The Data Controller in respect of our website is Tout Ltd (04490890) of Tout Ltd, Riverside Farm, Church Street, Cheddar, Somerset BS27 3RB. You can contact the Data Controller by writing to Tout Ltd, Riverside Farm, Church Street, Cheddar, Somerset BS27 3RB or sending an email to firstname.lastname@example.org.
The data protection officer for the Data Controller is Steven Hockey. You can contact the data protection officer by writing to Tout Ltd, Riverside Farm, Church Street, Cheddar, Somerset BS27 3RB or sending an email to email@example.com.
We collect personal data about you. This means any information about an individual from which that person can be identified. This data is only collected from you when you provide it to us, such as through your use of our website and its features, when you contact us directly by email, phone, in writing, or via social media, when you order goods and services, when you use any of our other websites or applications or any other means by which you provide personal information to us.
We may receive information about you from third parties such as our affiliates, business partners, (where authorised or permitted by law) credit and fraud checking agencies as well as third parties with whom we have had no prior contact.
The type of information we collect about you includes information such as:
When you contact us by email, the information we collect about you will be your name and email address and any other information you provide to us.
When you contact us using the contact form on our website, we will collect:
We also collect any other information you provide to us, including any optional information.
Information we obtain from third parties will generally be your name and contact details, but also any additional information they provide to us.
We may also obtain personal information about you from certain publicly accessible sources, such as the electoral register, online customer databases, business directories, media publications, social media, websites, and other publicly accessible sources.
We will only use your personal information when the law allows us. Most commonly, we will use your personal data in the following circumstances:
The processing of your personal information to comply with legal obligations to which we are subject applies to legal obligations of other countries where they have been integrated into the legal framework of the United Kingdom, for example in the form of an international agreement which the United Kingdom has signed. Where the legal obligations of another country have not been so integrated, we will process your information to comply with such obligations where it is in our legitimate interest to do so.
We will process your personal information for one or more of the following purpose(s) only where we have obtained your consent to do so:
Where we process your personal information on the basis of your consent, you can withdraw your consent to such processing at any time by emailing us at firstname.lastname@example.org or writing to us at Riverside Farm, Church Street, Cheddar, Somerset BS27 3RB.
In general, we will retain your information for no longer than necessary, taking into account the following:
Where you contact us with an enquiry, we will retain your information for as long as it takes to respond to and resolve your enquiry, and for 48 further month(s), after which point we will delete your information.
We take appropriate technical and organisational measures to secure your personal information and to protect it against unauthorised or unlawful use or processing as well as against the accidental loss or destruction of, or damage to, your personal information, including:
Transmission of information (including personal information) over the internet is not entirely secure, and if you submit any information to us over the internet (whether by email, via our website or any other means), you do so entirely at your own risk. We cannot be responsible for any costs, expenses, loss of profits, harm to reputation, damages, liabilities or any other form of loss or damage suffered by you as a result of your decision to transmit information to us by such means.
Cookies are data files which are sent from a website to a browser to record information about users of a website.
You can reject some or all of the cookies we use on or via our website by changing your browser settings, but doing so may impair your ability to use our website or some or all of its features. For further information about cookies, including how to change your browser settings, please visit www.allaboutcookies.org
We use Google Analytics on our website to understand how you engage and interact with it. For information on how Google Analytics collects and processes data using cookies, please visit www.google.com/policies/privacy/partners/. You can opt out of Google Analytics tracking by visiting: https://tools.google.com/dlpage/gaoptout
We use web beacons in our marketing emails and on our website. For information on how third parties use information gathered from our use of web beacons, please visit https://www.campaignmonitor.com/policies/. Some (but not all) browsers enable you to restrict the use of web beacons by either preventing them from sending information back to their source (e.g. when you choose browser settings which block cookies and trackers) or by not accessing the images containing them (e.g. if you select a “do not display images (in emails)” setting in your email server).
