Privacy

Introduction

We are committed to safeguarding the privacy of our website visitors and service users.

  • This policy applies where we are acting as a data controller with respect to the personal data of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data.
  • We use cookies on our website. Insofar as those cookies are not strictly necessary for the provision of our website and services, we will ask you to consent to our use of cookies when you first visit our website.
  • Our website incorporates privacy controls which affect how we will process your personal data. By using the privacy controls, you can specify whether you would like to receive direct marketing communications and limit the publication of your information. You can access the privacy controls via [URL].
  • In this policy, "we", "us" and "our" refer to BAZAAR OF BRANDS, "you", "the user" refer to the person(s) using this website, Cookies mean small files stored on a users computer or device as defined in our cookies policy, GDPR means General Data Protection Act, and PECR means Privacy & Electronic Communications Regulation.

Purpose(s)

We may collect your personal information for the following purpose(s):

  • To analyse the use of our website and services
  • To ensure the security of our website and services by maintaining back-ups of our database
  • To offer, market and sell relevant goods and/or services to the data subject
  • To ensure efficient deliverance of purchased goods and services

In some cases, the processing your personal data may be necessary to comply with a legal obligation to which Bazaar of Brands is subject, to protect the data subjects interests or those of others

Categories of personal data 

In order to carry out these purposes we collect and obtain the following categories of personal data: 

  • Usage data – (IP Addresses, Location, Browser type, Referral source, Page views)
  • Account data – (Name, E-mail address, Employer details, Profile)

Other types of information we collate includes any information you post for publication using the Bazaar of Brands website; any information contained in the enquires made to the site including that contained in correspondence. 

Legal basis for processing 

Bazaar of Brands has a responsibility to provide services that collate and operate around personal details.  Therefore the legal basis we rely on under GDPR for processing your personal information is: 

  • Where the data subject, or a legal representative has given their consent
  • Necessary for the performance of a contract with the data subject. This legal basis applies to data required to process an online payment or deliver a purchased good
  • Necessary for the protection and assertion of our legal rights, your legal rights and the rights of others

Information sharing/recipients

We may share personal information about you with the following types of organisations: 

  • Insurers/Advisers – This is only if reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice or the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.

We will not normally share your information with organisations other than those listed above. However, there may be certain circumstances where we would share without consent such as where we are required to do so by law, to safeguard public safety and in risk of harm or emergency situations. Only the minimum information for the purpose will be shared.

Data Transfers beyond EEA 

We will only send your data outside the European Economic Area (EEA):

  • with your consent, or
  • if we use service providers or contractors in non-EEA countries.

If we do transfer your information beyond the EEA, we will make sure that it is protected in the same way as if it was being used in the EEA, This means it will be protected by our own policies as well as appropriate safeguards such as those highlighted in the European Commission https://ec.europa.eu/info/law/law-topic/data-protection_en

Automated Decisions 

There will be no decisions made by using a computerised system or program that does not involve a human being, and that legally affects you. 

Data Storage

All personal data held in our website database will be stored on the servers of our hosting services providers identified at www.fastcomet.com.

Any financial transactions are handles by our payment service providers STRIPE, with who we will share transaction data only to the extent necessary to process, refunds and payments and any complains or queries regarding. More information on how they handle your data is available on their website 

Data retention/criteria 

Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

We will retain your information for as long as the law specifies or where the law does not specify this, for the length of time determined by our business requirements. For example, some information may be kept the entire duration in which the data subject is actively using their account whereas other information may be erased after 30 days.

Your rights 

You have many rights under GDPR when it comes to your personal data, below is a list including these and example of how they may be used: 

  • Right to Access – You may ask for copies of your personal data;
  • Right to Rectification – You may ask us to rectify inaccurate personal data and to complete incomplete personal data;
  • Right to Erasure – You may ask us to erase your personal data;
  • Right to Restrict – You may ask use to restrict the processing of your personal data;
  • Right to Object – You may object to the processing of your personal data;
  • Right to Portabilty – You may ask that we transfer your personal data to another organization or to you;
  • Right to Complain – You may file a complaint about the processing of processing data with supervisory notice or to the International Commissioners Office
  • Right to Consent – You may withdraw consent to processing data
  • These rights are subject to certain limitations and exceptions. You can learn more about the rights of data subjects by visiting https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.

These rights may be exercised by written notice to us, using the following email: enquiries@bazaarofbrands.com.

Updates 

We may update or revise this Privacy Notice at any time so please refer to the version published on our website for the most up to date details. If any of the changes are material we will provide notice of this. If you continue to use the services after those changes are in effect, you agree to the revised policy.