WHO WE ARE
Mafia collection (‘we’ ‘us’ or ‘our’) collect, use and are responsible for certain personal information about you. When we do so we are regulated under the General Data protection Regulations which apply across the European Union (including the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposed of those laws.
WHEN WE COLLECT PERSONAL DATA
The provision of the following information is required from you:
This is to enable us to do the following
- Name and Address: For Delivery Purposes
- Email: For Receipt of Purchase
We will inform you at the point of collection information from you, whether you are required to provide information to us.
PERSONAL INFORMATION WE COLLECT AND USE
We collect the following personal information that you provide to us:
Date of Birth
How we communicate with you and any preferences that you have
Some examples of when we collect this information include:
When registering for an account
Signing up for our newsletter
When you send us an email
Make a purchase
Personal information you provide about third parties:
If you give us information about another person, you can confirm that the other person has appointed you to the act on their behalf and agreed that you:
Shall consent on their behalf to the processing of their personal data;
Shall receive any data protection notices on their behalf and;
Shall consent on their behalf to the transfer of their personal data abroad
HOW WE USE PERSONAL DATA
We collect information about our users for the following purposes:
- We will use you email to send you offers, promotions and updates within Mafia Collection
- To develop the products and services we provide and enhance these in line with industry changes
- To ensure our website content is up to date and relevant
- To ensure that you receive the benefits and services that are on offer and that are of interest to you
- For marketing products to you. We use your personal information to ensure that you know about the products and promotions that we run. You have the right to optout of any of these marketing channels at any time and can inform us at email@example.com
- To manage your orders, you provide you with good and services
Your payment is processed via GoCardless
Your payments are processed by PayPal
SHARING AND STORING PERSONAL DATA
If you provide us with your email address when you opt-in to receive our newsletter it will be stored, along with your name and surname via Mailchimp https://mailchimp.com/legal/privacy/
If you provide us with your email address when you communicate with us by email your email and any personal information stored within your email communications with be stored via Outlook.
We use third party payment organisations, who will collect and process your financial details. If you are an existing customer we may share your details with companies who perform marketing for us. Mafia Collection Ltd will never pass on your personal details to another organisation for their use, except when we have your express permission to do so or when the law requires it. We do not sell your or swap your personal data, however where applicable we share your information with subcontractors and suppliers. Staff, consultants and service providers acting on our behalf may be allowed to access your personal data; we will only allow them to do this to do at our explicit instruction and for an exact purpose. With all third party suppliers we have reviewed their policies and procedures and are content with the level of their GDPR compliance, where necessary a Data Sharing Agreement will be in place, we will be satisfied that their systems are secure. In the event that we stop using a supplier, any of your information that they hold will be securely deleted. We may need to disclose your personal data upon request to regulatory and government bodies as well as law enforcement agencies.
Keeping your information secure:
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We will also use technological and organisation measures to keep your information secure. These measures may include the following examples:
- User account access is controlled by a unique username and password
- All data are stored on secure servers
- Payment details are encrypted using SSL
We also have procedures in place to deal with any suspected data security breach. We will notify you any applicable regulator of a suspected data security breach where we are legally required to do so.
Indeed, while we will use all efforts to secure your personal data, in using the site you acknowledge that the use of internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us using the details below.
How long your personal information will be kept:
We will hold your personal information for as long as it is required with accordance with statutory requirements. For example, we will keep a record of any financial documents for at least seven years to comply with HMRC rules.
These periods are no longer than necessary in each case.
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
- Fair processing of information and transparency over how we use your personal information
- Access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address
- Require us to correct any mistakes in your information which we hold
- Require the erasure of personal information concerning you in certain situations
- Receive the personal information concerning you which you have provided to us, in a structures, commonly used and machinereadable formation and have the right to transmit those to a third party in certain situations
- Object at any time of processing of personal information concerning you for direct marketing
- Object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- Object in certain other situations to our continued processing of your personal information
- Otherwise restrict our processing of your personal information in certain circumstances
- Claim compensation for damages caused by our breach of any data protection laws
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individual’s rights under the General Data Protection Regulations (hhtp://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/)
If you would like to exercise any of these rights please:
- Email us
- Let us have enough information to identify you
- Let us have proof of your identity (a copy of your driving license, passport or a recent credit card/utility bill)
- Let us know the information to which your request relates
From time to time we may have other methods to unsubscribe (opt-out) from any direct marketing including from example, unsubscribe buttons or web links. If such are offered, please note that there may be some period of time after selecting to unsubscribe in which marketing may still be received while your request is being processed.
MARKETING AND COMMUNICATIONS
We would like to send you information about products, services, offers and competitions and our business which may be of interest to you. Such information could be sent by post, email, telephone or text message.
We will ask whether you would like us to send you marketing messages on the first occasion that you provide any relevant contact information (i.e on purchase, signing up to our newsletter, entering a competition etc). if you do opt in to receive such marketing from us you can opt out at any time (see “What rights do you have?” below for further information). If you have any queries about how to opt out, or if you are receiving messages you do not want you can contact us using the details provided below.
WEBSITES AND EMBEDDED CONTENT
If you have any questions about this policy or the information we hold about you, please contact us by email at firstname.lastname@example.org.