Table of Contents

1. UK AND EU VISITOR PRIVACY NOTICE
   1.1 Privacy Policy

2. SUMMARY OF PRIVACY POLICY
   2.1 Our Promise
   2.2 Cookies
   2.3 How We Use Your Data 

3. FULL PRIVACY POLICY
   3.1 Background:
   3.2 Definitions and Interpretation

4. What Does This Notice Cover?
   4.1 What is Personal Data?

5. What Data Do We Collect and How Do We Use It?
   5.1 Direct Marketing
   5.2 How Long Will You Keep My Personal Data?

6. Security
   
   
7. Do You Share My Personal Data and if so, to whom?
   
   
8. How Can I Control My Personal Data?
   8.1 Can I Withhold Information?

9. What Are My Rights?
   
   
10. How Can I Access My Personal Data?
    
    
11. Contact Information
    
    
12. Changes to this Privacy Policy
    
    
13. PRIVACY POLICY FOR CALIFORNIAN RESIDENTS
    13.1 Categories of Information we collect, use, disclose, share and/or sell
    13.2 Your Rights under the CCPA Regarding your Personal Information
    13.3 Sharing of Personal Information with Rakuten Advertising

14. Appendix 1
    14.1 What Information Do We Collect And How Do We Use It In The Context Of UK And EU GDPR

15. APPENDIX 2
    15.1 What Information Do We Collect And How Do We Use It FOR CALIFORNIA RESIDENTS

 

1. UK AND EU VISITOR PRIVACY NOTICE

1.1 Privacy Policy

Tangle Teezer Ltd a company registered in England and Wales with company number 05396577 (referred to as "Tangle Teezer", "we", "us" or "our" in this Privacy Notice) is the data controller of your personal data. This means that we are responsible for deciding how and why we use your personal data that we collect through your use of our website and otherwise in our interactions with you.

Further information on how to contact us, can be found in Section 11, "Contact Information".

2. SUMMARY OF PRIVACY POLICY

2.1 Our Promise

We are committed to protecting your personal data. You should check this page from time to time to ensure that you are happy with the way Tangle Teezer processes your personal data, as we may make changes from time to time, to comply with applicable laws and regulations.

2.2 Cookies

Our website uses cookies, and these are explained in more detail in our Cookie Notice, accessible from the Cookie Preferences section in our website.

2.3 How We Use Your Data

Data collected by our website is used to: 

1. Take and fulfil customer orders.
2. Respond to any enquiries, or facilitate a process beyond the initial purchase, for example, including returning items back to us.

• Administer and enhance the website and services we offer.

1. Disclose information to third-parties for delivering products, payment processing and email marketing (if you have opted in to receive these) only.
2. Issue a unique identifier (e.g., customer login) use cookies to analyse traffic, personalise advertising and show you more of what you like, more information on this and our use of cookies can be found above under section 2.2 "Cookies" 

More detail on this can be found in Section 5, "What Data Do We Collect and How Do We Use It?

3. FULL PRIVACY POLICY

3.1 Background:

Tangle Teezer understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who visits this website, tangleteezer.com (“Our Site”) and will only collect, use and share your personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law. Our Site is owned and operated by Tangle Teezer Ltd. 

Please read this Privacy Notice carefully and ensure that you understand it. You will be required to read and accept this Privacy Notice when signing up for an Account or when finalising a purchase. If you do not accept and agree with this Privacy Notice, you will not be able to create an Account or complete your purchase and you must stop using Our Site immediately.

