Privacy & Data Protection Policy
Last Updated: November 2023 | A commitment to transparency and security.At Tooaleta.co.uk, we recognize that our sophisticated clientele values discretion and security. We are deeply committed to protecting your privacy and ensuring that your personal data is handled in strict accordance with the UK Data Protection Act 2018 and the General Data Protection Regulation (GDPR). This policy outlines how we collect, use, protect, and respect your information.
1. The Data We Collect
We collect different types of personal data to provide our services effectively. This information may include:
- Identity Data: First name, last name, username, or similar identifiers.
- Contact Data: Billing address, delivery address, email address, and telephone numbers used for processing orders and delivery updates.
- Transaction Data: Details about payments to and from you and other details of products you have purchased from us. Note: We do not directly store complete credit/debit card details; these are handled by secure payment gateways.
- Technical Data: Internet protocol (IP) address, browser type and version, time zone setting, browser plug-in types, operating system, and platform used to access this website.
- Profile Data: Your purchases, orders, preferences, feedback, and survey responses.
2. How and Why We Use Your Data
Under UK data protection law, we must have a lawful basis for using your personal data. We generally rely on the following bases:
A. Performance of a Contract
We need your Identity, Contact, and Transaction Data to process your order, arrange delivery via our logistics partners (such as DHL or DPD), and handle payments. Without this data, we cannot fulfill your purchase.
B. Legitimate Interests
We use Technical and Profile Data to manage our relationship with you, improve our website functionality, prevent fraud, and ensure our network security. This is necessary for our legitimate business interests and does not override your fundamental rights.
C. Consent
Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending direct marketing communications via email. You have the right to withdraw consent to marketing at any time by contacting us.
3. Data Security & Transaction Safety
Protecting the integrity of our clients' data is paramount. We have implemented robust security measures to prevent your personal data from being accidentally lost, used, accessed in an unauthorized way, altered, or disclosed.
Our transaction security standards include:
- Utilizing industry-standard SSL (Secure Socket Layer) encryption for all data transmitted across our network.
- Maintaining secure network firewalls and regular malware scanning.
- Limiting access to your personal data to those employees, agents, contractors, and other third parties who have a strict business need to know. They will only process your personal data on our instructions and are subject to a duty of confidentiality.
4. Disclosure of Your Data to Third Parties
We promise never to sell your personal data. However, to fulfill our contract with you, we may have to share your personal data with select third parties. We require all third parties to respect the security of your personal data and to treat it in accordance with the law.
We may share your data with:
- Logistics Providers: Companies such as DHL, DPD, FedEx, and Kuehne+Nagel for the purpose of delivering your goods.
- Payment Service Providers: Secure gateways to process your payments and handle fraud prevention.
- Professional Advisers: Including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services.
5. Your Legal Rights
Under certain circumstances, you have rights under UK data protection laws in relation to your personal data. You have the right to:
- Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you.
- Request correction of the personal data that we hold about you.
- Request erasure of your personal data where there is no good reason for us continuing to process it.
- Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and you feel it impacts your fundamental rights and freedoms.
- Request restriction of processing of your personal data.
- Withdraw consent at any time where we are relying on consent to process your personal data (e.g., marketing emails).
If you wish to exercise any of these rights, please contact our Data Privacy Manager at info@tooaleta.co.uk. You will not have to pay a fee to access your personal data.
6. Cookie Policy
Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a seamless experience when you browse our website and also allows us to improve our site.
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer's hard drive.
Essential Functionality Cookies
The following cookies are strictly necessary for the operation of our website (e.g., enabling you to log into secure areas or use a shopping cart).
| Cookie Name | Description of Purpose |
|---|---|
| CART | The association with your shopping cart. |
| CATEGORY_INFO | Stores category info to display pages more quickly. |
| COMPARE | Items you have in the Compare Products list. |
| CURRENCY | Your preferred currency setting. |
| CUSTOMER | An encrypted version of your customer ID. |
| CUSTOMER_AUTH | Indicates if you are currently logged into the store. |
| FRONTEND | Your session ID on the server. |
| GUEST-VIEW | Allows guests to edit their orders. |
| LAST_PRODUCT | The most recent product you have viewed. |
| PERSISTENT_SHOPPING_CART | A link to your cart history if requested. |
| STORE | The store view or language selected. |
| WISHLIST | An encrypted list of products in your Wishlist. |
Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services such as Google Analytics) may also use cookies, over which we have no control.
7. Contact Us Regarding Your Data
If you have any questions about this privacy policy or our privacy practices, please contact our Data Privacy team.
Email: info@tooaleta.co.uk
Postal Address: [Insert your official business registered address here if desired]
We keep our privacy policy under regular review. This version was last updated in November 2023.
