PRIVACY POLICY
INTRODUCTION
The website www.ewbank.co.uk is operated by Lancaster Holdings Ltd (“we”, “us” or “our”) and we are a “data controller” for the purposes of the Data Protection Act 2018 and the EU General Data Protection Regulation 2016/679. This means that we are responsible for, and control the processing of, your personal information.
This privacy policy relates to your use of our website. A separate privacy policy applies in relation to the processing of personal data other than through or in addition to through our website.
We take your privacy very seriously and we ask that you read this privacy notice carefully as it contains important information on:
- The personal information we collect about you
- What we do with your personal information
- Who your personal information might be shared with
WHAT TYPE OF PERSONAL INFORMATION WE COLLECT
Personal information means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We collect personal information about you when you register with us online, contact us or when you submit a response to an online questionnaire on our website.
- Identity Data includes first name, last name, username or similar identifier, title, date of birth
- Contact Data includes billing address, delivery address, email address and telephone numbers
- Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website
- Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses
- Usage Data includes information about how you use our website, products and services
- Marketing and Communications Data includes your preferences in receiving marketing from us
Please note that we do not collect or hold any personal information in relation to your payment information, such as credit/debit card details or any ‘Special Categories’ of personal information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
We may collect personal information about you from other sources (such as credit reference agencies), which we will add to the information we already hold about you in order to help us improve our products and services and help us access the initial credit limit to be applied to your account and as part of our annual review of your credit status.
HOW WE COLLECT YOUR PERSONAL INFORMATION AND WHY WE HAVE IT
Most of the personal information we process is provided to us directly by you and we will use it for one or more of the following reasons:
- To identify you and manage any accounts you hold with us
- To process your order and obtain payment
- To detect and prevent fraud
- To carry out security vetting
- To conduct research, statistical analysis and behavioral analysis
- To customise our website and its content to your particular preferences; – see ‘Cookies and Tracking’ section below
- To notify you of any changes to our website or to our products services that may affect you
- To improve our product and services
- To give to companies and organisations whose products you purchase through the website
- To let you know about other products or services that may be of interest to you—see ‘Marketing’ section below
Generally, we do not rely on consent as a legal basis for processing your personal information although we will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.
PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL INFORMATION
Under the General Data Protection Regulation (GDPR), the legal bases we rely on for processing your personal information are:
| Purpose of processing | Our legal basis |
| · Communicate with you about your account
· Notify you about changes to our services and to otherwise communicate with you. For example, we will use your contact details in order to respond to any queries that you submit to us · We use a third party for the purposes of managing and facilitating customer orders only |
Performance of a contract with you – we use your personal information in order to meet our obligations under our contract with you, keep you up to date with information about our services, and to respond to your queries |
| · Send you information about products and services, including promotions, exclusive offers, discounts, vouchers, free gifts, information about products and events | Legitimate interests – we use your personal information to send you this information. You have the right to object to processing of this nature and will always be given the opportunity to do so |
| · Review your past purchases and viewing history on our website to provide you with special offers or to tailor your experience online | Legitimate interests – we use your personal information to provide you with offers and to tailor your experience when using our online services |
| · Help us review, develop and improve the products and services we offer. For example, calls to customer services may be monitored and/or recorded for quality control and training purposes. We may also send you market research requests via email (which you can opt out of via that email)
· If you raise a query (for example about a product or about our service) while we still hold a recording of your telephone call, and we can investigate or answer your query by referring to this call, we may do so. This may mean that your call recording will be held until your query has been resolved |
Legitimate interests – we use your personal information to help us deliver the best quality of service to you and all our customers |
| · Improve and measure the effectiveness of our marketing communications, including online advertising
· We share cookie and other data (including online and offline purchase data) with entities such as Google, YouTube, Twitter, Instagram, and Facebook in order to make our advertising more relevant to you. Please see our Cookies and Tracking Section for full details of the cookies used. We require any such third parties to treat your personal information as fully confidential and to fully comply with all applicable data protection legislation |
Legitimate interests – we use your personal information to deliver you a tailored experience when using such digital services, to help us understand the effectiveness of our advertising, and to make sure you see adverts that are most relevant to you |
| · Provide, enhance and personalise your experience on our digital services provided from our web and mobile portals | Legitimate interests – we use your personal information to deliver you a tailored experience when using our digital services |
| · Carry out security checks and identity checks to protect against fraudulent transactions and to prevent and detect criminal activity, such as money laundering | Legitimate interests – we use your personal information to protect against unlawful activities and comply with laws applicable to us. In some cases, we may also be under a legal obligation to disclose your personal information (for example, to law enforcement agencies). Furthermore, if you are from a public authority, we use your personal information on the basis that it is necessary in the public interest or in exercising official authority for us to prevent fraud and money laundering |
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
MARKETING
We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided.
From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, SMS or other electronic messaging services, phone, fax or mail. We may use the information to customise the website according to your interests.
