Who we are
Our trading name and website address is: https://blackheathpetsupplies.co.uk. Our company name is Lola & Henry Ltd.
What personal data we collect and why we collect it
Technical and personal data in the forms of cookies are collected automatically when you access our website. This is so that the site can run correctly. Upon first accessing the site, you will sign a consent form to allow us to collect and store these cookies, in compliance with GDPR and following the privacy procedures outlined in this policy. These permissions can be changed/deleted at any time through your browser.
Analytics are collected but are totally anonymised.
To sign up to our newsletter, we ask for your first name, and email address. This is for marketing purposes for Blackheath Pet Supplies only. Upon signing up to receive the newsletter, you will be asked to sign a consent form to allow us to collect, store and use this information in compliance with GDPR and following the privacy procedures outlined in this policy.
To successfully complete any orders you make on the site, we will collect personal data, such as name, email address, personal account preferences and address; and transactional data, such as purchase information.
We do not collect sensitive personal data.
You can also choose to create an account with us, saving your personal details into a database on the site.
Upon entering in your personal and transactional information and/or creating an account, you will be asked to sign a consent form to allow us to collect, store and use this information in compliance with GDPR and following the privacy procedures outlined in this policy.
Personal data is also generated from technical processes such as contact forms and comments. We collect this in order to respond to your contact request or comment appropriately. Upon submitting a contact form or comment, you will sign a GDPR compliant consent form to allow us to collect and store and use the personal data you provide, in compliance with GDPR and following the privacy procedures outlined in this policy.
Who we share your data with
Personal and transactional data provided during online ordering:
- We use FOOD SUPPLIER to supply and deliver our food and we will share your information with them to fulfil your order and for this purpose only (privacy INFORMATION HERE)
- We use the Woocommerce plugin to power our online store and will data transactions take place through them (privacy INFORMATION HERE)
- We use Mailchimp to process our newsletters and will share your data with them for this purpose only (privacy INFORMATION HERE)
- Contact forms – we use WPForms (PRIVACY INFORMATION HERE) Please see the relevant section below for further information.
If you leave a comment on our site you may opt in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Embedded content from other websites
No other third party sites are embedded.
How long we retain your data
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
For those with accounts, we hold personal and transactional details as long as the account is active i.e. as long as the customer chooses to hold their information with us in order to frequently order with ease. We define active as having ordered within the last 12 months. Inactive accounts will have their data deleted after 6 months of inactivity.
For those who opt not to create an account, we hold personal and transactional details for 12 months before deletion. You can request deletion at any time by following the guidance outlined in this policy. This is so we can meet HMRC financial responsibilities and is inline with GDPR guidance.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
Contact form information is stored for 12 months before deletion. This is so we can meet business reporting responsibilities and is inline with GDPR guidance.
What rights you have over your data
If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
You can request deletion (except cookies, which you must do yourself) at any time by emailing email@example.com
Where we send your data
Visitor comments may be checked through an automated spam detection service.
Contact@blackheathpetsupplies is our email for anything related to data.
How we protect your data
Technical: our online store is encrypted.
Security measures: we advise all accounts to have a strong password.
Our staff have undertaken training in GDPR and data privacy.
We aim to have completed a Privacy Impact Assessment by the end of 2021.
What data breach procedures we have in place
Our crisis management point of contact is firstname.lastname@example.org. This email is accessible and with notifications 24/7.
In the event of being notified of any real or potential data breaches, we will escalate within 6 hours to our specialist IT team to rectify. We aim to determine who has been impacted within 12 hours and notify them with solutions as advertised by the IT within 24 hours.
Bug Bounty – as advertised in the footer of the site, if you spot a bug on the site that can impact data security, you can email us at email@example.com and we will send you a bag of our dover road dog food, for free!
What third parties we receive data from
We do not receive any data from third parties.
What automated decision making and/or profiling we do with user data
We do not use this on our site.
Industry regulatory disclosure requirements
Blackheath Pet Supplies / Lola & henry Ltd is not a member of a regulated industry, nor subject to additional privacy laws.