General Data Protection Regulation (GDPR)
We, Howad Ltd are the Data Controller. Our Data Protection Officer is Patricia Conlon who can be contacted at firstname.lastname@example.org
1. What information do we collect about you and how?
We collect personal data about you from you when you visit our web-site, place an order, enter a contest or sweepstakes, respond to a survey or participate in another site feature. Personal data will therefore include your name, address, telephone number, email address and credit card information.
Our legal bases for handling this data are therefore to enable us to perform a contract with you and in addition, processing the data is necessary for the purposes of our legitimate interests in ensuring you receive the services you have asked to receive from us.
In some cases, we may need to collect from you sensitive personal data, such as information concerning medical conditions, disabilities and special requirements. We need this in order to be able to handle any particular needs you may have in relation to your dealings with us. Sensitive personal data is handled with your express consent and such data will only ever be processed strictly with the intention of our providing to you the services you have asked us to provide to you.
We may also keep information contained in any correspondence you may have with us by telephone, post, email or other communication.
3. Other Websites
4. How will we use the information about you and why?
We will only use your personal information to provide you with our services as follows:
- Provide you with the goods you wish us to supply to you;
- Personalize your site experience and to allow us to deliver the type of content and product offerings in which you are most interested;
- Process your transactions;
- Administer a contest, promotion survey or other site feature;
- Suggest and recommend any goods that we provide;
- Manage our relationship with you e.g. by updating records if required, notifying you of any policy changes, asking for information etc.
Our work for you may require us to pass your information to our third-party service providers, agents, subcontractors and other associated organisations solely for the purposes of completing tasks and providing our services to you. In those instances, we will only provide the personal information necessary to deliver our services and we require those third parties to keep secure your personal data so that they may not use it for their own direct marketing purposes.
In particular, in the course of providing our services to you, we forward your personal data to:
- Any third party contractors/service providers (including their sub-contractors) and professional advisers that provide a service to us or act as our agents, on the understanding they keep the information confidential. These include, but are not limited to, any third parties that process information on our behalf (e.g. internet service and platform providers) and payment processing providers;
- Credit reference agencies and other companies for use in credit decisions, for fraud prevention and to pursue debtors, on the understanding they keep the information confidential;
- Insurance companies or regulatory authorities so as to comply with any legal and regulatory issues and disclosures;
- Any legal or crime prevention agencies and/or to satisfy any regulatory request if we have a duty to do so or if the law allows us to do so;
- Third parties for marketing purposes, although in this case only non-personally identifiable visitor information is provided.
We will only use this information subject to your instructions, data protection law and our duty of confidentiality.
5. Protecting your personal data.
We implement a variety of security measures to maintain the safety of your personal information. Your personal data is contained behind secured networks and is only accessible by a limited number of persons with special access rights to such systems. They are required to keep confidential any personal data they can access. When you place an order or access your personal information, we offer the use of a secure server. All credit information you supply to us is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our records available only to be accessed as stated in this policy.
We would like to send you information about services and products of ours which may be of interest to you. If you have consented to receive marketing, you may opt out at a later date.
You have a right at any time to stop us from contacting you for marketing purposes or giving your information to other members of our group.
If you no longer wish to be contacted for marketing purposes, please email email@example.com at any point and you can follow the “unsubscribe link” at the bottom of each email.
7. Access to your information, correction and deletion - your rights
The GDPR grants you the right to access particular personal data that we hold about you. You therefore have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please email or write to us at the following address: incognito/Howad Ltd, Unit 10 Baseline Business Studios, Whitchurch Road, London, W11 4AT, UK.
We shall respond promptly to any such request and in any event, within one month from the point of receiving the request and all necessary information from you. In certain circumstances, we may make a small charge for this service. Our formal response will include details of the personal data we hold about you, including the following:
- Sources from which we acquired the information;
- The purposes for processing;
- andThe persons or entities with whom we are sharing the information.
You also have the right to receive your personal data in a structured, commonly used and machine readable format and have the right to ask us to transmit it to another controller if technically possible.
We want to make sure that your personal data is accurate and up to date. You may ask us to correct or remove without delay any information about you that you think is inaccurate by emailing us at firstname.lastname@example.org or writing to us at incognito/Howad Ltd, Unit 10 Baseline Business Studios, Whitchurch Road, London, W11 4AT, UK.
You have the right to seek a restriction of the processing of your personal data in certain circumstances. Further, you have the right to lodge an objection if you feel that one of the grounds relating to your particular situation apply. When you exercise your right to object, we must stop any processing unless we can show compelling legitimate grounds for the processing, which override your interest, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.
Should you wish for us to completely delete all information that we hold about you, you should please contact our customer services who can be contacted at email@example.com or by writing to us at: incognito/Howad Ltd, Unit 10 Baseline Business Studios, Whitchurch Road, London, W11 4AT, UK.
How long will we hold your data for?
We keep information only for as long as is necessary in order to fulfil our services to you taking into account our need to meet any legal, statutory and regulatory obligations with which we are bound to comply. You will have the opportunity to opt out or update or delete personal data at any point should you need to do so and details are set out in this policy as to how to achieve this. Our need to use your personal information will be reassessed on a regular basis and we will dispose of personal data which we no longer require.
8. Transferring your information outside of Europe
We currently do not transfer your personal data outside the EEA. If in the future we transfer your personal data, in accordance with the terms of this Policy outside of the EEA, we will make sure that the party receiving the data agrees to provide the same or similar protection that we do and that the information they receive is used only in accordance with our instructions.
If you use our services while you are outside the EEA, your information may be transferred outside the EU to give you with those services.
If you feel that your personal data has been processed in a way that does not comply with the GDPR, you have a specific right to lodge a complaint with the relevant supervisory authority. The supervisory authority will then inform you of the progress and outcome of your complaint. The supervisory authority in the UK is the Information Commissioner’s Office.
11. How to contact us
By email: firstname.lastname@example.org
Or write to us at: incognito/Howad Ltd, Unit 10 Baseline Business Studios, Whitchurch Road, London, W11 4AT, UK.