This privacy policy applies to you, the user of our services and Brontë Birthplace who owns and provides those services.
The Brontë Birthplace takes the privacy of your information very seriously and by using our services you are accepting and consenting to our processing and use of your data as contained in this privacy notice.
Please read the following policy carefully to understand our views and practices regarding your personal data and how we will treat it.
Definitions and interpretation
In this privacy policy, the following definitions are used:
Data: collectively all information that you submit to Brontë Birthplace via our signup and via our Website. This definition incorporates, where applicable, the definitions provided in the Data Protection Act 1998 and the General Data Protection Regulations;
Brontë Birthplace is a company that is FCA Registration No. 9088.
User or you: any third party that accesses the services and is not either employed by Brontë Birthplace and acting in the course of their employment or engaged as a consultant providing services to Brontë Birthplace and accessing the provision of such services.
Website: the website www.brontebirthplace.com and any sub-domains of this site unless expressly excluded by their own terms and conditions.
Scope of this privacy policy
This privacy policy applies only to the actions of Brontë Birthplace and Users with respect to the services provided by us. It does not extend to any other services or websites that can be accessed from this website including but not limited to, any links we may provide to social media websites.
What data we collect
In general terms, we may collect the following data, which may include personal data, from you:
: Credit and debit card details. ; However please note that all payments will be processed through our trusted service partners and Brontë Birthplace will only retain these details within the merchant compliance procedure (certified).
In terms of our website, we may collect the following:
Our privacy policy applies to all of the above. Any or all of the above data may be required by us from time to time to provide you with goods and services.
How we use your data
We will use your data for the following reasons:
Our Legal basis for processing your data
We are required to advise you of our legal basis for processing your data. Brontë Birthplace collects and uses customers’ personal data because it is necessary for:
We may also seek your consent for processing and if we do, you have the right to withdraw this at any time. However, we only rely on consent as a legal basis for processing in relation to sending direct marketing communications to customers via email, text message or by social media.
Our legitimate interests
Brontë Birthplace has a legitimate interest to process your personal data in order to fulfill the following:
Retention Policy
We will not retain your data for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of data. Data retention periods may be legally imposed upon us or we may need to retain data to protect the vital interests of you or another natural person. However, the longest we will normally hold any personal data is 6 years after which time it will be deleted from our systems or destroyed.
Providing your personal data to others
In order to make certain services available to you, we may need to share your personal data with some of our service partners. These include IT, delivery, marketing or professional service providers.
Brontë Birthplace only allows its service partners to handle your personal data when we have confirmed that they apply appropriate data protection and security controls. We may also impose contractual obligations on service providers relating to data protection and security, which means they can only use your data to provide services to Brontë Birthplace and you, and for no other purposes.
We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds. You can find information about the payment services providers’ privacy policies and practices on their website.
Your data will be encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). All payment service providers adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council. PCI-DSS requirements help ensure the secure handling of credit card information by our birthplace and it’s service providers.
We may also disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. We may also disclose your personal data where such disclosure is necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure
Brontë Birthplace will not disclose your personal data to any third party, except as set out above We will never sell or rent our customer data to other organisations for marketing purposes.
Cookies
Our websites use cookies to collect information. This includes information about browsing and purchasing behaviour by people who access our websites. This includes information about pages viewed, products purchased and the customer journey around our websites.
What are cookies?
Like most websites, our website uses cookies to collect information. Cookies are small data files which are placed on your computer or other devices (such as smart ‘phones or ‘tablets’) as you browse this website. They are used to ‘remember’ when your computer or device accesses our websites. Cookies are essential for the effective operation of our websites and to help you shop with us online. They are also used to tailor the products and services offered and advertised to you, both on our websites and elsewhere.
Information collected
Some cookies collect information about browsing and purchasing behaviour when you access this website via the same computer or device. This includes information about pages viewed, products purchased and your journey around a website. We do not use cookies to collect or record information on your name, address or other contact details. Tribe can use cookies to monitor your browsing and purchasing behaviour.
How are cookies managed?
The cookies stored on your computer or other devices when you access our websites are designed by our website provider and are necessary to enable you to make purchases on our website;
What are cookies used for?
