Privacy Policy

  

What is our Privacy Policy?


CUSTOMER PRIVACY POLICY


Once Upon A Teepee is sole trader company registered in the United Kingdom with HMRC. Once Upon A Teepee is also referred to as OUAT, "we" or "us" in this policy.


OVERVIEW


Maintaining the security of your data is a priority at OUAT, and we are committed to respecting your privacy rights.  We pledge to handle your data fairly and legally at all times. OUAT is also dedicated to being transparent about what data we collect about you and how we use it.


This policy, which applies whether we visit you in person, you use your mobile device or go on line, provides you with information about:


- how we use your data;

- what personal data we collect;

- how we ensure your privacy is maintained; and

- your legal rights relating to your personal data.

image17

 GENERAL


OUAT uses your personal data:


- to provide goods and services to you;

- to make a tailored website available to you;

- to verify your identity;

- with your agreement, to contact you electronically about promotional offers and products and services which we think may interest you;

- for market research purposes - to better understand your needs;

- to enable OUAT to manage customer service interactions with you; and

- where we have a legal right or duty to use or disclose your information (for example in relation to an investigation by a public authority or in a legal dispute).


Promotional communications


OUAT uses your personal data for electronic marketing purposes (with your consent) and may send you emails to update you on the latest OUAT offers.  


OUAT aims to update you about products & services which are of interest and relevance to you as an individual. 


You have the right to opt out of receiving promotional communications at any time by contacting OUAT via the contact channels set out in this Policy.

Sharing data with third parties


Our service providers and suppliers


In order to make certain services available to you, we may need to share your personal data with some of our service partners.  These may include IT, delivery and product suppliers.

OUAT only allows its service providers to handle your personal data when we have confirmed that they apply appropriate data protection and security controls.  We also impose contractual obligations on service providers relating to data protection and security, which mean they can only use your data to provide services to OUAT and to you, and for no other purposes.


Other third parties


Aside from our service providers, OUAT will not disclose your personal data to any third party, except as set out below.  We will never sell or rent our customer data to other organisations for marketing purposes.

We may share your data with:


- governmental bodies, regulators, law enforcement agencies, courts/tribunals and insurers where we are required to do so: -

- to comply with our legal obligations;

- to exercise our legal rights (for example in court cases);

- for the prevention, detection, investigation of crime or prosecution of offenders; and

- for the protection of our employees and customers.


How long do we keep your data?


We will not retain your data for longer than necessary for the purposes set out in this Policy. Different retention periods apply for different types of data, however the longest we will normally hold any personal data is 4 years.

   


WHAT PERSONAL DATA DO WE COLLECT?


OUAT may collect the following information about you:


- your name, 

- the name, age and any known allergies of the party recipient and party attendees. Due to the nature of this data concerning children, this data is held sensitively and will not be shared with any third party unless legally obligated to do so. 

- your contact details: postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and e-mail address;

- your correspondence and communications with OUAT ; and

- other publicly available personal data, including any which you have shared via a public platform (such as a Twitter feed or public Facebook page).


This list is not exhaustive and, in specific instances, we may need to collect additional data for the purposes set out in this Policy. Some of the above personal data is collected directly, for example when you set up an on-line account on our website, or send an email to our customer services team. Other personal data is collected indirectly, for example your browsing. 


We may also collect personal data from third parties who have your consent to pass your details to us, or from publicly available sources.


HOW WE PROTECT YOUR DATA


Our Controls


OUAT is committed to keeping your personal data safe and secure.  


Our security measures include: -


- encryption of data;

- data sharing agreements all service providers who may handle your personal data;

- internal policies setting out our data security approach and training for employees.

  

WHAT YOU CAN DO TO HELP PROTECT YOUR DATA


OUAT will never ask you to confirm any bank account or credit card details via email.  If you receive an email claiming to be from OUAT asking you to do so, please ignore it and do not respond.


If you are using a computing device in a public location, we recommend that you always log out and close the website browser when you complete an online session.


Your Rights


You have the following rights:


- the right to ask for a copy of personal data that we hold about you (the right of access);

- the right (in certain circumstances) to request that we delete personal data held on you; where we no longer have any legal reason to retain it (the right of erasure or to be forgotten);

- the right to ask us to update and correct any out-of-date or incorrect personal data that we hold about you (the right of rectification);

- the right to opt out of any marketing communications that we may send you and to object to us using / holding your personal data if we have no legitimate reasons to do so (the right to object);

- the right (in certain circumstances) to ask us to ‘restrict processing of data’; which means that we would need to secure and retain the data for your benefit but not otherwise use it (the right to restrict processing); and

- the right (in certain circumstances) to ask us to supply you with some of the personal data we hold about you in a structured machine-readable format and/or to provide a copy of the data in such a format to another organisation (the right to data portability).

If you wish to exercise any of the above rights, please contact us using the contact details set out below.



Legal basis for OUAT processing customer personal data


General


OUAT collects and uses customers’ personal data because is it necessary for:


- the pursuit of our legitimate interests (as set out below);

- the purposes of complying with our duties and exercising our rights under a contract for the sale of goods to a customer; or

- complying with our legal obligations.

In general, we only rely on consent as a legal basis for processing personal data in relation to sending direct marketing communications to customers via email or text message.

Customers have the right to withdraw consent at any time.  Where consent is the only legal basis for processing, we will cease to process data after consent is withdrawn.


Our legitimate interests


The normal legal basis for processing customer data, is that it is necessary for the legitimate interests of OUAT, including:-


- selling and supplying goods and services to our customers;

- protecting customers, employees and other individuals and maintaining their safety, health and welfare;

- promoting, marketing and advertising our products and services;

- sending promotional communications which are relevant and tailored to individual customers 

- understanding our customers’ behaviour, activities, preferences, and needs;

- improving existing products and services and developing new products and services;

- complying with our legal and regulatory obligations;

- preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies;

- handling customer contacts, queries, complaints or disputes;

- protecting OUAT, its employees and customers, by taking appropriate legal action against third parties who have committed criminal acts or are in breach of legal obligations to OUAT;

- effectively handling any legal claims or regulatory enforcement actions taken against OUAT; and

- fulfilling our duties to our customers and colleagues


DATA PROTECTION QUESTIONS


If you have any questions about how OUAT uses your personal data that are not answered here, or if you want to exercise your rights regarding your personal data, please contact us

- phone:07515715960;

-e-mail:info@onceuponateepee.co.uk 


You have the right to lodge a complaint with the Information Commissioner’s Office. Further information, including contact details, is available at https://ico.org.uk.


Updates;

This policy was last updated in October 2018.