We use third parties to carry out certain activities on our behalf that involve the processing of personal information, particularly a third-party service provider to send promotional material via postal mail. We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.
You can opt out of us or any third parties sending you marketing messages at any time by sending an email to [email protected] or via the unsubscribe link at the bottom of emails we send to you. Please see ‘The right to ask us to stop contacting you with direct marketing’ below for further information.
Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase or other transactions.
COOKIES AND TRACKING
USE OF COOKIES
A cookie is a small text file which is placed onto your computer (or other electronic devices) when you access our website. We use cookies on this website to:
- recognise you whenever you visit this website (this speeds up your access to the website as you do not have to log in each time)
- obtain information about your preferences, online movements and use of the internet
- carry out research and statistical analysis to help improve our content, products and services and to help us better understand our customer requirements and interests
- target our marketing and advertising campaigns more effectively by providing interest-based advertisements that are personalised to your interests
- make your online experience more efficient and enjoyable
In most cases we will need your consent in order to use cookies on this website. The exception is where the cookie is essential in order for us to provide you with a product or service you have requested.
CONSENT
If you visit our website when your browser is set to accept cookies, we will interpret this as an indication that you consent to our use of cookies and other similar technologies as described in this website cookie policy. If you change your mind in the future about letting us use cookies, you can modify the settings of your browser to reject cookies or disable cookies completely.
DESCRIPTION OF COOKIES
The tables below provides some information on the cookies which we use on our websites.
Pik-a-Pak Cookies:
| Cookie Name | What it does | Why is it used | How long it lasts |
| _pik-a-pak_session | Unique session key to identify you | So we can make sure your visit on the site is not hijacked | Until the browser session closes |
| _gid | Site analytics | Used to distinguish users | 24 Hours |
| _ga | Site analytics | To visualize how the site is being used | Until the browser session closes |
| _gat | Google Tag Manager | Used to throttle request rate | 1 Minute |
| _cfduid | Identifies a user to Cloudflare our security provider | If Cloudflare challenges a user, it stores the acknowledgement of that challenge in this | Persistent |
| remember_user_token | Stores an anonymous token that identifies which user is logged in | Keeps you logged in while you use the site | 3 months, or until you press the sign out button |
| LSW_WEB | Enables the use of GetSocial toolbars for sharing webpages on social networks | Used to tack social shares | Until the browser session is closed |
Go Shop Direct Cookies:
| Cookie Name | What it does | Why is it used | How long it lasts |
| JSESSIONID | Used to session state tracking | To ensure the state can be remembered | Until the browser session is closed |
| NID | Cookie from Google | Used to remember preferences and other information such as preferred language and how many search results you want to have shown per page | 6 Months |
| 1P_JAR | Google uses this cookie | Based on recent searches and interactions, to customise adverts on Google websites | Until the browser session is closed |
| ANID | Google uses this cookie | Is used for advertising served across the web and stored in google.com | Persistent |
| _gat | Google tag manager | Used to throttle request rate | 1 Minute |
| _gid | Site analytics | Used to distinguish users | 24 Hours |
| _cfduid | Identifies a user to Cloudflare our security provider | If Cloudflare challenges a user, it stores the acknowledgment of that challenge in this | Persistent |
| LSW_WEB | Enables the use of GetSocial toolbars for sharing webpages on social networks | Used to track social shares | Until the browser session is closed |
| CONSENT | Facilitates embedded YouTube videos | Registers anonymous statistical data on for example how many times the video is displayed and what settings are used for playback | Persistent |
| _goshopdirect2017_session | Unique session key to identify you | To make sure your session is not hijacked | Until the browser session closes |
| _ga | Site analytics | To visualise how the sire is being used | Until the browser session closes |
Statesman Cookies:
| Cookie Name | What it does | Why is it used | How long it lasts |
| _gat_UA-xxxxxxxx | This is a pattern type cookie set by Google Analytics | The patter element on the name contains the unique identity number of the account or website it relates to | 1 Minute |
| _gid | Site analytics | Used to distinguish users | 24 Hours |
| _ga | Site analytics | To visualize how the site is being used | Until the browser session closes |
| _statesman_appliances2019_session | Unique session key to identify you | To make sure your session is not hijacked | Until the browser session closes |
HOW TO TURN OFF COOKIES
If you do not want to accept cookies, you can change your browser settings so that cookies are not accepted. If you do this, please be aware that you may lose some of the functionality of this website. For further information about cookies and how to disable them please go to the Information Commissioner’s webpage on cookies: https://ico.org.uk/your-data-matters/online/cookies/.
