Logo
Shopping Cart

Shopping Cart 0 Items (Empty)

Quick Store Search

Advanced Search

Categories
WLA ties and Armbands

Privacy Info / Terms Of Use

Privacy Notice

Identity and Contact Details:

The Gunnerís Store Ltd, 35-37 Chapelgate, Sutton St James, Lincolnshire, PE12 0EF, UK is the Data Controller for all matters relating to personal data held by the company.

Purpose of Processing:

∑ We obtain Data for the purposes of:

∑ Processing Orders placed through our web shops, over the phone, by email, post and in store.

∑ Administering the Web site including the ability to ban IP addresses, identifying customers using our web shops in order to provide a smooth shopping experience. (see Cookie Information https://www.sentimentaljourney.co.uk/sj/ccp8/CookieInformation

∑ For the purposes of ordering/acquiring stock and supplies.

∑ For the purposes of accounts records and to respond to HMRC audit.

∑ Responding to customerís queries or complaints.

∑ To contact customers with information or queries about orders placed.

∑ Marketing purposes.

∑ Applying for Import/Export Licences from the relevant Government organisations.

∑ For use by the Authorities such as Police or security services to prevent or in the detection of crime.

∑ For the purposes of confirming that purchasers are legally able to buy certain kinds of goods which have an age restriction or other restriction.

∑ Recording details as required by legislation.

Lawful Basis for processing:

We have assessed and identified the Lawful Bases of our information gathering as ĎLegitimateí and ĎLegalí. These have been identified on the basis of the purposes given above; Legitimate interests are those required for processing customer orders of various types, buying items and placing orders with suppliers, interacting with customers, maintaining accounts records, marketing and information which may be imparted to the Authorities, recording CCTV on our physical premises in the interests of security and crime prevention and detection; Legal interests are those required by virtue of legislation such as the VCR act which specifies minimum age limits and records for the purchase of certain kinds of goods and records that must be retained and the Firearms Acts which specify certain personal details which must be recorded for the sales and purchases of specific types of goods.

Categories of Personal Data:

We obtain the following types of data from information entered by the customer in our web shops and by other means such as Email, and information and documents provided by customers:

Name, Address, Telephone number, Email address, IP address at the time of connecting to the web site (see our cookie policy for further information https://www.sentimentaljourney.co.uk/sj/ccp8/CookieInformation ), Part of unique identifying numbers of identity/age/address proof documents and any copies or scans provided by the customer, notes of any searches done such as in the electoral rolls to confirm age/address/identity and Authorities to purchase/possess certain types of goods as required by the relevant legislation, in common with all businesses accepting payment cards we hold copies of receipts in accordance with the provisions of the Payment Card industry standards, Records of items purchased by customers and items purchased from suppliers, details of items ordered, CCTV footage.

Where a minimum age is specified for the purchase of certain types of items by mail order we will consult online references such as the electoral roll to confirm the buyers age and address, if that search is unsuccessful we may request additional information from the customer to prove the persons eligibility to purchase the item. We will retain for as long as we consider necessary all proofs of age/identity to show that we have carried out due diligence in the event of an inquiry by the authorities.

Types of Recipients of Data:

In order to process customer orders Data which can identify an individual will be passed to the following types of organisation: Ourselves in order to process an order or service, Sagepay our Payment card processing gateway for the purposes of authenticating and authorising payment for goods and/or services over the internet; Worldpay who actually process the card payment and credit the funds to our bank; Paypal to seek or receive a payment and to obtain delivery details; Parcelforce for the purposes of delivery of customer orders weighing over 2 kilogrammes. We also use Royal Mail but no identifiable name is recorded by them during the provision of their service; The Police where there is a legal requirement for us to advise them of a transaction, or because we gain the opinion that there may be something potentially of interest to the police in the transaction.

To receive items which are being sent to us by suppliers or customers whether private or commercial we may need to pass basic data which can identify a customer such as name, address, telephone number, email address to Parcelforce in order for a collection and delivery to be achieved.

To Import items requiring a licence which for our use or on behalf of customers we need to provide basic Data to the Government organisation responsible for issuing the licence.

