English and the United Kingdom.
Advertising and analytics cookies:
We do not use any form of Advertising cookies.
We use Google Analytics to analyse the use of our website by our customers and visitors. Google Analytics a web analysis service of Google Inc., (“Google”). The information generated by the cookie about your use of this website (including your IP address) will be sent to a Google server in the United States and stored there. Google will use this information to evaluate your use of the website, to compile reports on website activity for website operators and to report other website activity and internet-related services. If required by law, Google will pass along this information to third parties. Google will also pass along data to third parties for processing, provided this processing is done on behalf of Google. Under no circumstances shall Google connect your IP address with any other data held by Google.
Where we store your personal data
All information you provide to us is stored on our secure servers. Payment transactions are processed via secure payment gateways and therefore no payment details will be held by us. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access, including the use of SSL (Secure Sockets Layer) certificates, ensuring traffic between your broweser/device and out web servers are encrypted and secure.
We will store your data until:
Uses made of the information
We only use information held about you in the following ways:
Disclosure of your information
We will never disclose your personal information to any third parties, except for the following:
What Rights You Have Over Your Data
We will never use your personal data for marketing purposes.
You will have the ability to subscribe to our Newsletter, and you will have the option to unsubscribe at any time.
Our site may, from time to time, may contain links to and from the websites of our partner networks, advertisers and/or affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
If you are a registered user or have left reviews on our site you can request to see or download the data we have about you.
For visitors that have left reviews, the data displayed and stored will be public and as published by the visitor. The name left is the responsibility of the reviewer and we would advise that the information entered does not contain your full name or any other information that can be used to identify yourself.
For registered users or paying customers, this will also include profile information and contact histories.
You can also request “to be forgotten” and we will erase any personally identifiable data we have about you. Of course, this excludes data we need for administrative or security purposes or if we are required by law to retain some of the data.
An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct his/her query to firstname.lastname@example.org. We will respond within a reasonable time frame, not to exceed one week.
Access to information
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. There will be no charges for providing you with details of the information we hold about you.
We do not use email marketing, either through ourselves or any other third party, however we may send you “system” emails, such as password reset requests or payment notifications/receipts/order notifications as part of our usual service.
Our Data Breach Procedures
Should any event occur where customer data has been lost, stolen, or potentially compromised, our policy is to alert our customers via email no later than 48 hours of our team becoming aware of the event. We will also report such incident to any required data protection authority. We will work closely with any customers affected to determine next steps such as any end-user notifications, needed patches, and how to avoid any similar event in the future.