For the purposes of the Data Protection Act 1998, Wellsnowsports ('we' or 'us') are the 'data controller' (ie the company who is responsible for, and controls the processing of, your personal data).
Personal data we may collect about you
We will obtain personal data about you (such as your name, address and email) whenever you complete an online form.
For example, we will obtain your personal data when you register to use this website, send us feedback, post material, contact us for any reason, sign up to a service, enter a competition, purchase goods or services. We may also obtain sensitive personal data about you if you volunteer it during the completion of an online form. If you volunteer such information, you will be consenting to our processing it for the purpose of stated when completing the form.
How we use your personal data
We will use your personal data for the purposes that are described below:
Marketing and opting out
If you have given permission (when creating an account, subscribing or placing an order), we may contact you by email about products, services, promotions, special offers, charitable causes that may be of interest to you. If you prefer not to receive any direct marketing communications from us, you can opt out at any time. See 'Your rights', below for further information.
Disclosure of your personal data
We may disclose your personal data to:
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
Keeping your data secure
We will use technical and organisational measures to safeguard your personal data, for example:
If you choose a direct payment gateway to complete your purchase, then Shopify stores you credit card data which is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Payment details are encrypted using SSL (typically you will see a lock icon or green address bar (or both) in your browser when we use this technology). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet.
We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of training, quality assurance, fraud prevention and compliance.
To enable us to make credit decisions about you and members of your household and for fraud prevention and money laundering purposes, we may search the files of credit reference and fraud prevention agencies (who will record the search). We may disclose information about how you conduct your account to such agencies and your information may be linked to records relating to other people living at the same address with whom you are financially linked. Other credit grantors may use this information to make credit decisions about you and the people with whom you are financially associated, as well as for fraud prevention, debtor tracing and money laundering purposes. If you provide false or inaccurate information and we suspect fraud, we will record this.
Information about other individuals
If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:
Transfers of data out of the EEA
When you signed up, place and order or subscribe at Wellsnowsports you agreed that we transfer your personal data to countries outside the European Economic Area. Our store host is Shopify, which is located in the United States and as stated in the Shopify section, is who our data is securely stored with. Rest assured that we will always ensure any transfer is subject to appropriate security measures to safeguard your personal data and is protected by the legislation outlined below.
Shopify comply with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, disclosure and retention of Personal Information by Shopify Data Processing (USA) Inc. from European Union member countries and Switzerland. We have certified that we adhere to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement.
You have the right, subject to the payment of a small fee (currently £5), to request access to personal data that we may process about you. If you wish to exercise this right, you should:
You have the right to require us to correct any inaccuracies in your data free of charge. If you wish to exercise this right, you should:
You also have the right to ask us to stop processing your personal data for direct marketing purposes. If you wish to exercise this right, you should:
Our contact details
We welcome your feedback and questions. If you wish to contact us, please send an email to firstname.lastname@example.org or you can write to us at: Wellsnowsports Ltd, PO Box 9134, Ringwood, Hampshire, BH24 9FS or call us on 03333 058 788 90. Our registered office is Wellsnowsports Ltd, PO Box 9134, Ringwood, Hampshire, BH24 9FS