It also tells you about your privacy rights and how the law protects you.
Who are We?
What personal data do we collect about you?
The personal data we collect will depend on the relationship you have with us. This personal data falls into these categories:
Identity Data includes title, first name, last name, username or similar identifier and an encrypted version of your login/password. If you interact with us through social media, this may include your social media user name.
Contact Data includes physical address, email address and telephone numbers.
Profile Data includes your username and password, purchases or orders made by you and preferences.
Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Marketing and Communications Data includes your preferences in receiving marketing content from us and your communication preferences.
We DO NOT collect, use or store any kind of data that falls into the “Sensitive Personal Data” category under the GDPR.
How we use your personal data
We may use your personal information to provide you with marketing content such as details of our promotions, new products and services and changes to the site.
We provide you with relevant product software and services updates.
We ensure better customer experience by providing you with personal benefits, such as discounts or customised offers based on previous purchases and possible friend referrals.
We will not disclose personal data collected by us (or supplied to us) to any 3rd party person or company for marketing purposes.
Security of your data
As a general principle, your personal data is stored and processed within the European Economic Area (EEA). However your personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. In case of transfer of your personal data to any third countries, as defined in General Data Protection Regulation (GDPR), valid law and regulations concerning such transfers are observed and relevant legal and security safeguards are ensured before such transfer. By submitting your Personal Data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your Personal Data and Sensitive Personal Data is treated securely and in accordance with this Policy.
All personal data is subject to restricted access and limited permissions. Access to all personal data sources is always password protected. Our website (www.regbox.co.uk) is protected by Secure Socket Layer/Transport Layer Security. Secure server software is used to encrypt the information sent between your Internet browser and our website. This ensures the security of data provided by you when using this site. Our website may contain links to and from the websites of our partners and 3rd party resources. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
If you are in the European Union, the General Data Protection Regulation applies to you and you have rights under data protection laws in relation to your personal data:
Specifically you have the right to:
The right of access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request rectification of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. That’s also known as the ‘right to be forgotten’ where you can ask us to delete the personal data we have about you. Your personal data will be deleted from Datalead Ltd servers without undue delay, while it might take a period of thirty (30) days to ensure complete deletion of any information that might be stored in our back-up.
Restrict processing of your personal data where you can ask us to suspend processing personal data.
Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Withdraw consent at any time to use your personal data. Please be aware that if you withdraw your consent, we may not be able to provide certain products or services to you.
Please note that prior to accessing and making changes to your account and data, we will need to verify your identity properly. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.
Cookies and tracking technology
Accuracy and Retention of Data
Except as permitted above, you undertake not to copy, store in any medium (including in any other website), distribute, transmit, re-transmit, broadcast, modify, or show in public any part of our website without our prior written permission or in accordance with the Copyright, Designs and Patents Act 1988.
Responsible for processing