Penelopetom Direct (“We”) are committed to protecting and respecting your privacy. We are a UK hosted website and run in accordance with the requirements of the UK Data Protection Act of 1998.
This policy (together with our Terms and Conditions) sets out the basis on which personal data we collect from you will be used. Please read through this policy carefully to understand how we will treat your data.
For the purpose of the Data Protection Act 1998 (the Act), the data controller is Penelopetom Direct Ltd (company number 08671135)
Information we may collect
We may collect and process the following data:
- Information that you provide when completing forms on the website www.penelopetom.com (the Website). This includes information provided at the time of registering to use the Website, provided at point of purchase, subscribing to our marketing databases or entering a competition. We may also ask you for information when you report a problem with the Website.
- Details of transactions you carry out through the Website and the fulfilment of your orders
- If you contact us, we may keep a record of that correspondence
IP Addresses and Cookies
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies and other such software on the Website contain information that is transferred to your computer's hard drive. They help us to improve the Website and to deliver a better and more personalised service.
Uses made of your Personal Data
We use information held about you in the following ways:
- to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
- to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about;
- to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you. If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your data;
- to notify you about changes to our service;
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep our site safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you; and
- to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Disclosure of your Information
We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may share your information with selected third parties including:
- Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.
- Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others. We do not disclose information about identifiable individuals to our advertisers, but we may provide them with aggregate information about our users
- Analytics and search engine providers that assist us in the improvement and optimisation of our the Website.
- Credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If Penelopetom Direct Ltd is acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions and other agreements; or to protect the rights, property, or safety of Penelopetom Direct Ltd, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us directly.
The Website may, from time to time, contain links to and from the websites of our partner advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act.
All payment data transmitted between you and our site is protected using strong SSL encryption technology. We do not store or retain credit card information. We are fully PCI compliant.
We use WorldPay for online credit and debit clearing, in conjunction with HSBC Bank. As a result of this we charge for the order in full at the time the order is placed. Therefore please ensure if you are pre-ordering an item that you are happy to pay for it in advance.
You undertake that all details which you provide to us for the purpose of ordering goods are correct, that the credit or debit card you are using is your own and that there are sufficient funds to cover the cost of the order.