Privacy Policy

Introduction

We recognise that your privacy is important and this policy aims to tell you, as clearly as we can, what we do with your data. So you can understand how, where and when we use it, how we store it and why we use it.

This policy covers all information gathered, whether through the use of this website, services rendered, when you contact us through our contact form or in any other way (e.g. Direct message through socials, e-mail etc), whether initiated by you or we get in touch.

This policy applies wherever you come to us from in the world but is guided and subject to English Law.

Who ‘we’ are

Our website address is: https://toryofford.com.

Toryofford.com is controlled by ‘TO Account Limited’. Company Registration number 12597867. Whenever reference is made to ‘we’, ‘us’, ‘Tory Offord’, ‘our’ – collectively all refer back to the ultimate controlling party.

Should you wish to contact us, please do so at:

E-mail: tory.offord@gmail.com

Letter to our registered office: 37 Watts Corner, Glastonbury, Somerset, BA6 8FD.

What personal data we collect and why we collect it

We may collect, use & store different kinds of personal data about you such as follows:

  • Identity Data; first name, last name, username or similar identifier, title, date of birth and gender.
  • Contact Data; billing address, delivery or postal address, email address and contact numbers.
  • Financial Data includes bank account and payment card details.
  • Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
  • Usage Data includes information about how you use our website, products and services.
  • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We may collect ‘Sensitive Data’ that refers to details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. If you have chosen to disclose it to us.

It is your duty to tell us if anything we have collected about you requires updating at any time.

Why we collect it.

Both for legal and for the consented reason you give us data, we may use it to:

  • Send you information about your account and order.
  • Perform our contractual duties with you.
  • Respond to your requests, including transaction details and complaints.
  • Process payments and prevent fraud.
  • Comply with any legal obligations we have.
  • Improve our offerings.
  • Inform our marketing strategy and send you marketing messages, if you choose to receive them.
  • Location, IP address and browser type: we’ll use this for purposes like geolocating users, reducing fraudulent activities, estimating taxes and shipping if applicable.
  • To study how our customers use our products/services.
  • To keep our services up to date and relevant.

How is your personal data collected?

We use different methods to collect data from and about you including through:

Directly

You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you (where applicable):

  • Apply for our products or services;
  • Subscribe to our service or publications;
  • Request marketing to be sent to you;
  • Enter a competition, promotion or survey; or
  • Give us some feedback or contact us.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content. We encourage you to view their own privacy policies upon visiting their site.

Analytics

We use Google Analytics, their privacy policy can be found at: https://policies.google.com/privacy?hl=en_US

Who we share your data with

Your data will only be shared for compliance with the regulatory aspects of our business if we are required to e.g. HMRC or if we are required by law.

Or in the normal course to allow us to do business with you e.g. Take payments through a third party.

We send beautiful email through Flodesk. When processing emails, some of your data will be passed to Flodesk, including information required to process or support the email marketing services, such as the name, email address and any other information that you intend to pass or collect including all collected information through subscription.

Please see the Flodesk policy at: https://www.privacypolicies.com/privacy/view/bb9c8c7ecbee39b15f2f5be574def422

Visitor comments may be checked through an automated spam detection service.

If we wish to share your data in any other respect we will ask for your consent to do so.

In such an instance we ask the third party to respect your data as we would and treat it in accordance with English Law.

Marketing

Under the Privacy and Electronic Communications Regulations, we may send you marketing communications from us if (i) you made a purchase or asked for information from us about our goods or services or (ii) you agreed to receive marketing communications and in each case you have not opted out of receiving such communications since. You can still opt out of receiving marketing emails from us at any time.

How long we retain your data

Under English law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years for tax purposes. If you are not a customer we shall retain your data for 2 years following your last engagement with us.

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

What rights you have over your data

Under certain circumstances, you have the following rights under data protection laws in relation to your personal data:

  • Request access to your personal data.
  • Request correction of your personal data.
  • Request erasure of your personal data.
  • Object to processing of your personal data.
  • Request restriction of processing your personal data.
  • Request transfer of your personal data.
  • Right to withdraw consent.

If you wish to exercise any of the rights set out above, please contact us.

If you have an account on this site, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

How we use your personal data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal or regulatory obligation.
  • To keep you updated about our products and services where you have consented to this. We shall send this information to you by email.  You have the right to withdraw consent to marketing at any time by contacting us or by clicking on the ‘unsubscribe’ button in our emails.

How we protect your data

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Changes to this privacy notice

We may change this privacy policy from time to time – we will note the date of the last update here for you to check.

Last Updated: 22nd June 2020.