Last updated: 06-01-2021
WHO WE ARE.
Malc and Friends operates and maintains www.malcandfriends.co.uk and www.malcandfriends.com. If you wish to contact us, email: email@example.com
THE DATA WE COLLECT AND WHY.
We use your Personal Information only for providing and improving the Site. By using the Site, you agree to the collection and use of information in accordance with this policy.
Information Collection And Use.
While using our Site, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. Personally identifiable information may include but is not limited to:
- name, we collect this to reference you and properly address you in communications
- email address, email correspondence is our primary form of communication with our customers, we will send order confirmations and updates after an order is placed and may send you occasional marketing content
- address, we require an address for billing and postage services we will not send you any marketing material to any address you provide us
- Telephone, we collect a phone number you as a backup communication method in case we cannot contact you via email
Please note we do not store any form of bank details on our site and we do intend on changing this, we use PayPal as a third party payment gateway. When you place an order online you provide your payment details to PayPal and they then tell us whether the payment was successful or not, they do not share your payment information with us and we do not see or store this
COMMENTS AND REVIEWS.
We provide a contact form on our contact page. This allows you to contact us regarding customer service questions, such as product and order queries. We do not store any of your data when you post a contact request through this option. An email is generated and sent to our customer service team which will be actioned. The email address and information you provide in the contact form will not be used for marketing purposes.
COOKIES (NOT THE EDIBLE ONES UNFORTUNATELY).
Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your computer’s hard drive.
Like many sites, we use “cookies” to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Site.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
When interacting with our e-commerce systems such as adding a product to your cart, we will also add a session token cookie to your browser so we can maintain your basket even if you navigate away from the site and maintain the information you have provided throughout your visit.
EMBEDDED CONTENT FROM OTHER WEBSITES.
We avoid using embedded content on our site to help improve your privacy, although there are occasions when this is the best way for us to provide a high-quality service to you. One example of this form of embedded content is videos, as videos are large and can take a lot of your bandwidth when loading them. We embed videos from third-party sites such as YouTube as they have produced very good proprietary compression and transmission protocols which can save you loading times and bandwidth.
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
In every instance of embedded third-party content, it will be made clear to you, and you will see a logo of the hosting third party and a link to access the original content directly. We do not sell any advertising space on our site and therefore all third party content is chosen by us and we will take the decision on whether or not to use the content based on your privacy and security.
Like many site operators, we collect information that your browser sends whenever you visit our Site.
This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser type, browser version, the pages of our Site that you visit, the time and date of your visit, the time spent on those pages and other statistics.
All of the content provided is anonymised and we ensure that you as an individual cannot be identified based on your interactions or the data obtained from these interactions.
WHO WE SHARE YOUR DATA WITH.
We use PayPal as our payment gateway and processor. Therefore when you are redirected to the PayPal payment gateway, your order details are sent to PayPal This data includes :
- Order Reference Number – this is required for our system to communicate with WorldPay to check the payment status of your order and verify that the payment was successful
- Order Amount – this is used by PayPal to charge you the correct amount to cover your order
- Your Name – used for billing purposes this will be sent to your payment provider to verify the payment
- Your Billing Address – used for billing purposes this will be sent to your payment provider to verify the payment
- Telephone – used for PayPal to contact you if they notice anything unusual with your request
- Email- used for PayPal to contact you if they notice anything unusual with your request, they will also send you a verification email upon completion of your payment
We use Google Analytics for obtaining information regarding the demographics of our users and their interactions with our site so we can improve our service the data we share includes:
- Hashed Transaction Identifiers – these are hashed IDs to track your usage of the site and this is completely anonymised
- IP – the IP address you are using to access the site which is anonymised for your privacy ensuring that this cannot be assigned to any of your usage
- Browser Data – this contains information regarding your web browser and device used to see which devices and browsers are accessing our site
We will not share your information for marketing purposes.
HOW LONG WE RETAIN YOUR DATA FOR.
For customer order information and records we require that this data is stored for 6 years for tax and accountability reasons, this also allows us to save your details for any future orders that you place.
If you leave a comment or review, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
WHO ON OUR TEAM HAS ACCESS.
Select members of our team (2 members) have access to the information you provide us, these include the site administrator and 1 members of our management team. The data these members of staff can access include:
- Order information like what was purchased, when it was purchased and where it should be sent
- Customer information like your name, email address, and billing and shipping information.
Our team members have access to this information to help fulfil orders, process refunds and support you throughout your shopping experience with us. Access and actions completed by our staff are monitored and audited so that in the event of an issue we can rectify the problem quickly and efficiently.
WHAT RIGHTS YOU HAVE OVER YOUR DATA.
If you have an account on this site, ordered products or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. You can also opt out of any of our services.
To request a copy of the data we hold on you, have the data we hold on you removed or opt out of any of our services, please contact us and we will respond as soon as possible, but please note we maintain that these request may take up to 30 days from the date of the request to action.
HOW WE PROTECT YOUR DATA.
Our site uses https, SSL encryption to ensure your communications with us are secure. We also have our own software based firewalling solution to prevent unauthorised or automated access to our site and its backend. Data such as Passwords are stored using a one-way hash to ensure that your data is secure. We do not store any form of bank or card details via our site which means in the event of a data breach you can rest assured that these details are secure.
DATA BREACH PROCEDURES.
We also have a number of internal policies for actioning data requests and breaches. We maintain internal monitoring systems which regularly check for changes to our system and record and alert administrators regarding login attempts.
In the event of a data breach whether we will asset the situation and alert ALL potentially effect users, via email if possible and if not telephone.
WHICH THIRD PARTIES WE RECEIVE DATA FROM.
We do not receive data from any advertisers or third party companies regarding our users.
To contact us regarding data or privacy concerns please see our contact page