PRIVACY AND COOKIES POLICY
This is the privacy notice for http://itsprettygreen.com/ (the “website”).
PrettyGreen is the “controller” of personal data which is collected from you when you visit and use this Website for the purposes of the General Data Protection Regulation (GDPR).
Our corporate information is as follows:
Registered company number: 06594155
Registered address: PrettyGreen, 1 Old Street Yard, London, EC1Y 8AF
Privacy is very important to us and therefore we have created this privacy notice to tell you what personal data we collect from you when you visit and use this Website or communicate with us, including how we use your data, how we share it with others and how you can manage it.
If you have any questions about this privacy notice, then we would be glad to answer them; our contact information is set out below:
Post – Pretty Green, 1 Old Street Yard, London, EC1Y 8AF
Email – hello@itsprettygreen.com
Tel – +44 (0)20 7490 3449
Please read this privacy notice before you start using our Website, as it will apply to your use of the Website. By using the Website, you confirm that you accept the terms of this privacy notice. You should also read this privacy notice if you have entered into communications with us, as it applies to any personal data that we collect from you during our communications.
This privacy notice should be read together with any other privacy notices which are brought to your attention on other pages of this Website which, when relevant, will apply to certain uses of the Website in addition to this privacy notice.
This privacy notice may change from time to time, so please periodically review this page to ensure that you are still content with its terms and to continue to share your personal data with us.
This version the privacy notice is live from 26/06/18
Our Website may contain links to other websites, but please note that such websites are our out of this control and are not covered by this privacy notice. Should you visit other websites, then the owners of such websites may collect and use your personal data, so you should familiarise yourself with any privacy policies which they publish which we cannot accept any liability for.
What is “personal data”?
Under the GDPR “personal data” is defined as:
“any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
As a result, “personal data” includes, amongst many other things, your name, address, phone number, email address and any other information that could be used to identify you, either by itself, or together with other information. It can also include other less obvious identifiers, such as your IP address and cookie data.
What personal data of mine will PrettyGreen collect when I use this Website?
By using this Website:
Why does PrettyGreen collect and use my personal data?
There are a number of ways that we may use your personal data. These are set out below:
Consent
On occasion, we may use your personal data because you have consented to us doing so, which will be in the context of:
Whenever you have provided consent, we will use your personal data only for the purpose that we specify to you when you provide consent.
In any event, you will always have the option of withdrawing your consent at any time. In order to do so, please contact us by post, email or telephone, as set out above, or, as relevant, follow the unsubscription instructions that are contained within our communication (for instance, an unsubscribe link). Please note that our actions are guided by your consent, so if, for instance, we are using your email address to send you a newsletter, if you withdraw your consent then you will no longer be able to receive this newsletter.
Legitimate Interest
We may use your personal data as set out below where have a legitimate
interest, which will be in the context of:
In any event, you always have the right to object against us using your personal data for legitimate interests. In order to do so, please contact us by post, email or telephone, as set out above.
Contractual performance
We may use your personal data in order to perform a contract with you, for instance, to provide services to you as a client or engage with you as a supplier.
Legal obligation
We may use your personal data in order to comply legal requirements that apply to us as a company (for instance, towards HM Revenue & Customs).
What about ‘cookies’?
Cookies are small files which are sent to your computer, smartphone or other device automatically from a web server whenever you visit a particular website. Our Website uses cookies, much like most others but, specifically, we use Google Analytics which, via cookies, helps us to analyse how visitors use our Website.
All devices can block or delete cookies, which can be done by activating certain settings on your browser, however exactly how you do this will depend on your device and what browser you use.
If you would like to read more information on cookies, including on how to block or delete them, then you can do so by visiting:
www.google.co.uk/policies/technologies/cookies
Who do you share my personal data with?
We would never share your personal data with third parties for their own marketing or business purposes without your cosent, without it being required as part of a contractual obligation between us or without us being subject to a legal obligation to do so, however we use third party service providers in the course of our business for, amongst other things, web hosting, web security, web analytics, data storage, data back-up services, recruitment services and email services.
We take steps to ensure that any third parties service providers who handle your personal data comply with relevant data protection laws and protect your personal data and in any event, these third parties are limited in their ability to use your personal data for reasons other than providing services to us. Due to the nature of these services providers, which often operate in the ‘cloud’, your personal data may be used or stored outside of the EU. Whenever we transfer your personal data outside of the EU, it will only ever be to a country that has been deemed by the European Commission to provide an adequate level of data protection or, otherwise, using standard data protection clauses. Should you have any queries in relation to international transfers, please contact us by post, email or telephone, as set out above and we would be glad to confirm whether a transfer has been made on the basis of a European Commission decision or standard data protection clauses and, in the latter case, provide a copy of such clauses.
How long will you keep my personal data for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data.
How can I manage my personal data?
At any point while we are in possession of or using your personal data, you have the following rights:
Reasonable identification will be required from you if you exercise any of your rights above. In order to exercise any of your rights, please contact us by post, email or telephone, as set out above.
Please note that you have the right to lodge a complaint at any time about us and the manner in which we collect and use your personal data with any supervisory authority of the EU member state in which (a) you work, (b) you live or (c) an alleged infringement has taken place. The supervisory authority in the UK is the Information Commissioner’s Office, the contact details of which are set out below:
Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113
Email: casework@ico.org.uk