3.2 Definitions and Interpretation

In this Notice the following terms shall have the following meanings:

"Account"	means an account required to access and/or use certain areas and features of Our Site.
"Cookie"	means a small text file placed on your computer or device by Our Site or legitimate third-parties when you visit certain parts of Our Site and/or when you use certain features of Our Site. Details of the Cookies used by Our Site are set out in Section 2.2 "Cookies" and in our Cookie Notice.
“Data Breach”	means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.
"Data Protection Laws"	means all applicable laws and regulations relating to the processing of personal data and privacy including, General Data Protection Regulation (EU) 2016/679 ('EU GDPR'), the new UK-GDPR and amended Data Protection Act 2018 that took effect on January 31, 2020 (together the 'UK Keeling Schedule') and any legislation in force in the United Kingdom from time to time that subsequently amends or replaces the UK GDPR.
"EEA"	means the European Economic Area, which consists of the member states of the European Union, plus Iceland, Liechtenstein and Norway.
"ePrivacy Law"	means the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended or superseded from time to time.
"Supervisory Authority"	means an independent public authority established in an EEA member state to be responsible for monitoring the application of the GDPR. The Supervisory Authority in the UK is the Information Commissioner’s Office (ICO).

 

4. What Does This Notice Cover?

This Privacy Notice applies to your use of Our Site and/or if you contact us via email, other form of messaging services for example via social media and/or any Tangle Teezer telephone number. This Privacy Policy also applies where you place an order on Our Site, when we are trying to facilitate your order, respond to your enquires, or facilitate a process beyond the initial purchase, for example, including returning items back to us. In addition, this Privacy Notice applies where we may disclose information to third-parties for delivering products, payment processing and email marketing (if you have opted in to receive these) only. Our Site may contain links to other websites. Please note that we have no control over how your data is collected, stored, or used by other websites and we advise you to check the privacy notices of any such websites before proceeding.

For more information on what this Privacy Notice is intended to cover, please see Appendix 1 (What Information Do We Collect and How Do We Use it In The Context of UK and EU GDPR)

4.1 What is Personal Data?

Personal data is defined by the Data Protection Laws as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’. 

Personal data is, essentially, any information about you that enables you to be identified. Personal data covers information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers that can be linked back to you.

 

5. What Data Do We Collect and How Do We Use It?

We process your personal information for a number of different purposes. For each purpose, we must have a legal basis for such processing. Please revert to Appendix 1 for more detail around each of our processing activities. 

When relying on legitimate interests for processing your personal information, we will balance the legitimate interest pursued by us and any relevant third party with your interests and rights in relation to the protection of your personal information. We will do this to ensure it is appropriate for us to rely on such legitimate interest and to identify any additional steps we need to take to achieve the right balance.

In some situations, we may share your personal information with other parties. We have listed below the parties with whom we may share your personal information.

5.1 Direct Marketing

With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email with information, news, and offers on our products or services. We will always work to fully protect your rights and comply with our obligations under the Data Protection Laws and ePrivacy Law, and you will always have the opportunity to opt-out. 

Third parties whose content appears on our Site may use third-party Cookies. Please refer to our Cookie Notice for more information.

5.2 How Long Will You Keep My Personal Data?

We will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected.

We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you, and thus ceases to constitute personal data) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

 

6. Security

Information provided through our website is stored on our secure servers or those of any third-party we engage to provide our IT platform, and is encrypted using standard technology, adhering to UK legislation.  We limit access to your personal information to employees and contractors who need access to enable us to process your information.  They are only permitted to process your information on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal Data Breach.  We will notify you and any applicable regulator (for example the Information Commissioner's Office) where we are legally required to do so.

Where we have given you, or you have chosen, a password which enables you to access your account or certain parts of our website, you are responsible for keeping the password confidential and must not share it with anyone. You are responsible for any actions carried out using your password except where there has been fraud.

7. Do You Share My Personal Data and if so, to whom?

We do share your personal data with third-parties in some limited circumstances, for example, as highlighted in the table at Appendix 1, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.

We may also sometimes contract with the following third-parties to supply certain services. These may include payment processing, delivery, and marketing. In some cases, those third-parties may require access to some or all of your personal data that we hold.

