Last Modified Date: 4th July, 2018
For all our Services, the data controller — the company that’s responsible for your privacy — is Blueglass Limited.
1. Information Gathering and Usage
(a) Account Information
If you choose to subscribe to / register for our Services, we process (i) first name and last name, (ii) company name, (iii) billing address, (iv) shipping address, (v) email address, (vi) debit or credit card number, (vii) the expiration date, (viii) CVV code and (ix) IP address.
We do not store any card information. The card information is processed by our payments processor as described in paragraph 3. a) Service Providers. We store first name and last name, company name, billing address, shipping address, email address, and IP address.
Purposes for processing account information:
- in order to process the purchase;
- in order to place an order;
- in order to process the payment;
- in order to generate an invoice / receipt;
- in order to deliver your purchases to you;
- in order to identify and authenticate you when you login to our Services;
- in order to comply with the applicable legal provisions;
- in order to send you transactional / administrative emails related to an order, such as order updates;
- in order to send you transactional / administrative emails related to updates to our Services;
If you no longer wish to receive transactional / administrative emails you may opt out of them by cancelling your account according to the procedure described in paragraph 5. a) Access, correction, deletion.
(b) Checkout (Basket) Information
The checkout process contains two steps. In the first checkout step we process first name and last name, company name, email address, billing address and shipping address. We collect this information if you don’t finish the checkout process by placing the order.
Purposes for processing checkout information:
- to help you not to re-enter your personal data if you start the checkout process again.
(c) Contact Information
You may send an email message to us for any reason using the Contact Us page https://www.theeta.co/contactus on our website. In this case we process your full name and email address.
Purposes for processing contact information:
- to respond to your request.
(d) Informational and Marketing Information
In order to be kept up to date with our new or improved Services we process your e-mail address. You will be able to give your explicit consent for this informational and marketing information through the Registration page https://ww.theeta.com/register on our website.
Purposes for processing marketing information:
- to send you informational and marketing emails about our Services;
- to receive notifications when we publish a new News or Blog article.
How to stop informational and marketing messages from TheETA
You can stop receiving informational and marketing messages from us at any time.
You can do this:
- by changing your Consent in the ‘My account’ page https://www.theeta.co/customer/consent on our website;
- by clicking on the ‘unsubscribe’ link in any email;
- by contacting us using the Contact Us page https://www.theeta.co/contactus on our website.
Once you do this, we will update your account to ensure that you don’t receive further informationl or marketing messages.
Stopping marketing messages will not stop transcational / administrative service communications (such as, order updates, updates to our Services, updates to legal notices) or where you have asked us to provide information.
(c) Additional Information
You may choose to provide us with additional information by submitting your email address in any form available on our Services.
Purposes for processing additional information:
- to collect feedback about our Services.
Although most web browsers automatically accept cookies, you can modify your browser settings to refuse all cookies or to indicate when a cookie is being sent. If you reject cookies, you may still use our Services, but your ability to use some features may be limited, and user experience may also be affected.
We process data collected through the usage of Cookies:
- to identify your browser and/or device;
- to provide some features of our Services;
- to improve your user experience of our Services.
Here is a list of the main types of cookies we use, and what we use them for. We have described them using the categories recommended by the International Chamber of Commerce in the ICC UK Cookie Guide.
Strictly Necessary Cookies: These cookies are essential in order to enable you to move around the website and use its features, such as accessing the secure area of the website, accessing the forum, or commenting on our forum, news and blog posts. Without these cookies these Services cannot be provided.
Functionality Cookies: These cookies allow the website to remember choices you make and provide enhanced, more personal features. TheETA use this type of cookie when you tick “Remember Me” when logging in or registering to access a secure area of the website, or comment on our forum, news and blog posts.
By using the TheETA website you agree we may place these types of cookies on your device.
3. Third Parties with whom we Share Personal Information
We do not, and will not, sell any of your personal data to any third party – including your name, address, email address or credit card information. We want to earn and maintain your trust, and we believe this is absolutely essential in order do that.
(a) Service Providers
We work with third-party service providers to provide and improve our Services. We share:
- billing and payment information with PayPal to securely process payments, prevent, detect and investigate fraud or other prohibited activities; facilitate dispute resolutions such as chargebacks or refunds; and for other purposes associated with the acceptance of credit and debit cards;
- order information with our Vendors who fulfill your order.
With your consent, provided in written notice by email, we share or disclose your name, company or company URL as part of testimonials we make public.
(c) Change of Ownership
In the event that we are involved in a bankruptcy or insolvency, acquisition, merger, sale of assets or similar transactions, your information will be sold or transferred as part of that transaction. You will be notified via email of any change in ownership or uses of your personal data.
- comply with applicable laws;
- take precautions against liability;
- protect ourselves or others from fraudulent, abusive or unlawful activities;
- investigate and defend ourselves against any third-party claims;
- protect our property or other legal rights, enforce our contracts and terms.
Except as described in this Policy, we will not disclose your personal data.
