Under data protection legislation we are the Data Controller and are therefore required to inform you of the information contained in this Policy.
This Policy only relates to the collection, protection, disclosure and use of personal data belonging to individuals who visit www.cake-of-the-day.co.uk (the “Site”) or who otherwise provide us with their personal information. It does not relate to other websites that may be linked to from our site. We will use your information only for the purposes for which it was collected.
This Policy has been prepared to meet the requirements of all relevant laws and regulations relating to data protection, whether local, national or supranational, including (i) the Privacy and Electronic Communications Regulations (EC Directive) 2003 (S/2003i2426) (ii) the Data Protection Act 2018 (iii) all applicable requirements of the General Data Protection Regulation ((EU) 2016/679) (the “GDPR”) and any other national implementing laws, regulations and secondary legislation, as amended or updated from time to time in the UK unless and until the GDPR is no longer directly applicable in the UK and then (iv) any successor legislation to the GDPR and the Data Protection Act 2018 and also The Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011, (the “Acts”).
By providing your personal information to us, you agree that we may collect and use all personal information provided in the ways described in this Policy. If you do not agree with the terms of this Policy then please do not provide personal details to us.
Please note that we may need to update this policy on a regular basis to reflect changes in the law. We recommend that you check this page regularly to ensure that you have read the most recent version and are happy with any changes.
This policy was last updated on: 8th June 2020.
1.1 It is your choice whether or not to provide us with your personal information. Personal information (or ‘personal data’) means any information about an individual from which that person can be identified. It does not include data where the the identity has been removed (anonymous data).
1.2 The information we may collect from you includes but is not limited to:
1.3 We may provide you with the option to select whether you would like to receive information from us by opting in or out of receiving promotional offers. In some circumstances, you will not have the option to opt out, for example, when we are administering a transaction requested by you, or if we are satisfying a legal requirement.
2.1 Ways in which you may be providing us with personal information include:
2.2 The information we may collect includes, but is not limited to, data concerning traffic on our Site and location data.
2.3 By providing any personal information to us, you fully understand and clearly consent to the transfer, collection and processing of such personal information on accordance with the terms of this Policy.
3.1 Like many other websites we use ‘cookies’ to help us gather and store information about visitors to our Site.
4.1 We will only use personal information collected from you for the purposes for which it was collected (or for related purposes), to provide specific services that you request and to provide additional services that may be of interest to you, or in the following circumstances:
5.1 We will only use your personal information for the purposes for which it was collected, unless we reasonably consider that we need to use it for another reason and that that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is comparable with the original purpose then please contact us by email at firstname.lastname@example.org.
5.2 If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
5.3 Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required by law.
7.1 All personal information we collect from you is stored on secure servers.
7.2 The personal information that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the provision of support services. By submitting your personal information, you agree to this transfer, storing or processing. If your personal information is shared, you can expect a similar degree of protection in respect of your personal information as we require third parties to respect the security of your data and to take appropriate measures to protect your personal information in line with this Policy.
7.3 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent any unauthorised access.
8.1 We will only retain your personal information for as long as necessary for the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements, and for the uses set out in this Policy. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements. In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
9.1 We may disclose your personal information to:
10.1 We have a number of procedures and security measures in place to prevent your personal information being accidentally lost, used or accessed in an unauthorised way. In addition, we limit the access to your personal data to those employees and other third parties who have a business need to know. the will only process your personal information on our instructions and they are subject to a duty of confidentiality.
10.2 We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Where you have provided your consent to the collection, processing and transfer of your personal information for a specific reason you have the right to withdraw your information for that purpose at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent we may not be able to provide you with certain products or services. We will advise you if this is the case at the time you withdraw your consent. If you would like to withdraw your consent please email us at email@example.com. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose(s) you originally agreed to, unless we have another legitimate basis for doing so in law.
12.1 We try and respond to all legitimate requests within one month. Occasionally it may take us longer to respond if your request is particularly complex of if you have made a number of requests. In this case, we will notify you and keep you updated.
13.1 You have the right to make a complaint at any time to the Information’s Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.
Questions, comments and requests regarding this policy are welcomes and should be sent to firstname.lastname@example.org.