Transfers of Data to third country:

We do not transfer data to other countries outside the EU. Data in our webshops may be held on a server in another EU country with the appropriate safeguards as if it were held in the UK, this is the nature of the internet.

Retention Period:

We retain data for the minimum which is legally required or which we consider appropriate for the future protection of ourselves and/or because we consider it appropriate for the purposes of proving legal compliance at a time in the future or to assist the authorities in the prevention and detection of crime. The lengths of time for the types of information are as follows:

Order details/purchasing details; depending on format of record (e.g. Paper, email, web based record) from 15 days to 6 years. Card Payment details are held by card processor as a long-term record for their purposes in accordance with the Payment Card Industry PCI DSS standards.

Accounting information including order details: permanently but unless linked to a transaction with legal criteria, the recorded transaction only retains the customerís name as a reference.

Data required to comply or substantiate compliance with legislation is retained permanently.

Some of our processors such as Parcelforce will retain records for extended periods in order to provide a past delivery enquiry facility.

CCTV: 6 months or less as data is overwritten repeatedly making previous information unusable.

Rights of the Individual:

Individuals have the following rights with regard to the data we hold in connection with them:

Where we hold the Data on the Basis of Legitimate interest;

∑ The Right to erasure of any details we hold (for example an email address for marketing purposes)

∑ The Right to object to Data we hold or the use of the Data (although this may mean we cannot process a transaction an individual requires).

Where the Data is held on the basis of Legal Obligation there are no rights available for erasure of Data or to Object.

Individuals have the following rights (there are others which are not applicable to our Lawful Bases):

The right to be informed (the purpose of this document)

The right of access to Data held about them and for that information to be provided within 30 days of the request being received (note that sufficient information must be provided to allow the search for and provision of this information to take place). No charge can be made for this unless requests are unfounded or excessive.

The right of rectification if records held are incorrect in any way

The right to restrict processing.

The right to complain to the Information Commissioners Office whose details can be found at https://ico.org.uk/

Consequences of failing to provide personal Data:

Provision of Data required by law (for example, for purchase of an Air Weapon in a face to Face transaction, or for age verification in a mail order transaction) If a customer does not wish to provide such information then the no sale can proceed.

Data provided for purposes other than complying with the law will always relate to the supply of goods or services where we are either the supplier or the customer, in the vast majority of cases we will be the supplier. There is no legal or contractual requirement to provide the Data we require to process a customerís order (or to place an order with a business supplier, or to purchase goods being sold by an individual) but if the Data is not provided it may well be an impossible to complete the sale or purchase.

Specific Details Regarding Your Privacy on this website:

We have created this privacy statement relating to your use of our website in order to demonstrate our firm commitment to privacy. The following discloses our information gathering and dissemination practices for this web site.

We use your IP address to help diagnose problems with our server, and to administer our Web site and to ban IP addresses which we believe may be malicious. Your IP address is used to help identify you within the webshop environment (it should be noted that Dynamic IP addresses are not unique to an individual) and to gather broad demographic information.

Our site uses cookies to keep track of your shopping cart. We use cookies to identify you so we can retrieve your information so you don't have to re-enter it each time you visit our site. See our Cookie Policy for more information at https://www.sentimentaljourney.co.uk/sj/ccp8/CookieInformation or click the link in the Main Menu.

Our site's registration form requires users to give us contact information, like their name and email address, and unique identifiers. We use customer contact information from the registration form to send the user information about our company. The customer's contact information is also used to contact the visitor when necessary if they have subscribed to the mail list. Users may opt-out of receiving future mailings by choosing to un-subscribe. Unique identifiers are collected to verify the user's identity and for use in our record system.

This site may contain links to other sites. We are not responsible for the privacy practices or the content of such web sites.

Our site uses an order form for customers to request information, products, and services. We collect visitor's contact information and unique identifiers. Contact information from the order form is used to send orders and information about our company to our customers. The customer's contact information is also used to get in touch with the visitor when necessary. Users may opt-out of receiving future mailings. Unique identifiers are collected from Web site visitors to verify the user's identity and for use as account numbers in our record system.

Version 1 24th January 2017

Kryptronic Internet Software Solutions