Cookie Consent by TermsFeed

Privacy Policy

Who we are

Our trading name and website address is: https://blackheathpetsupplies.co.uk. Our company name is Lola & Henry Ltd.

What personal data we collect and why we collect it

Technical and personal data in the forms of cookies are collected automatically when you access our website. This is so that the site can run correctly. Upon first accessing the site, you will sign a consent form to allow us to collect and store these cookies, in compliance with GDPR and following the privacy procedures outlined in this policy. These permissions can be changed/deleted at any time through your browser.

Analytics are collected but are totally anonymised.

To sign up to our newsletter, we ask for your first name, and email address. This is for marketing purposes for Blackheath Pet Supplies only. Upon signing up to receive the newsletter, you will be asked to sign a consent form to allow us to collect, store and use this information in compliance with GDPR and following the privacy procedures outlined in this policy.

To successfully complete any orders you make on the site, we will collect personal data, such as name, email address, personal account preferences and address; and transactional data, such as purchase information.

We do not collect sensitive personal data.

You can also choose to create an account with us, saving your personal details into a database on the site.

Upon entering in your personal and transactional information and/or creating an account, you will be asked to sign a consent form to allow us to collect, store and use this information in compliance with GDPR and following the privacy procedures outlined in this policy.

Personal data is also generated from technical processes such as contact forms and comments. We collect this in order to respond to your contact request or comment appropriately. Upon submitting a contact form or comment, you will sign a GDPR compliant consent form to allow us to collect and store and use the personal data you provide, in compliance with GDPR and following the privacy procedures outlined in this policy.

Who we share your data with

Technical data

  • Cookies are shared with WordPress, our site host (link to privacy policy) Please see the relevant section below for further information.
  • If you request a password reset, your IP address will be included in the reset email. This is managed through WordPress. (link to privacy policy)
  • Analytics are anonymised and are processed through THE SUPPLIER (link to privacy policy) Please see the relevant section below for further information.

Personal and transactional data provided during online ordering:

  • We use FOOD SUPPLIER to supply and deliver our food and we will share your information with them to fulfil your order and for this purpose only (privacy INFORMATION HERE)
  • We use the Woocommerce plugin to power our online store and will data transactions take place through them (privacy INFORMATION HERE)
  • We use Mailchimp to process our newsletters and will share your data with them for this purpose only (privacy INFORMATION HERE)

Personal data

  • Comments – an anonymised string of your email address may be sent to Gravatar to check that it is in use. The Gravatar service Privacy Policy is available here: https://automattic.com/privacy/. Please see the relevant section below for further information.
  • Contact forms – we use WPForms (PRIVACY INFORMATION HERE) Please see the relevant section below for further information.

Cookies

If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Analytics

Our statistics are powered by Jetpack who provide completely anonymised data on how many visitors we receive, when, and from where. We do not collect IP addresses. Their privacy policy is HERE.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Contact forms

We use the WPForms plugin for our contact forms. Their privacy policy is HERE. Data is captured when someone submits a contact form, and how long you keep it. See the relevant section below for how long we keep your contact details for customer service purposes. We do not use the information submitted through them for marketing purposes, unless the personal has consented via our consent form.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Embedded content from other websites

We embed images from our Instagram page. When you click on these images, Instagram may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website. You can find Instagram’s privacy policy HERE.

No other third party sites are embedded.

How long we retain your data

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

For those with accounts, we hold personal and transactional details as long as the account is active i.e. as long as the customer chooses to hold their information with us in order to frequently order with ease. We define active as having ordered within the last 12 months. Inactive accounts will have their data deleted after 6 months of inactivity.

For those who opt not to create an account, we hold personal and transactional details for 12 months before deletion. You can request deletion at any time by following the guidance outlined in this policy. This is so we can meet HMRC financial responsibilities and is inline with GDPR guidance.

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

Contact form information is stored for 12 months before deletion. This is so we can meet business reporting responsibilities and is inline with GDPR guidance.

What rights you have over your data

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

You can request deletion (except cookies, which you must do yourself) at any time by emailing contact@blackheathpetsupplies.co.uk

Where we send your data

Visitor comments may be checked through an automated spam detection service.

Contact information

Contact@blackheathpetsupplies is our email for anything related to data.

How we protect your data

Technical: our online store is encrypted.

Security measures: we advise all accounts to have a strong password.

Our staff have undertaken training in GDPR and data privacy.

We aim to have completed a Privacy Impact Assessment by the end of 2021.

What data breach procedures we have in place

Our crisis management point of contact is contact@blackheathpetsupplies.co.uk. This email is accessible and with notifications 24/7.

In the event of being notified of any real or potential data breaches, we will escalate within 6 hours to our specialist IT team to rectify. We aim to determine who has been impacted within 12 hours and notify them with solutions as advertised by the IT within 24 hours.

Bug Bounty – as advertised in the footer of the site, if you spot a bug on the site that can impact data security, you can email us at contact@blackheathpetsupplies.co.uk and we will send you a bag of our dover road dog food, for free!

What third parties we receive data from

We do not receive any data from third parties.

What automated decision making and/or profiling we do with user data

We do not use this on our site.

Industry regulatory disclosure requirements

Blackheath Pet Supplies / Lola & henry Ltd is not a member of a regulated industry, nor subject to additional privacy laws.