• Adyen Payment Gateway (Netherlands)
• DPD (UK)
• Facebook (US)
• FedEx (US)
• GeoTargetly (US)
• Google Analytics
• Instagram (US)
• MikMak (US)
• Ometria (if you subscribe to our email newsletter) (UK)
• Paypal Payment gateway (US)
• Rakuten (US)
• Royal Mail (UK)
• SendGrid (US)
• Shopify International Ltd. (Ireland)
• TikTok (China)
• UKFast (UK)
• USPS (US)
• Wrike Inc (US)
• Yotpo (if you leave a product review) (US)
• Zendesk (US)

If any of your personal data is required by a third-party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law, as described above in Section 9.

If any personal data is transferred to the EEA, it will be protected under the Data Protection Laws.

If any personal data is transferred outside of the UK or the EEA, we will take suitable steps in order to ensure that your personal data is treated just as safely and securely as it would be under the Data Protection Laws within the UK and under the Data Protection Laws in the EEA. Please contact us if you would like more information on what legal mechanisms we rely on when transferring your personal data outside of the UK or the EEA, emailing us at gdpr@tangleteezer.com.

 

8. How Can I Control My Personal Data?

1. In addition to your rights under the Data Protection Laws, set out in Section 9, when you submit personal data via Our Site, you may be given options to restrict our use of your personal data. In particular, we aim to give you strong controls on our use of your data for direct marketing purposes (including the ability to opt-out of receiving direct marketing emails from us, which you may do by unsubscribing using the links provided in our emails and at the point of providing your details and by managing your Account).
2. You may also wish to sign up to one or more of the preference services operating in the UK: The Telephone Preference Service (“the TPS”), the Corporate Telephone Preference Service (“the CTPS”), and the Mailing Preference Service (“the MPS”). These may help to prevent you receiving unsolicited marketing. Please note, however, that these services will not prevent you from receiving marketing communications that you have consented to receiving.

8.1 Can I Withhold Information?

To use all the features and functions available on Our Site you may be required to submit or allow for the collection of certain data.

You may restrict our use of Cookies. For more information, see our Cookie Notice.

 

9. What Are My Rights?

Under the Data Protection Laws you have the following rights, which we will always work to uphold, and if you are not subject to the Data Protection Laws you may have other rights. It is important to note that there may be instances in which we are unable to fulfil your request in part or in full and in such circumstances, we will revert back to the original requester, explaining why we are unable to proceed.

• The right to be informed about our collection and use of your personal data. This Privacy Notice should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using our contact details in Section 12.
• The right to access the personal data we hold about you. Section 10 will tell you how to do this.
• The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in Section 12 to find out more.
• The right to erasure or sometimes referred to as the right to “be forgotten” entitles you, in certain circumstances, to ask us to delete or remove your personal data. These include for example, where we no longer need your personal data for the original purpose we collected it for, where you have exercised your right to withdraw consent, where we may have processed your personal data unlawfully or where we are required to erase your personal data to comply with a legal requirement. However, please note that we may not always be able to comply with your request for erasure, for example where retention is necessary to comply with our obligations, resolve disputes etc. Please contact us using the details in Section 12 to find out more.
• The right to restrict (i.e., prevent) the processing of your personal data.

1. The right to withdraw your consent in the context of any consent-based processing of your personal data. 

1. The right to object to us using your personal data in the context of direct marketing and where processing is on the grounds of legitimate interest. In some cases, we may refuse your request to object to our processing of your personal data. This is in circumstances where we can demonstrate that we have compelling legitimate grounds to process your personal data which outweighs any prejudice to your rights and freedoms

1. The right to data portability. This means that, if you have provided personal data to us directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business.
2. Rights relating to automated decision-making and profiling - we do not use your personal data in this way.

For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Section 12.

Further information about your rights can also be obtained from your local data protection regulator (Supervisory Authority) which in the UK is the Information Commissioner’s Office (contact details can be accessed in Section 12).  You could also contact your local Citizens Advice Bureau. 

If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office, if you are in the UK or the rest of the world (other than the EEA).  If you are in the EEA, you have the right to lodge a complaint with the Supervisory Authority in your home country. In any event if you do have an issue we would like to resolve it with you first.  Please contact us using the details set out in Section 12.

