We are committed to protecting and respecting your privacy. This policy sets out the basis on which your personal data will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how it will be treated by us.
For the purpose of the Data Protection Act 1998 (“the Act”) the data controller is Persora Ltd whose registered office is at 29 High Street, Pershore, Worcestershire, WR10 1AA (“We”).
All enquiries concerning our use or storage of data should be sent to firstname.lastname@example.org.
Information we may collect from you
We may collect and process the following data about you:
Information that you provide us. This information about you that you give us by filling in forms on our site www.persora.com or by corresponding with us by phone, e-mail or otherwise. It includes information you provide when you register to use our site, place an order, sign up to an email newsletter. The information you give us may include your name, address, e-mail address and phone number. Note: We do not hold any Credit/Debit Card details. Information passed between our site and our payment provider WorldPay’s secure systems is encrypted.
If you contact us, we may keep a record of that correspondence;
We may ask you to complete surveys that we use for research purposes although you do not have to respond to them;
Details of transactions you carry out through our site and of the fulfilment of any contract between us;
Details of your visits to our site and the resources that you access.
Information we collect about you. With regard to each of your visits to our site we will automatically collect the following information:
technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number.
Information we receive from other sources. This is information we receive about you if you use any of the other websites we operate or the other services we provide. In this case we will have informed you when we collected that data if we intend to share those data internally and combine it with data collected on this site. We will also have told you for what purpose we will share and combine your data. We are working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies). We will notify you when we receive information about you from them and the purposes for which we intend to use that information.
Cookies are small encrypted text files that are sent to your browser from the websites you visit and are stored on your device.
We use the following types of cookies on the website:
These are temporary cookies that remain until you leave our web site or close the browser window. We use these to carry information across pages of our web site and in some cases, to prevent data from needing to be re-entered into forms.
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
We additionally make use of analytical cookies through Google Analytics. These cookies help us compile anonymous statistics that allow us to understand how visitors are using our web site, which pages are being visited, and help us improve it and its content. These cookies do not identify visitors personally.
Our use of Google Analytics will set the following cookies on your device (information taken from http://code.google.com/apis/analytics/docs/concepts/gaConceptsCookies.html)
This cookie is typically written to the browser upon the first visit to your site from that web browser, and is used to determine unique visitors to a site and is updated with each page view
This cookie is used to establish and continue a user session with your site. When viewing a page, the Google Analytics code attempts to update this cookie. If it does not find the cookie, a new one is written and a new session is established. Each time a user visits a different page on your site, this cookie is updated to expire in 30 minutes, thus continuing a single session for as long as user activity continues within 30-minute intervals.
Historically, this cookie operated in conjunction with the __utmb cookie to determine whether or not to establish a new session for the user.
This cookie stores the type of referral used by the visitor to reach your site, whether via a direct method, a referring link, a website search, or a campaign such as an ad or an email link. It is used to calculate search engine traffic, ad campaigns and page navigation and is updated with each page view.
Google offers an opt-out tool available at https://tools.google.com/dlpage/gaoptout which allows you to opt out of all their Analytics tracking for all web sites as an add-on to most popular browsers
Our website also carries embedded 'share' buttons to enable users of the site to easily share articles with their friends through a number of popular social networks. These sites may also set cookies when you are also logged in to their service. We do not control the dissemination of these cookies and you should check the relevant third party website for more information about these cookies.
To read more about cookies, what they mean, what they can be used for and why we have made this statement, please visit http://www.aboutcookies.org. We may amend this policy in line with future changes in legislation or best practice.
Where we store your personal data
All information you provide to us is stored on our secure servers. Where we have provided you (or where you have chosen) a password, user ID or PIN which enables you to access certain parts of our site, you are responsible for keeping this password, user ID or PIN confidential. We ask you not to share a password, user ID or PIN with anyone.
Unfortunately, the transmission of information via the Internet is not completely secure. So, whilst we will do our best to protect your personal data, we cannot ensure the security of your data transmitted to our site. Any transmission is at your own risk. Once We have received your information we will use strict procedures and security features to prevent unauthorised access.
When you buy from us
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. For more insight, you may also want to read Shopify’s Terms of Service here or Privacy Statement here.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
How we make use of the information
We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:
Where we need to perform the contract, we have entered into with you.
Where we need to comply with a legal obligation.
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
We use information held about you in the following ways:
To ensure that content from our web site is presented in the most effective manner for you and for your computer;
To provide you with information, products or services that you request from us or which We feel may interest you;
To allow you to participate in interactive features of our service where you choose to do so;
To notify you about changes to our service;
To analyse information about our users in order to identify their potential preferences.
In some cases we may use your personal information to pursue legitimate interests of our own, provided your interests and fundamental rights do not override those interests.
The situations in which we will process your personal information are listed below:
to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
to provide you, with information about goods or services we feel may interest you;
to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
We may disclose your personal information to any member of our group which means our subsidiaries, our ultimate holding company and its subsidiaries as defined under the UK Companies Act 2006.
We will not disclose your data to any third party outside our group for the purpose of direct marketing but we may from time to time provide you with information about goods and services which we feel may be of interest to you including those provided by third parties.
We will keep your details on file for a period of 6 years from the date of your last contact with us in order to simplify any future registration.
Sharing your information with Third Parties
We may have to share your data with third parties, including third-party service providers
Selected third parties including:
analytics and search engine providers that assist us in the improvement and optimisation of our site;
Couriers including: Royal Mail, Parcelforce, My Hermes and the DPD Group: They process name, address, email address and telephone number details only to enable them to deliver customer parcels.
Feefo: To process any review you give on Gadsby's service and products.
Google: To improve and optimisation of our website.
WorldPay: to process payment of any retail order you make with us.
All our third-party service providers and other entities in the group are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
You have the right to request us not to use your details for the purpose of providing you with information about the goods and services provided by our group (other than information which you have specifically requested). You can also notify us by contacting us at 29 High Street, Pershore, Worcestershire, WR10 1AA or by email at email@example.com.
The Act gives you various rights including the right to access information held about you. Your right to access can be exercised in accordance with the Act.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, please contact us at firstname.lastname@example.org.