Other Information
Privacy & Data Collection
We are committed to safeguarding and preserving the privacy of our customers and visitors to our site. This Privacy Policy explains what happens to any personal data that you provide to us, or that we collect from you whilst you visit our site. We do update this Policy from time to time so please do review this Policy regularly.
The laws that regulate the way we make use of your data are set out under the UK’s General Data Protection Regulations (GDPR) and the Data Protection Act 1998 (as amended). This requires data processors (such as ourselves or any business that collects data from you) to follow a series of rules to ensure your personal information is only collected for legitimate reasons, is stored and transferred securely, and is only shared with your awareness and consent.
This policy therefore sets out the reason we may collect data about you and how we use this data. It also explains where we may share your data with third parties.
You can find more about the legal framework that protects your data at the Information Commissioner’s Office website.
Information we collect
In running and maintaining our website we may collect and process the following data about you:
Use of your information
This information is necessary for us to undertake legitimate business activities, such as fulfilling our contract with you or providing information on our plants or aftercare following a sale. The information we collect via our website helps us to improve the website and so provide a more effective platform to advertise and sell our plants on, as well as provide you with the information you may need in doing business with us.
In addition to this we may in the future use the information for one or more of the following purposes:
If you have previously purchased goods or services from us we may provide to you details of similar goods or services, or other goods and services, that you may be interested in.
Where your consent has been provided in advance we may allow selected third parties to use your data to enable them to provide you with information regarding unrelated goods and services which we believe may interest you.
In order to use your information for the above purposes we will need to seek and secure your active consent. We may do so via an opt-in box on the registration process, or elsewhere on the website. Where such consent has been provided it can be withdrawn by you at any time by contacting us at info@crossgatenursery.co.uk.
Retention of your data
We keep a record of the information we collect during transactions for two years. It is important we keep records of previous orders to allow information to be reviewed following issues with transactions be resolved. Given the seasonal nature of our business we feel that two years is a reasonable amount of time to retain this information.
After two years, and assuming there has been no further transactions and information given to us, all personal data related to transactions are automatically deleted from our database.
You can contact us at any time at info@crossgatenursery.co.uk and request a deletion of any and all personal data we hold on you.
Sharing your personal data with third parties
In doing business with you it will be necessary to transfer personal data you have provided us with to third parties. For instance, we share your payment details with payment gateways (like PayPal) to transfer funds for your purchase. We also share your address details with postal operators to make sure your order gets to the right place!
We do our utmost to ensure that all reasonable steps are taken to make sure that your data is secure when being transferred. For instance, our website uses standard SSL encryption technology which means that all data that passes from you to us is encrypted to prevent interception.
Any third party that we might have reason to share your data with will be similarly protected. We also use well-established third party contractors with excellent track records for keeping data secure and safe. This is one of the reasons, for instance, why we prefer a postal operator like Royal Mail. The reputation and secure data processing protocols of these companies protect us as much as they protect you.
Transferring your personal data outside of the UK and EU your personal data with third parties
We may from time to time need to transfer your data outside of the UK or the EU. This may happen, for example, where we have to transfer our website onto new hosts with servers outside of the UK or EU, or in dealing with a payment gateway or other third party who processes your personal data at a non-UK/EU site.
This does not change the level of protection you have under the relevant legislation. The GDPR places requirements on all businesses, no matter where they are located, to comply with the standards of data protection set out under the GDPR. In some instances this is facilitated by means of a data equivalency set up. This is the case between the UK and the EU, for example. In all cases however what matters is whether the data processor is processing data relating to a UK or EU national, regardless of where the processing takes place.
Limitations
Unfortunately, it is not possible to be completely certain that information we share on the internet is secure, even with the best practices and security protocols in place. While we will do everything in our power possible to keep your information secure, we must also remind you that we cannot fully guarantee this and must remind you that sending such information is entirely at your own risk.
Disclosing your information for other reasons
In addition to the reasons for sharing your personal data outlined above, there are exceptional circumstances when we may be required to share your personal data, such as:
Third Party Links
On occasion we include links to third parties on this website. Where we provide a link it does not mean that we endorse or approve that site’s policy towards visitor privacy. You should review their privacy policy before sending them any personal data.
Access to Information
In accordance with the Data Protection Act 1998 you have the right to access any information that we hold relating to you. Please note that we reserve the right to charge a fee of £10 to cover costs incurred by us in providing you with the information.
Contacting Us
If anything about this policy is unclear, or if you have any other questions related to the way we collect and process your data, please do not hesitate to contact us at info@crossgatenursery.co.u
The laws that regulate the way we make use of your data are set out under the UK’s General Data Protection Regulations (GDPR) and the Data Protection Act 1998 (as amended). This requires data processors (such as ourselves or any business that collects data from you) to follow a series of rules to ensure your personal information is only collected for legitimate reasons, is stored and transferred securely, and is only shared with your awareness and consent.
