Please read this policy carefully to understand our views and practices regarding your personal data and how we will treat it. By using our website www.Combegrove.com and any other website on which this policy is posted or expressly referenced (“Combe Grove Sites”), you are accepting and consenting to the practices set out in this policy. Please do not use the Combe Grove Sites or purchase any products over the telephone with our customer services team unless you agree with this policy.
For the purposes of the Data Protection Acts 1998-2018 and the General Data Protection Regulation 2018 (GDPR), the data controller is The Elmhurst Foundation Ltd.
1. INFORMATION WE COLLECT
Automatically Collected Information
When you visit any of the Combe Grove Sites, we may automatically collect certain information about your visit. This information will not allow you to be personally identified:
- Browser information. This may include your browser type, browser version, host operating system, browser language and your IP address.
- Other information about your visit. This may include the full Uniform Resource Locators (URL) clickstream to, through and from our site, products viewed or searched for, page response times, download errors, lengths of visits to certain pages, page interaction information (such as scrolling, clicks and mouse overs) and methods used to browse away from the page.
- Aggregated Information. In addition, aggregate traffic information may also be collected from your visit.
Personally, Identifiable Information
We may also collect and process personal data that you give us. Many of the services that we offer are only made available if we have certain information about you. To access these services, you will, from time to time, be asked to submit personal data about yourself. We may collect and process the following personal information related to our services:
- Registration information. In registering to use the Combe Grove Sites, we require certain contact information (including your name, email address and phone number).
- Information to fulfil your order. When placing an order online at a Combe Grove Site, over the telephone with our customer service team, or in person at Combe Grove, we collect your name, phone number, address and personal payment information. We may also ask you for this information when you enter a competition or promotion sponsored by us or when you report a problem with our site and/or your order.
- Support or customer services issues. If you contact us, we may keep a record of that correspondence and record conversations for training and/or monitoring purposes.
- Surveys. We may from time to time ask you to complete surveys that we use for research purposes. You do not have to respond to these surveys and may opt out of future emails by clicking a link at the bottom of the email or emailing us at Hello@CombeGrove.com.
- Website Use. We may collect details of your visits to our site and any calls that you make to us. This may include location data, weblogs, other communication data and resources that you access.
Messages sent by you will be forwarded to our inbox at firstname.lastname@example.org and may be further forwarded to the correct department to ensure that you receive a prompt and accurate response.
2. USES MADE OF THE INFORMATION
Automatically Collected Information
We may use information which we automatically collect about you as follows:
• To administer the Combe Grove Sites and for internal operations such as to help diagnose problems with our server, troubleshoot, analyse data and other administrative purposes.
• To improve the Combe Grove Sites and to ensure that content is presented in the most effective manner for you and your computer (this may include providing you with content and services in your country’s local language and currency).
• To allow you to participate in interactive features of our service when you choose to do so.
• As part of our efforts to keep the Combe Grove Sites safe and secure.
• To improve the services we offer, make recommendations about goods or services that may be of interest to you and to develop marketing programs.
Personally Identifiable Information
We may use personal data which you give to us as follows:
• To process and fulfil your bookings effectively and to carry out any further obligations arising from any contracts entered into between you and us.
• To provide you with information that you have requested from us and to inform you of offers or other goods or services that may be of interest to you (but only where you have consented to be contacted for such purposes).
• To notify you about changes to our service.
• To help to protect you from fraud (for instance, we may carry out identity verification, credit or anti-fraud checks against your name using third party databases which may involve disclosure of your personal details to registered credit reference or fraud prevention agencies who may retain and use your personal information).
Consent to use of Data for Marketing Purposes
When placing an order with us, we will ask for your email address and/or mobile telephone number so that we can send you information confirming your order.
We would also like to use your data and permit selected third parties to use your personal data, to provide you with information about goods and services which may be of interest to you. We will only contact you by electronic means (email) or post with information about goods and services similar to those which were the subject of a previous sale to you.
Where we permit selected third parties to use your data, we (or they) will contact you by electronic means or post only if you have expressly consented to this.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you before collecting your data if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data.
You can also request us not to use your personal data for this purpose when setting up your Combe Grove account or by emailing us at Hello@CombeGrove.com.
If at any time you wish to unsubscribe to our mailing list, please let us know by sending an email to Hello@CombeGrove.com.
3. SHARING AND DISCLOSURE OF YOUR INFORMATION
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If Combe Grove or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- To registered credit reference or fraud prevention agencies for the prevention of fraud.
- To our nominated marketing agencies who provide marketing services on our behalf.
4. WHERE WE STORE YOUR PERSONAL DATA
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. When you proceed to make your purchase and your browser connects to the secure section of a Combe Grove Site your browser window frame will show a padlock icon to indicate that you are entering a secure area.
If you are using a computer in a public location, we recommend that you always log out and close the website browser down when you complete an online session for your security.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
5. SECURITY MEASURES/ DATA SECURITY
Combe Grove takes appropriate physical and technical measures to ensure the robust security of your data and monitors these measures periodically. This is in line with our responsibilities as a Data Controller under Article 32 GDPR.
6. YOUR RIGHTS
You have the right to access any personal information that Combe Grove processes about you and to request information about: –
- What personal data we hold about you
- The purposes of the processing
- The categories of personal data concerned
- The recipients to whom the personal data has/will be disclosed
- How long we intend to store your personal data for
- If we did not collect the data directly from you, information about the source will be provided in the response.
If you believe that we hold any incomplete or inaccurate data about you, you have the right to ask us to correct and/or complete the information and we will strive to do so as quickly as possible; unless there is a valid reason for not doing so, at which point you will be notified.
You also have the right to request erasure of your personal data or to restrict processing (where applicable) in accordance with the data protection laws; as well as to object to any direct marketing from us. Where applicable, you have the right to data portability of your information
If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the request; this is to ensure that your data is protected and kept secure.
If you have any questions about our processing of your personal data, you are welcome to contact us. You will find our contact details at the bottom of this page. If you notice any errors in your personal data, you have the right to have them corrected.
The Data Protection Acts 1998-2018 and GDPR also provide you the right to access information held about you. You may exercise this right by notifying us in writing. Whilst this Right of Access is free to obtain under updated DP legislation, we may charge you a small administrative fee only if the request is excessive in its nature or repetitive. This is to meet our costs in providing you with details of the information we hold about you.
7. PRIVACY OF CHILDREN AND SENSITIVE PERSONAL DATA
We do not knowingly collect personal data from anyone under the age of 18. We do not knowingly obtain or store any Sensitive Personal Data, such as information about health or medical conditions, race or religious beliefs.
For detailed information on the cookies we use and the purposes for which we use them see our Cookies Policy.
11. CONTACT DETAILS
12. LOCAL SUPERVISORY AUTHORITY
The Information Commissioners Office (ICO) is the Data Protection Authority in the UK, tasked with investigating individual Data Protection related complaints. The website can be found via the following link: https://ico.org.uk/ .