 

10. How Can I Access My Personal Data?

If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.

All subject access requests should be made in writing and sent to the email or postal addresses shown in Section 12. To make this as easy as possible for you, when you contact us we will provide you with a Subject Access Request Form to fill our and send back to us. You do not have to use this form, but it is the easiest way to tell us everything we need to know to respond to your request as quickly as possible.

There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding, alternatively, we reserve the right, at our discretion to not respond to such requests.

We will aim to respond to your subject access request usually within one month but can take up to three months from the date of the request in case your request is ‘complex’, unless there is a pause permitted under Data Protection Laws and regulatory guidance, in which case it may be longer in both cases.  In any case you will be kept fully informed of our progress and the status of your request.

 

11. Contact Information

If you have any questions or complaints regarding how we use your information or you wish to exercise any of your rights set out in the 'Your Legal Rights' section of our Privacy Notice, please use the following details to contact us:

If you are in the UK or the rest of the world, apart from the EEA:

Email address: gdpr@tangleteezer.com

Telephone number: 020 7738 4458.

Postal Address: Tangle Teezer Ltd, 1st and 2nd Floors 205 Stockwell Road, London SW9 9SL.

You have the right to make a complaint at any time to the Information Commissioner's Office ("ICO"), the UK regulator for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

If you are in the EEA, please contact our European Representative:

Postal Address:  Tangle Teezer Ltd, 88 Harcourt Street, Dublin 2, D02 DK18, Ireland.

Email address: gdpr@tangleteezer.com 

 

12. Changes to this Privacy Policy

We reserve the right to make changes to this this Privacy Policy from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection. Any changes will be immediately posted on Our Site and we therefore recommend that you periodically review our Privacy Policy for the most up-to-date information.

This Privacy Policy is version number 4.0 and was last updated on 28 February 2024.

  

13. PRIVACY POLICY FOR CALIFORNIAN RESIDENTS

This Privacy Notice describes the rights of California residents under the California Consumer Privacy Act (“CCPA”).

We collect certain categories of personal information from California consumers, which we then disclose, share and/or sell to third parties for business or commercial purposes.

13.1 Categories of Information we collect, use, disclose, share and/or sell

Please refer to Appendix 2 for more details about the categories of Information we collect, use, disclose, share and/or sell and a summary of information that we sell, share, or disclose to third-parties.

13.2 Your Rights under the CCPA Regarding your Personal Information

As a California resident, you have certain rights with respect to your personal information that is in our possession.  Please see the below for a summary of these rights and additional information on how to exercise them, subject to certain limitations and exceptions as set forth in the CCPA:

• Right to Know: You have the right to know the categories and specific elements of personal information that we collect, use, disclose, share and sell about you; the categories of sources from which that information was collected; our purposes for collecting, using, disclosing, sharing, and/or selling your personal information; the categories of your personal information that we have either sold or shared with third-parties; and the categories of your personal information that we have disclosed with third-parties. 

• Right to Request Deletion: Subject to certain exceptions set forth in the CCPA, you have the right to request that we delete the personal information we have collected from you and that we instruct any third-parties with whom your information was sold, shared, or disclosed to similarly delete your information, unless such deletion would be impossible or involves disproportionate effort. 

• Right to Opt-Out: You have the right to opt out of sales or sharing of your personal information. Please note that if you opt out of certain types of sales and/or sharing, we will be unable to provide the services to you which rely on such sales and/or sharing. 

• Right to Limit: You have the right to limit the sale, sharing or disclosure of your personal information to third parties, subject to certain exceptions set forth in the CCPA. 

• Right to Correct: You have the right to correct any of the personal information we have collected from you.

 Please note that the exercise of any of these rights will not result in any discriminatory treatment to you, including, but not limited to, denying goods or services to you; charging different prices; providing a different quality of goods and services; and suggesting that you may receive a different price or rate.  As noted above, the exercise of these rights is subject to certain limitations and exceptions set forth in the CCPA.