This policy therefore sets out the reason we may collect data about you and how we use this data. It also explains where we may share your data with third parties.
You can find more about the legal framework that protects your data at the Information Commissioner’s Office website.
Information we collect
In running and maintaining our website we may collect and process the following data about you:
- Information necessary for us to conduct business with you, such as your name and address to allow us to send your order to you.
- We currently take payment via Paypal. This means we do not collect payment information ourselves. Your account information is instead given to Paypal, and is therefore subject to Paypal’s data policies.
- Information about your use of our site including details of your visits, such as pages viewed and the resources that you access. Such information includes traffic data, location data and other communication data.
- Information provided voluntarily by you. For example, when you register on the website and enter your information on My Acciount Dashboard, or when you make a purchase.
- Information that you provide when you communicate with us by any means.
Use of your information
This information is necessary for us to undertake legitimate business activities, such as fulfilling our contract with you or providing information on our plants or aftercare following a sale. The information we collect via our website helps us to improve the website and so provide a more effective platform to advertise and sell our plants on, as well as provide you with the information you may need in doing business with us.
In addition to this we may in the future use the information for one or more of the following purposes:
- To provide information to you that you request from us relating to our products or services.
- To provide information to you relating to other products that may be of interest to you.
- To inform you of any changes to our website, services or goods and products.
If you have previously purchased goods or services from us we may provide to you details of similar goods or services, or other goods and services, that you may be interested in.
Where your consent has been provided in advance we may allow selected third parties to use your data to enable them to provide you with information regarding unrelated goods and services which we believe may interest you.
In order to use your information for the above purposes we will need to seek and secure your active consent. We may do so via an opt-in box on the registration process, or elsewhere on the website. Where such consent has been provided it can be withdrawn by you at any time by contacting us at info@crossgatenursery.co.uk.
Retention of your data
We keep a record of the information we collect during transactions for two years. It is important we keep records of previous orders to allow information to be reviewed following issues with transactions be resolved. Given the seasonal nature of our business we feel that two years is a reasonable amount of time to retain this information.
After two years, and assuming there has been no further transactions and information given to us, all personal data related to transactions are automatically deleted from our database.
You can contact us at any time at info@crossgatenursery.co.uk and request a deletion of any and all personal data we hold on you.
Sharing your personal data with third parties
In doing business with you it will be necessary to transfer personal data you have provided us with to third parties. For instance, we share your payment details with payment gateways (like PayPal) to transfer funds for your purchase. We also share your address details with postal operators to make sure your order gets to the right place!
We do our utmost to ensure that all reasonable steps are taken to make sure that your data is secure when being transferred. For instance, our website uses standard SSL encryption technology which means that all data that passes from you to us is encrypted to prevent interception.
Any third party that we might have reason to share your data with will be similarly protected. We also use well-established third party contractors with excellent track records for keeping data secure and safe. This is one of the reasons, for instance, why we prefer a postal operator like Royal Mail. The reputation and secure data processing protocols of these companies protect us as much as they protect you.
Transferring your personal data outside of the UK and EU your personal data with third parties
We may from time to time need to transfer your data outside of the UK or the EU. This may happen, for example, where we have to transfer our website onto new hosts with servers outside of the UK or EU, or in dealing with a payment gateway or other third party who processes your personal data at a non-UK/EU site.
This does not change the level of protection you have under the relevant legislation. The GDPR places requirements on all businesses, no matter where they are located, to comply with the standards of data protection set out under the GDPR. In some instances this is facilitated by means of a data equivalency set up. This is the case between the UK and the EU, for example. In all cases however what matters is whether the data processor is processing data relating to a UK or EU national, regardless of where the processing takes place.
Limitations
Unfortunately, it is not possible to be completely certain that information we share on the internet is secure, even with the best practices and security protocols in place. While we will do everything in our power possible to keep your information secure, we must also remind you that we cannot fully guarantee this and must remind you that sending such information is entirely at your own risk.
Disclosing your information for other reasons
In addition to the reasons for sharing your personal data outlined above, there are exceptional circumstances when we may be required to share your personal data, such as:
- In the event that we sell any or all of our business.
- Where we are legally required by law to disclose your personal information.
Third Party Links
On occasion we include links to third parties on this website. Where we provide a link it does not mean that we endorse or approve that site’s policy towards visitor privacy. You should review their privacy policy before sending them any personal data.
Access to Information
In accordance with the Data Protection Act 1998 you have the right to access any information that we hold relating to you. Please note that we reserve the right to charge a fee of £10 to cover costs incurred by us in providing you with the information.
Contacting Us
If anything about this policy is unclear, or if you have any other questions related to the way we collect and process your data, please do not hesitate to contact us at info@crossgatenursery.co.u