DISCLOSURES OF YOUR PERSONAL INFORMATION
Where necessary to fulfill our obligations to you, we may pass your personal information to third parties where this is necessary for the functioning of our business and the purposes set out in the table ‘Purposes for which we will use your personal information’. We may share your personal information with:
- a) Google
We work with third party company Google to automatically collect information including: IP address, MAC (Media Access Control) address, unique identifier or other persistent or non-persistent device identifier, device software platform and firmware, mobile phone carrier and geo location data to help us understand your use of our app such as how often you return, what parts of the app you visit, how you use the app and how long you spend on the app. This third-party provider is prohibited from using our data for any other purposes. Go to http://www.google.com/analytics/terms/us.html to read Google Analytics Privacy Policy. We use the data we collect about your use of our website to analyse trends across the data set of all customers worldwide, and to enable us to offer a better service to you.
- b) New Relic
We work with third party Company New Relic Cookie who we use to store a session identifier, so they can monitor session counts for an application. The Cookie value is generated by Jetty. This third-party provider is prohibited from using our data for any other purpose. Go to
https://newrelic.com/termsandconditions/privacy to read New Relic Privacy Policy. This was accurate on 25th May 2020. Parties may have since been added. An up to date list can be obtained at [email protected].
- c) Click4Assistance
We use live chat software on our website, this is provided by Click4Assistance, a 3rd party UK based Software Company. Information regarding how the data is processed and stored can be viewed here.
HOW LONG WE WILL USE YOUR PERSONAL INFORMATION
We shall retain your personal information whilst you remain a customer. Should you not trade and there is no good business reason to retain your personal information we will delete your personal information on receipt of your request to be deleted whichever is the sooner, unless we are required by law to retain your personal information for a longer period.
DATA SECURITY
To protect your personal information, we have policies and procedures in place to make sure that only authorised personnel can access the personal information, that personal information is handled and stored in a secure and sensible manner and all systems that can access the personal information have the necessary security measures in place. To accomplish this, all employees, contractors and sub-contractors have roles and responsibilities defined in those policies and procedures.
To make sure all employees, contractors and sub-contractors understand these responsibilities they are provided with the necessary training and resources they need.
In addition to these operational measures, we also use a range of technologies and security systems to reinforce the policies.
To make sure that these measures are suitable, vulnerability tests are run regularly. Audits to identify areas of weakness and non-compliance are routinely scheduled. Additionally, all areas of the organisation are constantly monitored and measured to identify problems and issues before they arise.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
YOUR DATA PROTECTION RIGHTS
Under data protection law, you have rights in relation to your personal information including:
- The right to be informed – You have the right to be informed about the collection and use of your personal data
- The right to access information we hold about you – At any point you can contact us to request the personal information we hold about you as well as why we have that personal information, who has access to the personal information and where we got the personal information. Once we have received your request, we will respond within 30 days
- The right to correct and update the personal information we hold about you – If the personal information we hold about you is out of date, incomplete or incorrect, you can inform us and we will ensure that it is updated
- The right to have your personal information erased – If you feel that we should no longer be using your personal information or that we are illegally using your personal information, you can request that we erase the personal information we hold. When we receive your request, we will confirm whether the personal information has been deleted or tell you the reason why it cannot be deleted
- The right to object to processing of your data – You have the right to request that we stop processing your personal information. Upon receiving the request, we will contact you to tell you if we are able to comply or if we have legitimate grounds to continue. If personal information is no longer processed, we may continue to hold your personal information to comply with your other rights
- Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances
- The right to ask us to stop contacting you with direct marketing – You have the right to request that we stop contacting you with direct marketing. You can click the unsubscribe button at the bottom of any of our marketing emails or you can email us at [email protected]
- The right to data portability – You have the right to request that we transfer your personal information to another controller. Once we have received your request, we will comply where it is feasible to do so
Our security procedures mean that we may request proof of identity before we are able to disclose your personal information to you or comply with other requests, this is to maintain the security of your information. In such cases your response will be necessary to exercise this right.
NO FEE USUALLY REQUIRED
You are not required to pay any charge for exercising your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
TIME LIMIT TO RESPOND
If you make a request, we have one month to respond to you.
If you wish to make a request, please contact us at:
Ewbank
38 Bluestem Road
Ransomes Europark
Ipswich
Suffolk
IP3 9RR
HOW TO COMPLAIN
If you have any queries about this privacy notice, need further information or wish to lodge a complaint about the use of your personal information you can use the details below to contact Ewbank:
Ewbank
38 Bluestem Road
Ransomes Europark
Ipswich
Suffolk
IP3 9RR
You can also complain to the ICO if you are unhappy with how we have used your personal data. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
CHANGES TO THIS PRIVACY NOTICE
We may update this privacy notice from time to time. You should check this privacy notice occasionally to ensure that you are aware of the most recent version that will apply each time you access the website.
VERSION CONTROL
| Version | Date | Author | Approver | Change Description |
| 1 | 22/05/2020 | Helen Lacey | Kim Davies | |
| 2 | February 2021 | Helen Lacey | Linda Hanley | Revised for Ewbank |
| 3 | July 2021 | Helen Lacey | Include reference for us of third party to process customer orders | |
| Owner | Helen Lacey |
| Effective From Date | February 2021 |
| Date of Next Review | January 2022 |