4. How we Secure Personal Information
We store collected data:
- in a database provided by Microsoft Azure.
No method of safeguarding information is 100% secure. We follow generally accepted industry standards to protect the information submitted to us, both during transmission and once we receive it. We use SSL technology to encrypt data during transmission. Once we receive your information we make efforts to ensure security on our systems against accidental or unlawful destruction, accidental loss, unauthorised alteration, unauthorised disclosure or access, misuse, and any other unlawful form of processing your personal data in our possession.
In case of any security system breach, TheETA will notify you electronically so that you can take appropriate protective steps.
If you believe your personal data has been compromised, please contact us using the Contact Us page https://www.theeta.co/contactus on our website.
5. Control your Personal Information
We respect your privacy rights and provide you with reasonable access to your personal data that you have provided or we have collected through your use of our Services. If you wish to access or amend any other personal data we hold about you, or to request that we delete or transfer any information about you, you may contact us using the Contact Us page https://www.theeta.co/contactus on our website.
(a) Access, correction, deletion
If you have an account for our Services, we provide you with the ‘My account’ page https://www.theeta.co/customer/info to access, correct, delete or modify the personal information you provided to us and is associated with your account. Please note that while any change you make will be reflected instantly or within a reasonable period of time in the active users database, we retain information for backups, archiving, prevention of fraud and abuse, complying with legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so, but not exceeding the periods described in 7. Data Retention.
If you wish to permanently delete your account, you may contact us using the Contact Us page https://www.theeta.co/contactus on our website.
Alternatively, in the ‘My account’ page https://www.theeta.co/customer/info on our website are sections where you can:
- manage consent https://www.theeta.co/customer/consent;
- view the history of consents allowed or denied https://www.theeta.co/customer/consenthistory;
- view the communication received from TheETA https://www.theeta.co/customer/communicationthisstore;
- request deletion of your personal information https://www.theeta.co/customer/deleteInfo;
- download your personal information https://www.theeta.co/customer/DownloadMyinfo;
(b) Opting Out from Email Communications
If you wish to revoke your consent for receiving informational and marketing communications via e-mail, you can opt-out by:
- following the unsubscribe instructions in the email;
- replying to the email;
- revoking consent in ‘My account’ page on our website https://localhost:15536/customer/consent;
- contacting us using the Contact Us page https://www.theeta.co/contactus on our website.
6. Data Subject’s Rights
In accordance with the applicable legal provisions with regard to the processing of personal data and the free movement of such data, you have:
- the right to access the personal information we hold about you (this can be done in the ‘My account’ section of our website https://www.theeta.co/customer/info);
- the right of rectification / correction of inaccurate personal information we hold about you (this can be done in the ‘My account’ section of our website https://www.theeta.co/customer/info);
- the right to delete your personal data (this can be done in the ‘My account’ section of our website https://www.theeta.co/customer/deleteInfo);
- the right to data portability (this can be done in the ‘My account’ section of our website https://www.theeta.co/customer/DownloadMyinfo);
- the right of restriction of processing your personal data;
- the right not to be subject to a decision based solely on automated processing, including profiling; and
- the right to withdraw your consent to receive informational or marketing messages (which you can do by changing your Consent preferences in the ‘My Account’ section https://localhost:15536/customer/consent).
Furthermore, you have the right to complain to the data protection regulator – in the UK, the Information Commissioner’s Office.
For exercising these rights please contact us using the Contact Us page https://www.theeta.co/contactus on our website.
7. Data Retention
We only retain personal identifiable data received or collected from you for as long as an account is active or for a limited period of time as long as we need it to fulfil the purposes for which we initially collected it, unless otherwise required by law.
We will retain and use your information as necessary to comply with our legal obligations, enforce our agreements, and resolve disputes as follows:
- Account financial transactions are retained for a period of seven (7) years in accordance to the UK accounting and taxation laws.
- Checkout (basket) information prior to placing an order is retained for a period of forty-five (45) days.
- Contact information is retained for as long as your account is active. If you haven’t logged onto our website for three years we will delete your information from our systems. If you no longer wish to be a customer, you can also contact us using the Contact Us page https://www.theeta.co/contactus on our website and request to delete all the information we have on you.
- Information and Marketing messages will be sent until you withdraw your consent.
- Database backups are retained for one (1) year.
8. Link to Other Sites and Third-party Integrations
10. Child Privacy
Protecting the privacy of children is especially important. Our Services are not directed to persons under 16.
TheETA does not collect or solicit personal information from anyone under the age of 16 or allow such persons to purchase through our Services. If we become aware that we have collected personal information from a child under age 16 without verification of parental consent, we take steps to remove that information. If you believe that we might have any information from or about a child under 16, please contact us using the Contact Us page https://www.theeta.co/contactus on our website.
11. Contacting TheETA
If you have a privacy concern regarding TheETA, or this policy, you should contact us using the Contact Us page https://www.theeta.co/contactus on our website or write to us at:
- Blueglass Limited,
- 39 Wynford Avenue,
- LS16 6JN.