In order to provide you with the high quality service we aim for we have to store and use information about you. This page summarises how we deal with your personal information. Our general stance is that we use your information to provide a great service and that's where it ends. We do not pass that information on to others outside of the context of providing our service to you. We have tried to keep this summary understandable and friendly. If you feel you need more information, just drop us a line: email@example.com, input is welcomed.
Under the EU GDPR (General Data Protection Regulations) this is also the category of Personally Identifiable Information - PII, which is basically information that can be used to identify you - for example your name, address and telephone number.
So how do we handle your Personal Information and PII?
When you contact us, request a quote or place an order with us we store your name, address, delivery address and contact details in our database. Emails you send to us also represent a store of your information. We store this information so that we can deal quickly and efficiently with your request. There is security in place to stop unauthorised access to this information and we have an archiving policy in place too.
Update, View and Remove your information
We are of course happy to remove (also known as the 'right to be forgotten') or update your personal information in our records on request - in fact just to be clear that is your right. Just contact us via firstname.lastname@example.org and we will help to facilitate that. What I will say though is that were you have placed an order with us we will all need to think carefully about any bad consequences of removing your data. For example you would not want to invalidate a warranty by trying to force us to remove all details of a sale - and neither could we always do that because HMRC says we have to retain invoices for at least 8yrs. In essence we will do whatever we can to help and any motive for retaining data is just to ensure good service to you.
We work hard to keep our websites, our systems and your data secure. Our website is fully SSL which means that you can see the little padlock symbol popping up in the address bar. That means that the communication back and forth between you and our website is encrypted and secure.
If you place an order with us then we do need to keep most information because we need to know what we sold to you, especially if there is a product recall or similar, and we need to store up invoices for at least 8 years, but the motivation for keeping the information is to provide a better service, not to do anything else with it in the meantime.
We do not store Sensitive Information like your card details.
We do not try to cross reference your information with information about you from other sources.
We do not sneakily pass your personal information on to 3rd parties. Do NOT expect cold calls or cold emails from anyone as a result of dealing with us.
We do not send you marketing post by snail mail.
We do not 'mine' your data - for example we do not process it to try to find out who in our database is wealthy and that we should therefore contact.
We sometimes use Facebook advertising and we use the "Facebook Pixel" which captures your data to allow better targeting of advertising to make sure you see what is appropriate.
Third parties that we use
We use Shopify as our card transaction provider. They run a tight ship with rock solid security in place - and it should be because card transactions is the thing they are experts at, leaving us free to be stove experts. Shopify will store personal information about you and the transaction to log what has happened and to enable us to refund money back to your card. We never store your card details and have no access to them. So if you need to place an additional order then it should reassure you that you now know why we will ask for the card details again. Shopify are GDPR and DCI PSS compliant
We use Google Analytics to see website user stats, graphs, trends that sort of thing. This information is not PII. Google is GDPR compliant
We use Google Adwords - the adverts you see on Google and across some other websites. On our site we use an adwords tracker. Basically this tells us if you came to our site from one of those adverts so we can start to tell if the advert is working, or if we are wasting our money! Before we turn on that adwords tracker we ask for your consent. If you don't give it then we do not turn it on. Simple. Google is GDPR compliant
Deliveries and suppliers - if you place an order with us then we of course need to provide our couriers and delivery companies with your address and contact details and if part of your order is fulfilled direct from one of our suppliers (if for example your stove is coming straight from the manufacturer) then of course they will also need your details to go ahead with the order.