THE EU GENERAL DATA PROTECTION REGULATION (GDPR)
The General Data Protection Regulation (GDPR) is a new EU regulation aimed at helping to strengthen data protection for EU citizens and residents both within the EU and the wider world and was effective from 25 May 2018. This new legislation replaced existing data privacy law, giving more rights to you as an individual and more obligations to organisations holding your personal data. It replaces the existing Data Protection Directive (1995).
WHO WE ARE
Clean Sailors Limited, a company registered in England and Wales, with registration number 12454036. Clean Sailors is the “data controller” (contact details below). This means it decides how your personal data is processed and for what purposes. In general, you can visit www.cleansailors.com and its related sites and services without telling us who you are and without revealing any information about yourself. If, however, you contact us, or place an order with us, you will be asked to provide certain information such as your contact details and this data will be stored.
HOW WE USE YOUR DATA
To fulfil your order, you must provide us with certain information, such as your name, email address, billing and delivery addresses, payment information, and the details of the product(s) that you’re ordering. You may also choose to provide us with additional personal information (for a custom order, for example), if you contact us directly.
We use your personal data for the following purposes:
- to respond to your enquiries, requests, and comments;
- as needed to provide our services, such as when we use your information to fulfil your order, to settle disputes, or to provide customer support;
- when you have provided your affirmative consent, which you may revoke at any time, such as by signing up for our mailing list that we use to send you newsletters and information about products, services, promotions and administrative messages relating to our business;
- if you use our website to purchase or send gifts, we use the contact information (eg. email address) that you provide us with to send the gift to your requested recipients and provide other communications relating to these transactions;
- to comply with a legal obligation or court order or in connection with a legal claim, such as retaining information about your purchases if required by tax law;
- to maintain our own tax accounts and records as required by law;
- to improve the usability of the Clean Sailors website;
- to prevent fraud or potentially illegal activities (including copyright infringement) on our online services.
VISITORS TO OUR WEBSITE
When someone visits the Clean Sailors website we use a third-party service, Google Analytics. They gather anonymous standard internet log information and details of visitor behaviour patterns, for example, data of how people are using our site and then provide us with the visitor statistics, details of page views etc.
INFORMATION WE ASK FOR AT CHECKOUT
To fulfil your order, you must provide us with certain information. This can include some or all of the following:
- Name (used to verify your payment and for delivery)
- Email address (used to send transactional emails)
- Phone number (we’ll only share this with selected third-party delivery services if necessary)
- Billing address (used to verify your payment)
- Shipping address (used for delivery)
- Whether you’d like to receive offers and updates via email (you must opt-in to receive emails)
- If you’d like to add a gift note (used to write a gift note included in deliveries)
- Card payment details (used to process your payment through Shopify Payments - see below).
INFORMATION SHARING AND DISCLOSURE
Information about our customers is important to our business. We only share your personal information for very limited reasons and in limited circumstances, as follows:
- Service providers. We engage certain trusted third parties to perform functions and provide services to our shop, such as delivery companies. We will share your personal information with these third parties, but only to the extent necessary to perform these services. See below for more information.
- Business transfers. If we sell or merge our business, we may disclose your information as part of that transaction, only to the extent permitted by law.
- Compliance with laws. We may collect, use, retain, and share your information if we have a good faith belief that it is reasonably necessary to: (a) respond to legal process or to government requests; (b) enforce our agreements, terms and policies; (c) prevent, investigate, and address fraud and other illegal activity, security, or technical issues; or (d) protect the rights, property, and safety of our customers, or others.
PAYMENTS USING PAYPAL
Clean Sailors uses PayPal as a secure payment processor. At checkout, after choosing PayPal as your payment method and confirming your order, you are taken to a secure payment page hosted by PayPal. PayPal uses Transport Layer Security (TLS) protocol to encrypt these communications.
OUR THIRD-PARTY SERVICES (DATA PROCESSORS)
We do not sell your information to any third-party providers. However, we do use third-party services to deliver our products and operate our business. In general, the third-party providers will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
Each provider has information on their GDPR compliance as follows:
- Facebook (Data policy)
When you place an order using our website, we’ll send you transactional emails to the email address you provide at checkout. These transactional emails are only used to give you information about your order, such as:
- to confirm your order;
- to let you know your order has been dispatched;
- to let you know your order has been cancelled;
- to let your know your order has been refunded;
- to add a note to your order.
Transactional emails are facilitated by Shopify. Your email address and other personal information included in these emails is not shared with any other third-party companies and is only used to ensure you receive order updates.
Sometimes we’ll need to contact you regarding an order you’ve placed, for clarification, stock information and so on. We’ll use the email address you provided at checkout to get in touch under these circumstances.
This website is built on Shopify, a website content management system (CMS). This service may collect anonymous information about users’ activity on the website, for example, the number of users viewing pages on the site, to monitor and report on the effectiveness of the site and help us improve it. For more information about how Shopify processes data, please see their privacy notice.
SECURITY AND HOSTING
At Clean Sailors, we endeavour to take security seriously and have taken extra steps to protect your personal information. The domain and hosting for Clean Sailors are provided by 1&1 Ionos within a secure EU data centre.
Our website has been issued with a SSL Certificate, which uses advanced encryption to prevent hackers from reading any data that passes to or from the site. SSL Certificates protect our customers’ sensitive information by encrypting the data you send us, then decrypting it once we’ve received it..
WHEN YOU EMAIL US
Our primary email address (email@example.com) is hosted by 1&1 Ionos and is accessed via a third-party application, Apple Mail. You should be aware that any emails we send or receive may not be protected in transit. We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
IF YOU MAKE A COMPLAINT TO US
When we receive a complaint from a person we make up a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint. We will only use the personal information we collect to process the complaint and to check on the level of service we provide.
TRANSFERS OF PERSONAL INFORMATION OUTSIDE THE EU
We may store and process your information through third-party hosting services in the US and other jurisdictions. As a result, we may transfer your personal information to a jurisdiction with different data protection and government surveillance laws than your jurisdiction. If we are deemed to transfer information about you outside of the EU, we rely on Privacy Shield as the legal basis for the transfer, as Google Cloud is Privacy Shield certified.
YOUR RIGHTS AND PERSONAL DATA
Under the GDPR, individuals have the right to obtain:
- The right to request a copy of your personal data that Clean Sailors holds about you;
- The right to request that Clean Sailors corrects any personal data if it is found to be inaccurate or out of date;
- The right to request your personal data is erased where it is no longer necessary for Clean Sailors to retain such data;
- The right to withdraw your consent to the processing at any time;
- The right to request that the data controller (Clean Sailors) provides the data subject (you) with your personal data and where possible, to transmit that data directly to another data controller, (known as the right to data portability). (This only applies where the processing is based on consent or is necessary for the performance of a contract with the data subject and in either case, the data controller processes the data by automated means);
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on the further processing.
HOW TO CONTACT US
For purposes of EU data protection law, the data controller of your personal information is Clean Sailors Limited, a company limited by guarantee without share capital, registered in England and Wales with registered office address: 7 Bell Yard, London, WC2A 2JR, United Kingdom, under limited company registration number: 12454036. To exercise all relevant rights, queries or complaints please in the first instance contact: firstname.lastname@example.org .
We will report any unlawful data breach of our database or the database(s) of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
INFORMATION COMMISSIONER’S OFFICE
You can contact the Information Commissioner’s Office on 0303 123 1113 or via email or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.
Clean Sailors may update this policy and you should check this page from time to time to ensure that you are happy with any changes.
This page was last updated on 10 February 2022