You have the following rights in relation to your personal information, which you can exercise by writing to the following address: Riverside Farm, Church Street, Cheddar, Somerset BS27 3RB or sending an email to email@example.com:
You also have the right to lodge a complaint with a supervisory authority, which, for the purposes of the UK, is the Information Commissioner’s Office (ICO), the contact details of which are available here: https://ico.org.uk/global/contact-us/
For further information about your rights in relation to your personal information, including certain limitations which apply to some of those rights, please visit the following pages on the ICO’s website:
You can also find out further information about your rights, as well as information on any limitations which apply to those rights, by reading the underlying legislation contained in Articles 12 to 22 and 34 of the General Data Protection Regulation (GDPR), which is available here: http://ec.europa.eu/justice/data-protection/reform/files/regulation_oj_en.pdf
Where you request access to personal information, we are required by law to use all reasonable measures to verify your identity before doing so. Where we possess appropriate information about you on file, we will attempt to verify your identity using that information. If it is not possible to identity you from such information, or if we have insufficient information about you, we may require original or certified copies of certain documentation in order to be able to verify your identity before we are able to provide you with access to your personal information.
These steps are necessary to verify your identity in order to reduce the risk of identity fraud or identity theft by persons other than yourself asking for access to your personal information.
You have the following rights in relation to your personal information, which you may exercise in the same way as you may exercise the rights in the preceding section (Your rights in relation to your personal information):
You may also exercise your right to object to us using or processing your personal information for direct marketing purposes by:
Whenever you object to direct marketing from us by a different communication method to that of the marketing communications you have received from us, you must provide us with your name and sufficient information to enable us to identify you in relation to the communications you have received (for example, if you have received text messages from us and you wish to unsubscribe by email, we may need you to provide us with your phone number in that email).
Where you wish to purchase products or services from us, we require your personal information in order to enter into a contract with you. We may also require your personal information pursuant to a statutory obligation (in order to be able to send you an invoice for products and services you wish to order from us, for example).
If you do not provide your personal information, we will not be able to enter into a contract with you or to provide you with those products or services.
Where we intend to use your personal information for a new purpose other than the purpose(s) for which we originally collected it, we will provide you with information about that purpose and any other relevant information before we use your personal information for that new purpose and obtain your consent if required.
Please inform us of any changes to any information (including personal information) which we hold about you so we can keep the information we hold about you accurate and up-to-date.
Because we care about the safety and privacy of children online, we comply with the Children’s Online Privacy Protection Act of 1998 (COPPA). COPPA and its accompanying regulations protect the privacy of children using the internet. We do not knowingly contact or collect personal information from children under the age of 13. The website is not intended to solicit information of any kind from children under the age of 13.
It is possible that we may receive information pertaining to children under the age of 13 by fraud or deception. If we are notified of this, as soon as we verify the information, we will immediately obtain the appropriate parental consent to use that information or, if we are unable to obtain such parental consent, we will delete the information from our servers. If you would like to notify us of our receipt of information about children under the age of 13, please do so by sending an email to firstname.lastname@example.org. Individuals must be at least 18 years of age to register for the Signature Loyalty Club.
“Do Not Track” is a privacy preference that users can set in their web browsers. When a user turns on a Do Not Track signal in their browser, the browser sends a message to websites requesting that they do not track the user. For information about Do Not Track, please visit www.allaboutdnt.org
At this time, we do not respond to Do Not Track browser settings or signals. In addition, we may use other technology that is standard to the internet, such as pixel tags, web beacons, and other similar technologies, to track visitors to the website, or one of the affiliated pages. Those tools may be used by us and by third parties to collect information about you and your internet activity, even if you have turned on the Do Not Track signal.
The information will be retained by Lorgan Technologies Ltd, T/A Azpiral Loyalty Systems, the registered Data Controller, operating the Tout’s Signature Card. This information, as well as the details of the amount and description of purchases made with the Tout’s Signature card, together with some analysis of such purchases will be retained. We may, from time to time, send you information including offers of goods and services, events and competitions (from us or others) which we think you may find of interest. We may also conduct customer research to help us offer all customers the service they want, therefore, we may wish to contact you in relation to such research.