To exercise any of the above rights, please contact us using either of the two contact methods below. Please note that in order to process your request, we may need to request additional information from you to verify your identity or assess the scope of your request.

• By toll-free number at (888) 751 1072
• Online: gdpr@tangleteezer.com

13.3 Sharing of Personal Information with Rakuten Advertising

Please be advised that one of the third parties with whom we share your personal information is Rakuten Advertising. Rakuten Advertising may collect personal information when you interact with our digital property, including IP addresses, digital identifiers, information about your web browsing and app usage, and how you interact with our properties and ads for a variety of purposes, such as personalization of offers or advertisements, analytics about how you engage with websites or ads and other commercial purposes. For more information about the collection, use, and sale of your personal data by Rakuten and your rights, please use the below links.

• Rakuten Privacy policy: https://rakutenadvertising.com/legal-notices/services-privacy-policy/
  
  
• Your rights: https://rakutenadvertising.com/legal-notices/services-privacy-rights-request-form/

 

14. Appendix 1

14.1 What Information Do We Collect And How Do We Use It In The Context Of UK And EU GDPR

 

The information we collect	How we use the information	Legal basis for this use of the information	Who we may share the information with and for what purpose
Your name, and contact details, including your email address, telephone number(s) and delivery address.	To register you as a new customer, to help manage your account, to enable you to place orders and to deliver products to you.	This is necessary to perform a contract between us, of which a sale is an example.	Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them for the supply of products and/or services to you. For example, we need to share your name and delivery address with postal and courier services to arrange for the products you order to be delivered to you. For example, we use Royal Mail (UK), DPD (UK), FedEx (US), USPS (US) (see Section 7 for more information).
Your name, and contact details, including your email address, telephone number(s) and delivery address.		This is necessary for the purposes of our legitimate interests: fraud prevention and your interests and fundamental rights do not override those interests.	Credit reference agencies who provide anti-fraud and credit score information to us as necessary in order to carry out fraud and credit checks.
Your name, and contact details, including your email address, telephone number(s) and delivery address.	To contact you from time to time about our products, news, offers, new competitions and sponsored events.	You have provided consent to allow us to contact you for these specific purposes.	This information might be shared with email service providers to deliver the marketing, as well as others with permission.  We currently use Ometria to deliver marketing emails and newsletters as well as SendGrid based on the US (see Section 7 for more information).
Your name, and contact details, including your email address.	To communicate with you about operational changes to our website, our products, services.	This is necessary for the performance of a contract with you and for the purposes of our legitimate interests: marketing and your interests and fundamental rights do not override those interests.
Full details of the purchases you make, including the time and date of purchase and details of any relevant payment card (including its billing address).	To enable you to order products from us on our website.	This is necessary to perform a contract between us.	Banks and finance companies where we have allowed them to offer you the possibility of purchasing our products on credit or online. Payment services companies who enable you to use payment cards with us.  For example, we are currently using Adven Payment Gateways (Netherlands) and Paypal Payment Gateway (US) to facilitate online payments (see Section 7 for more information).
Full details of the purchases you make, including the time and date of purchase.	To maintain administrative and legal records about our business to enable us to understand what we have sold, how, when, where and at what price and account to HM Revenue & Customs for the related taxes that we have to pay.	This is necessary for compliance with a legal obligation to which Tangle Teezer is subject.	Our professional advisers, including our accountants, auditors and solicitors.
Full details of the purchases you make.	To enable us to run competitions and offers for which you have signed up, about which we need to be able to communicate with you.	This is necessary for the purposes of our legitimate interests: marketing and your interests and fundamental rights do not override those interests.	Third party marketing companies who run competitions and offers on our behalf (For example, Facebook (US), Instagram (US), TikTok (China) see Section 7 for more information).
Full details of the purchases you make, including the time and date of purchase and details of any relevant payment card (including its billing address).	To gather feedback from you about our website, our products, other services and activities from time to time. We may invite you to provide this feedback on occasion, for example by emailing you to ask if you would like to review a product you have bought. We may use independent research and feedback providers to do so on our behalf.	This is necessary for the purposes of our legitimate interests: marketing and your interests and fundamental rights do not override those interests.	Other people and businesses who help us provide our website, stores and related services to you, for example, information technology companies who design and host our website. We may need to share your contact details with the independent research and feedback providers we use to gather this feedback. For example, we currently use Yotpo if you leave a product review, Zendesk both are based in the US (see Section 7 for more information).
Full details of the purchases you make, including the time and date of purchase, where you made the purchase from and details of any relevant payment card (including its billing address).	To respond to any questions, suggestions, issues or complaints you have raised with us.	This is necessary for the performance for the purposes of legitimate interest in order to handle feedback and/or complaints from you.	We may need to share details about any complaint you make with our professional advisers, including our solicitors, the Information Commissioner's Office (ICO) and any other relevant regulator.
Information on what you search for, view, click on and access in and through our website, We may collect the time and geographic location of your device when you do so.  This information may also include where you came to our website from, and where you went when you left it. We do this through the use of email and website cookies, please see information regarding our cookies above.		You have provided consent to allow us to do this.	Analytics and search engine providers who assist us in the improvement and optimisation of our website. For example, we currently use Google Analytics for this.
Technical information about the devices you use to access our website We collect each device’s relevant IP address, operating system and version, web browser and version, and geographic location].		You have provided consent to allow us to do this.	Other people and businesses who help us provide our website, stores and related services to you, for example, information technology companies who design and host our website. For example we use, GeoTargetly (US) and UKFast (UK) (see Section 7 for more information)

