We guarantee that you won’t ever receive junk mail, unwanted email, spam or telemarketing calls from us or anyone else as a result of becoming one of our customers.
All communications with us will be confidential. We won’t pass your information or data to any other organisation (unless you ask us to, of course). We won’t communicate with you except where it is necessary to advise you about some aspect of your order, to provide you with information relating to our delivery, products or services or because you have specifically asked us to.
A few other points. We use tight security procedures to make sure that any information you give us remains secure. We will never disclose your information or data to a third party without your express permission unless we are ordered to by the courts (although it is hard to imagine circumstances in which, say, the prevention of terrorism legislation could have any bearing on skincare products).
What happens to the information you give us? We treat it as if it is a sacred trust. We keep it secure on our computer systems and, naturally, will never ever share it with any other commercial organisation.
Also, just say the word and we will destroy all your records and never bother you again. Incidentally, we won’t ever make a nuisance of ourselves by sending you unwanted emails or making bothersome phone calls. If you want to know more (or to ask us to remove your details from our computer), please email firstname.lastname@example.org
If you never want to hear from us again (we’ll be gutted, of course) all you have to do is click on this link and follow the very simple instructions (it’ll take 30 seconds, we have timed it): unsubscribe
Stores information to ensure you only see the cookie message once.
‘ _session_id, unique token, sessional,’
Allows Shopify to store information about your session (referrer, landing page, etc).
‘_shopify_visit, no data held,’
Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
‘ _shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day,’
Counts the number of visits to a store by a single customer.
‘cart, unique token, persistent for 2 weeks,’
Stores information about the contents of your cart.
‘_secure_session_id, unique token, sessional storefront_digest, unique token, indefinite’
If the shop has a password, this is used to determine if the current visitor has access.
Stores information to ensure you only see the popup message once.
Stores information to ensure you only see the product popup message once.
Stores information to ensure you only see the location message once.
More (lots more) information
As you may be aware there is new, European legislation regarding privacy and the storage of information. What follows is a more detailed look at this important subject.
Three Things Limited t/a WILD AND PRECIOUS collects information from the public in a number of different ways. For example, we ask for contact and other information when members of the public contact us for information about our products. This may include information such as your name, email address or phone number in the first instance. We use this information to keep a record of our communications with you.
If you decide to make a purchase from us we need to gather such information as your delivery address.
Most of our orders are sent by courier. If we use a courier we will pass your address, phone number and email address on to our courier partners. They are data controllers in their own right and are fully responsible for the legal safeguarding of your information.
We will use your personal data to contact you with information and updates with regards your order or enquiry. This may be by post (within your parcel delivery), email, telephone or text message, depending on your preferences. We will also continue to ask about your marketing preferences, to ensure that you are still happy to be contacted by us and by which means.
Unless otherwise stated we will keep your data secure for six years after your final transaction with us.
What the Law says about protection of personal information
The Law on Data Protection is derived from various pieces of legislation. Most relevant is the General Data Protection Regulation (the ‘GDPR’), which became enforceable in May 2018. The GDPR states that personal data (information relating to a person that can be individually identified) can only be processed if there is a legal ground to do so. Activities like collecting, storing and using personal information would fall into the GDPR’s definition of processing. The GDPR provides six legal grounds (reasons) under which personal information can be processed (used) in a way that is lawful. For the processing to be permitted by law (lawful), at least one of the legal grounds must apply. The four legal grounds that are most relevant to TDE use of your personal information are:
- Legitimate Interest
- Legal Obligation
How the law applies to WILD AND PRECIOUS’s use of personal information
We will only use your personal information if we have:
- Asked you and have a record of your express and recent consent for us to do so;
- A ‘Legitimate Interest’ to do so to ensure we deliver your order and service your account to the best of our ability. Our use will be fair and balanced and never unduly have an impact on your rights;
- A sales contract with you that we can only fulfil by using your personal information, e.g. to send you a product that you have purchased;
- A legal obligation to use or disclose information about you, e.g. a court order may require us to process personal data for a particular purpose.
In extreme situations, such as an accident or medical emergency, we may share your personal details with the emergency services if it is essential for the preservation of life (yours or another persons’) for us to do so. This is the ‘vital interest’ ground for using your personal information. After the emergency, we will always try to inform you about how we had to use your information in that extreme situation.
We will not unduly prioritise our interests as an online retailer over your interests as an individual. We will always balance our interests with your rights. We will only use personal information in a way and for a purpose that you would reasonably expect in accordance with this Policy.
We will not rent, swap or sell your personal information to other organisations for them to use in their own marketing activities. We will on occasion put a leaflet about goods or services we feel might interest you, into your delivery parcel.
We will always ask for your consent before we communicate with you for certain purposes. For example, we will only email or phone you about your product order if we have an accurate record of your recent and freely given consent to do so.
You can withdraw your consent at any time by phoning +356 20 34 05 26 or emailing email@example.com
There are times when it is not practical to obtain and record consent. At those times, we will only process personal information if that processing would meet another legal ground e.g. Legitimate Interests, in which case we would only process in accordance with the law’s strict rules on legitimate interest processing.
Your data is only shared with our partner data processers or data controllers in order to fulfil a request from you, for information or products and services from WILD AND PRECIOUS. For example, your delivery data will be transferred to our trusted couriers to enable delivery of your goods. Your card details will be input into our fully compliant payment provider’s secure system in order to process a payment if you choose to pay for goods by card. In these circumstances it is necessary for WILD AND PRECIOUS to give relevant staff at our service providers access to your personal information. This access is only granted to the extent necessary for them to perform their services for us. We require all service providers to comply with strict rules to protect the information you have given us.
We do not share, sell or swap your information with other organisation for their own marketing.
Like all organisations, we comply with requests for the disclosure of personal information where this is required or permitted by law. This could include requests from law enforcement or tax agencies. In these circumstances, the request must be submitted in writing and in accordance with the relevant legal requirements.
If you believe your privacy rights have been violated, you may file a complaint with us or with the Information Commissioners Office https://idpc.org.mt