The main purposes for which cookies are used are: –
How do I disable cookies?
If you want to disable cookies you need to change your website browser settings to reject cookies. How you can do this will depend on the browser you use.
What happens if I disable cookies?
This depends on which cookies you disable, but in general, the website may not operate properly if cookies are switched off. If you only disable third-party cookies, you will not be prevented from making purchases on our sites. If you disable all cookies, you will be unable to complete a purchase on our sites.
Please visit www.aboutcookies.org to find out more about cookies
Your rights
You have a number of rights over your data as covered by data protection law. We have produced a short summary of these rights (below) however full details can be found by visiting the Information Commissioners Office (ICO) via www.ICO.gov.uk
A summary of your rights are as follows:
• the right to be informed; before we begin processing your data, we will tell you what we need, why we need it and what we intend to do with it.
• the right of access; You have the right to ask us to provide you with the data we hold about you. This is usually completed via a Subject Access Request.
• the right to rectification; You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.
• the right to erasure; In certain instances, you have the right to have your data erased without undue delay. There are however a number of exclusions and details of which can be found by contacting the ICO.
• the right to restrict processing; In certain instances, you have the right to restrict the processing of your personal data. However, there are a number of exclusions and details of which can be found by contacting the ICO.
• the right to object to processing; You have the right to object to our processing of your personal data on grounds relating to your particular situation. If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling legitimate grounds for the processing which override your interests. You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your personal data for this purpose.
• the right to data portability; You have the right to ask us to provide you with the data we hold about you. Where appropriate, we will provide this to you in a structured, commonly used and machine-readable format. This right does not apply where it would adversely affect the rights and freedoms of others.
• rights in relation to automated decision making and profiling. If we undertake these activities using your data, we will adopt suitable procedures and you have the right to understand and challenge these.
We would again stress that the above is not exhaustive and for full details of your rights, please visit the Information Commissioners website.
Links to other websites
This website may, from time to time, provide links to other websites. We have no control over such websites and are not responsible for the content of these websites. This privacy policy does not extend to your use of such websites. You are advised to read the privacy policy or statement of other websites prior to using them.
Transferring Information Internationally
We may transfer information collected about you to third parties acting on our behalf that may be located in countries outside of the European Economic Area (“EEA”). Countries outside the EEA may not offer the same level of protection for the information collected about you as those inside the EEA, although we will at all times continue to collect, store and use your information in accordance with this Privacy Policy and the Data Protection Act 1998.
You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.
Security
Data security is of great importance to us and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected.
If password access is required for certain parts of the website, you are responsible for keeping this password confidential.
We endeavour to do our best to protect your personal data. However, transmission of information over the internet is not entirely secure and is done at your own risk. We cannot ensure the security of your data transmitted to the Website.
Complaints
We take complaints we receive very seriously. If you consider that we have in some way infringed your rights or data protection law, please let us know and we will do all we can to investigate this. Alternatively, you have a legal right to contact the relevant supervisory authority responsible for data protection. In the case of the UK, this is the Information Commissioners Office. (Telephone – 0303 123 1113 or via email or in writing to Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF)
Changes of business ownership and control
We may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of Brontë Birthplace. Data provided by Users will, where it is relevant to any part of our business so transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this privacy policy, be permitted to use the data for the purposes for which it was originally supplied to us. We may also disclose data to a prospective purchaser of our business or any part of it.
In the above instances, we will take steps with the aim of ensuring your privacy is protected.
General
You may not transfer any of your rights under this privacy policy to any other person. We may transfer our rights under this privacy policy where we reasonably believe your rights will not be affected.
If any court or competent authority finds that any provision of this privacy policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this privacy policy will not be affected.
Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.
This Agreement will be governed by and interpreted according to the law of England and Wales. All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the English and Welsh courts.
Changes to this privacy notice
We keep our privacy notice under regular review. We reserve the right to change this privacy policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Website and you are deemed to have accepted the terms of the privacy policy on your first use of the Website following the alterations.
How to contact us
If you want to request information about this privacy policy you can email us at hello@brontebirthplace.com