 

 

15. APPENDIX 2

15.1 What Information Do We Collect And How Do We Use It FOR CALIFORNIA RESIDENTS

Categories of Information we collect, use, disclose, share and/or sell

As set forth in the chart below, we collect certain categories of personal information from California consumers, which we then disclose and/or share to third parties for business or commercial purposes.

 

The information we collect	Collected in the last 12 months:	Purpose for our use of this information	Who we may share the information with and for what purpose	Retention Period
Your name, and contact details, including your email address, telephone number(s) and delivery address.	Yes	To register you as a new customer, to help manage your account, to enable you to place orders and to deliver products to you.	Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them for the supply of products and/or services to you. For example, we need to share your name and delivery address with postal and courier services to arrange for the products you order to be delivered to you. For example, we use Royal Mail (UK), DPD (UK), FedEx (US), USPS (US) (see Section 7 for more information).	3 years from date of last order or after an account is no longer active or after contracts or relationships are terminated (whichever is the longer).
Your name, and contact details, including your email address, telephone number(s) and delivery address.	Yes	This is necessary for the purposes of our legitimate interests: fraud prevention and your interests and fundamental rights do not override those interests.	Credit reference agencies who provide anti-fraud and credit score information to us as necessary in order to carry out fraud and credit checks.	6 years after an account is no longer active or after contracts or relationships are terminated (whichever is the longer).
Your name, and contact details, including your email address, telephone number(s) and delivery address.	Yes	To contact you from time to time about our products, news, offers, new competitions and sponsored events.	This information might be shared with email service providers to deliver the marketing, as well as others with permission.  We currently use Ometria to deliver marketing emails and newsletters as well as SendGrid based on the US (see Section 7 for more information).	3 years after an account is no longer active or after contracts or relationships are terminated.
Your name, and contact details, including your email address.	Yes	To communicate with you about operational changes to our website, our products, services.	This is necessary for the performance of a contract with you and for the purposes of our legitimate interests: marketing and your interests and fundamental rights do not override those interests.	3 years after an account is no longer active or after contracts or relationships are terminated
Full details of the purchases you make, including the time and date of purchase and details of any relevant payment card (including its billing address).	Yes	To enable you to order products from us on our website.	Banks and finance companies where we have allowed them to offer you the possibility of purchasing our products on credit or online. Payment services companies who enable you to use payment cards with us.  For example, we are currently using Adven Payment Gateways (Netherlands) and Paypal Payment Gateway (US) to facilitate online payments (see Section 7 for more information).	6 years from date of last purchase or after an account is no longer active or after contracts or relationships are terminated (whichever is the longer).
Full details of the purchases you make, including the time and date of purchase.	Yes	To maintain administrative and legal records about our business to enable us to understand what we have sold, how, when, where and at what price and account to the UK HM Revenue & Customs for the related taxes that we have to pay.	Our professional advisers, including our accountants, auditors and solicitors.	6 years from date of last purchase or after an account is no longer active or after contracts or relationships are terminated (whichever is the longer).
Full details of the purchases you make.	Yes	To enable us to run competitions and offers for which you have signed up, about which we need to be able to communicate with you.	Third party marketing companies who run competitions and offers on our behalf (For example, Facebook (US), Instagram (US), TikTok (China) see Section 7 for more information).	6 years from date of last purchase or after an account is no longer active or after contracts or relationships are terminated (whichever is the longer).
