1. Our statement on privacy
For the purpose of GPDR the ”Data Protection Officer” is Butikken Ltd.Our principal place of business is 200 Upper Richmond Road West. London SW14 8AN. Registred in United Kingdom. VAT: 161890301.
Your personal data is handled according to the following principles:
- We collect and store data generally to fulfil any orders placed through the site including:
- Processing your payment information
- Arranging for shipping
- Providing you with invoices and/or order confirmations
- Customer service
- Regulatory requirements
- We only collect data that we need for the purposes mentioned above.
- We don’t sell your data
- We keep your data secure
Below you can read more about how and why we gather and store your personal information – and what we do with it. You can also read about how you can exercise your rights as a data subject with us, e.g. request access to your data.
2. HOW WE COLLECT AND USE PERSONAL DATA
2.1 When you register with us
When you register with us, we ask for information such as your title, name, email address, delivery address, billing address, telephone number, company and your account details, such as your username and password. We store this information to make your shopping experience easier, so that you don’t need to re-enter your details every time you choose to shop on our website. We will retain your personal data indefinitely unless requested by you to be removed from our records.
2.2 When you place an order
2.2.1 When you place an order on our website
Once you place an order from our website we will gather information on the timing of your order. When your order is packed and ready to ship, we share your name, address, email and phone number with our carrier partners to fulfil your delivery.
In order to process the payment we will ask for your credit or debit card details. All credit/debit card payments are processed through Sage Pay, which provides a secure payment gateway (256-bit SSL certificate) processing payments for thousands of online businesses, including ours. It is Sage Pay’s utmost priority to ensure that transaction data is handled in a safe and secure way. For more information on Sage Pay please visit their site: https://www.sagepay.co.uk
Please note: Sage Pay deals with all payments. We never receive neither store any payment card details.
We keep a record of your purchases with us up to six month. This includes what you bought and when. There is no particular reason for this other than it helps us have an overview of the products we have sell.
2.2.2 When you place an order with us through telephone
If you wish to place and order and/or make a payment over the phone, you give us your consent to use your credit/debit card details to make the transaction on the card machine in the physical shop. Your purchase will then be processed as an in-store transaction. None of your payment card details will be written down or stored.
2.3 If we contact you or vice versa (direct interactions)
If we experience an unforeseen issue with processing your order we may use your email address or phone number (the email address and phone number you used to register with us (see 1.1)) to contact you. We will only contact you if it is absolutely necessary in order to provide you with the service you require.
We may keep a record of any email correspondence you send us. This helps us provide you with better customer service, and to improve the experience of our customers overall. Any information you send to us is confidential.
2.4 Technical data
When you visit our website our server automatically collects certain browser or device generated information (standard server logs) including but not limited to the following:
- Your domain
- Your IP address (can be useful to have in case of any fraudulent orders or security issues)
- The date, time and duration of your visit
- Your browser type
- Your page visits
- Internet traffic
- Other information about your computer or device
The above information is mainly used to administer and protect our business and this website (including data analysis, testing, system maintenance, support, reporting and hosting of data).
Butikken has its own email newsletter, which we send to the customers who wish to receive them. Subscribing to our newsletter is free of charge and non-binding, and you can unsubscribe anytime. You can subscribe to our newsletter by entering your email address at the bottom of our website our by contacting us.
You have the right to withdraw consent to recieving newsletters at any time by contacting us or clicking ‘unsubscribe’ at the bottom of the newsletter.
2.6 Third Party
3. Regulatory requirements
We collect and use your personal data on the following legal basis:
3.1 Performance of contract:
We process your personal data in order to fulfil our duties under the terms of the contract. Meaning we will be taking the necessary steps at your request before and when we have entered into a contract with you.
3.2 Our legitimate interest
Meaning we have a right to process your personal information if we have a genuine and legitimate reason and we are not harming any of your rights and interest. Some typical examples of when we might use this approach:
- Preventing fraud
- Data analytics
- Customer service
- Improving your user experience
3.3 Your consent
Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications (e.g. Newsletters) to you via email. You have the right to withdraw consent to marketing at any time by contacting us or clicking ‘unsubscribe’ at the bottom of the newsletter.
3.4 Our legal obligations
As a consumer in the EU your data rights are covered by General Data Protection Regulation (GDPR). If you wish to exercise any of your right, don’t hesitate to contact us at:
Telephone: (0044) +020 8876 1322
5.1 Request access
You have the right to request access to your personal data (data subject access request). In this instance we will provide you a copy of the personal we hold about you.
5.2 Request correction
If you believe that the data we have registered on you is inaccurate or incomplete, you have the right to ask us to update your information.
5.3 Request erasure
You can file a request asking that we delete or remove all your personal data that we have registered on you. However, we may not be able to erase all the data, as we are required to continue to store certain data for specific legal reasons, which will be notified to you, if applicable.
5.4 Right to object
You have the right to object to the processing of your personal data on certain grounds. You can for example object to the processing of personal data for direct marketing purposes.
5.5 Request restriction of processing
In certain scenarios you have the right to request that we restrict the use of your personal data, e.g. if you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.
5.6 Request the transfer
In a case where you would like us to supply you or a third party with your personal data in a structured, commonly used and machine-readable format. This only applies to automated information which you initially provided consent for us to use.
5.7 Withdraw consent
You have a right to withdraw your consent anytime, though this will not affect any of the processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you.