General Data Protection Regulations (GDPR) replaces The Data Protection Act in UK on 25th May 2018. This deals with the secure collection, storage & usage of clients’ personal data.
Having studied these changes it appears that we have always complied with the new requirements.
We do not and have never bought or sold data.
We do not engage in any direct marketing whatsoever- we do not need to.
Our website on-line shop is SSL certified and the certificate is regularly up-dated.
Information about customer orders is stored in a secure database with up-to-date security. No customer card details are stored in any of our systems and we never have direct access to customer card details.
Our systems are reviewed on a regular basis so that we can react to any threat posed.
Our system received a major review in early July 2023 and from then onwards all order details including customer name & address is automatically deleted after 3 months .
If a customer would prefer that we do not store any details about their order during those 3 months – then we will happily delete all order details from our system in response to an email from them.
Customer emails are regularly deleted after a few weeks – we have to do this anyway as our mailbox fills rapidly and leads to ‘mailbox full’ problems.
We will never contact a customer by email apart from replying to an email that they have sent to us.
We have always and will always treat you and your data with the utmost respect.
If we ever give you any cause for concern, please do not hesitate to contact us and we will ensure that your wishes are respected.