Data Protection and Information Security is core to everything we do at Driftrock.
The Website is brought to you by Driftrock Limited. We are committed to protecting the privacy of all visitors to our Website.
For the purpose of UK data protection laws - prior to and including 24 May 2018 - the Data Protection Act 1998; and from and including 25 May 2018, (i) unless and until the General Data Protection Regulation ((EU) 2016/679) (“GDPR”)) is no longer directly applicable in the UK, the GDPR and any national implementing laws, regulations and secondary legislation, as amended or updated from time to time, in the UK and then (ii) any successor legislation to the GDPR or the Data Protection Act 1998, the data controller in respect of any personal data that you submit to us on our Website is Driftrock Limited, a company incorporated under English law (company number: 08717688) and whose registered office is at 20 St Thomas Street, Runway East, London, SE1 9RS, United Kingdom.
For any information or exercise of your rights on the processing of personal data managed by Driftrock, you can contact our Data Protection Officer (DPO) by accompanying your request with a copy of an identity document bearing your signature (identity card, passport):
By email at:
20 St Thomas Street
WHAT INFORMATION DO WE COLLECT?
We will collect and process the following data about you: Personal details. We will collect information that you provide to us when you use the Website, including when you create an account on the Website (such information may include, but may not be limited to, your name, email address, role, telephone number and postal address);
Your interactions with us. You may provide us with your personal data when you interact with us, for example when you contact us via email or the chat functionality on the Website, and during customer services communications.
Payment details. When you purchase our Services via the Website, we may collect your payment details including debit/credit card information, we use the third party service, Stripe, to manage these payment details.
Order history. We process data about transactions you carry out through the Website, orders you place and the fulfilment of your orders.
Technical information. When you use the Website, we automatically receive and record information about your usage of the Website, including [IP address, location, cookie data and details about the page you visited. Please see the ‘Cookies’ heading below for further information on the cookie data we process.
We may use an analytics service provider for service usage analysis and reporting. Analytics service providers generate statistical and other information about usage by means of cookies, which are stored on users' computers. The information generated relating to the Website may be used to create reports about the use of the Website and the analytics service provider will store this information.
HOW DO WE USE THE INFORMATION THAT YOU PROVIDE TO US?
We may use your information in the following ways:
to process and fulfil your orders for our Services;
to contact you about the Services you have ordered;
to ensure that our Website is delivered in the most effective manner for you and your computer or mobile device;
to carry out our obligations arising from any contracts for Services entered into between you and us;
to provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes;
to provide customer service to you in relation to your use of the Website and Services, to deal with enquiries and complaints relating to the use of the Website and Services and to notify you about any changes to the Website or Services;
to administer, support, improve, optimise and develop our Website and Services;
for internal studies to improve the Website and Services; and
· as we believe to be necessary or appropriate under applicable law, to enforce our rights or to respond to requests from law enforcement and other government authorities.
We use your personal data on the following legal bases, depending on the purpose of our processing:
· to enable us to perform the contract between you and us (if you have entered into a contract with us for Services);
· your consent (for example, in respect of marketing);
· otherwise in our legitimate interests (for example, to make available the Website to you); or to comply with a legal obligation.
Where the processing of your personal data by us is based on your consent, you may withdraw your consent at any time, by writing to us or emailing us at email@example.com. If you withdraw your consent, this will not affect the lawfulness of any processing which has taken place before you have withdrawn your consent.
We may use your information to provide you with our email notifications, newsletters and other marketing communications that either you request from us or which you consent to by opting in when submitting your contact details on the Website.
You may opt out from receiving such marketing communications from us at any time by notifying us in writing, contacting us at firstname.lastname@example.org or, alternatively, by following the procedure to ‘unsubscribe’ that is specified in the email that you receive.
DISCLOSURE OF YOUR INFORMATION
You should note that information posted on the public elements of the Website may be visible by users of the Website throughout the world. You should therefore be careful when submitting information about yourself to the Website.
We may disclose your personal information:
to our suppliers and partners who perform functions on our behalf, including our payment processing suppliers and data analytics services suppliers. We do not share your personal data with such suppliers and partners except as is necessary in order to allow them to provide us with a service;
where required to do so by law or court order;
with a purchaser or potential purchaser of our business; or
THIRD PARTY SITES
HOW DO WE PROTECT YOUR INFORMATION?
When your personal data is transferred to a location outside of the EEA we shall undertake an assessment and put in place adequate safeguards, in accordance with applicable data protection laws, to ensure third party recipient will provide adequate security of such personal data and respect your rights to privacy. For further information on the adequate safeguards used by us, please contact us at email@example.com
You acknowledge that data transmission over the internet is not always secure and that we cannot guarantee the security of data you send over the internet.
Your information will only be held for as long as we need to process it in accordance with our legitimate interests, and in accordance with UK data protection laws.
You may at any time request access to and/or, if incorrect, rectification of your personal data by writing to us or e-mailing us at firstname.lastname@example.org. We reserve the right to ask you for proof of your identity.
Under the EU General Data Protection Regulations that came into force on 25 May 2018, or any equivalent rules in the UK, you may be entitled to additional rights in relation to our handling of your personal data. For example, the right to have your personal data erased, the right to object to or restrict us from processing your personal data, and the right to data portability. If you would like to exercise these rights, please write to us or email us at email@example.com.
You also have the right to bring a claim with the Information Commissioner’s Office
Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF - UK supervisory authority for data protection issues (www.ico.org.uk) We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.