Full details of the purchases you make, including the time and date of purchase and details of any relevant payment card (including its billing address).	Yes	To gather feedback from you about our website, our products, other services and activities from time to time. We may invite you to provide this feedback on occasion, for example by emailing you to ask if you would like to review a product you have bought. We may use independent research and feedback providers to do so on our behalf.	Other people and businesses who help us provide our website, stores and related services to you, for example, information technology companies who design and host our website. We may need to share your contact details with the independent research and feedback providers we use to gather this feedback. For example, we currently use Yotpo if you leave a product review, Zendesk both are based in the US (see Section 7 for more information).	6 years from date of last purchase or after an account is no longer active or after contracts or relationships are terminated (whichever is the longer).
Full details of the purchases you make, including the time and date of purchase, where you made the purchase from and details of any relevant payment card (including its billing address).	Yes	To respond to any questions, suggestions, issues or complaints you have raised with us.	We may need to share details about any complaint you make with our professional advisers, including our solicitors, the Information Commissioner's Office (ICO) and any other relevant regulator.	6 Years after an account is no longer active or after contracts or relationships are terminated.
Information on what you search for, view, click on and access in and through our website, We may collect the time and geographic location of your device when you do so.  This information may also include where you came to our website from, and where you went when you left it. We do this through the use of email and website cookies, please see information regarding our cookies above.	Yes	Our website uses cookies to analyse traffic, personalise advertising and show you more of what you like. You can read more information about our use of this information here.	Analytics and search engine providers who assist us in the improvement and optimisation of our website. For example, we currently use Google Analytics for this.	3 years after an account is no longer active or after contracts or relationships are terminated.
Technical information about the devices you use to access our website We collect each device’s relevant IP address, operating system and version, web browser and version, and geographic location].	Yes	To help us maintain and improve our website, stores, and related services to you	Other people and businesses who help us provide our website, stores and related services to you, for example, information technology companies who design and host our website. For example, we use GeoTargetly (US) and UKFast (UK) (see Section 7 for more information)	3 years after an account is no longer active or after contracts or relationships are terminated.

 

Please refer to the below chart for a summary of information that we sell, share, or disclose to third parties: 

Information that we sell to or share with third parties

Information that we disclose to third parties

- Information on what you search for, view, click on and access in and through our website.    - We may collect the time and geographic location of your device when you do so.  This information may also include where you came to our website from, and where you went when you left it. We do this through the use of email and website cookies, please see information regarding our cookies above.

- Your name, and contact details, including your email address, telephone number(s) and delivery address. - Full details of the purchases you make, including the time and date of purchase and details of any relevant payment card (including its billing address). - Technical information about the devices you use to access our website We collect each device’s relevant IP address, operating system and version, web browser and version, and geographic location]. - Other information about you that is linked to the personal information above.