PRIVACY POLICY

1. General introduction

We are committed to ensuring that we manage your personal data professionally and in compliance with all applicable data protection laws. Part of this commitment is to ensure that there is transparency about how we process personal data. This policy includes an explanation of:

  • what data we are processing;
  • why we are processing it and what we do with it;
  • whether we will share it with anyone else;
  • whether we will transfer it outside of the European Economic Area (‘EEA’);
  • how we keep your data safe; and
  • your rights.

We hope that you find this Privacy Policy helpful.  If you have any questions, please don’t hesitate to contact us.

 

2. Who we are and our contact details

2.1 Hawes Music Ltd registered address is 19 Upper King Street, Norwich, NR3 1RB.  In this policy we have referred to Patrick Hawes & Hawes Music Ltd as: we, us, or our.

2.2 For any queries concerning your data please contact the Managing Director at the above address or by email at andyberry@hawesmusic.com.

 

3. Your personal data

3.1 The reasons that we hold personal data fall broadly into two categories as detailed in Sections 3.2 and 3.3. In each section, we have explained how we manage and process the personal data.

3.2 When you order any product from the website

3.2.1 What data do we hold about you?

Name & Contact details (e-mail and your home address).

3.2.2 How do we obtain this data?

By you providing your information for us to complete your order.

3.2.3 What do we do with this data?

Your name, address and email address is held within the WordPress WooCommerce server when you place your order.  We use it to send you the products you have ordered and automatically include you in the mailing list for the e-newsletter which we believe is genuine and legitimate concerning your interest in news about Patrick Hawes and/or Hawes Music.

3.2.4 Will we share your data with any third parties?

In addition to the WordPress WooCommerce server, the only third party with whom we share your name and email address (not home address) is MailChimp.  MailChimp is the online system we use to create and distribute our e-newsletters.  For details on their Privacy Policy see: https://mailchimp.com/legal/privacy/

3.2.5 How long do we keep this data?

We keep some of your data for a limited time to comply with contractual obligations, like keeping tracking IDs to identify shipping disputes or keeping VAT information for tax audits.

Your name and email address will be held indefinitely on our e-mailing list (stored on MailChimp as detailed above) unless you select ‘Unsubscribe’. The Unsubscribe option will be present on all newsletter mailings from us and you can elect to unsubscribe at any point using this function or by emailing us separately and requesting your details be removed.

 

3.3 When you subscribe to the e-newsletter

3.3.1. What data do we hold about you?

Name & e-mail address.

3.3.2 How do we obtain this data?

By you providing this information when submitting an order or by subscribing directly to the e-newsletter.

3.3.3 What do we do with this data?

We use it to send you information via the e-newsletter that we believe is genuine and legitimate concerning your interest in news about Patrick Hawes and/or Hawes Music.

3.3.4 Will we share your data with any third parties?

The only third party with whom we share your name and email address (not home address) is MailChimp. MailChimp is the online system we use to create and distribute our e-newsletters. For details on their Privacy Policy see: https://mailchimp.com/legal/privacy/

3.3.5 How long do we keep this data?

Your name and email address will be held indefinitely on our e-mailing list (stored on MailChimp as detailed above) unless you select ‘Unsubscribe’. The Unsubscribe option will be present on all e-newsletters from us and you can elect to unsubscribe at any point using this function or by emailing us separately and requesting your details be removed.

 

4. Cookies

4.1 We use Cookies on our website. A cookie is a small text file which is placed onto your computer (or other electronic device) when you visit our website. This enables us to monitor how many times you visit the website, which pages you go to, traffic data, location data and the originating domain name of your internet service provider.

4.2 You can set your browser not to accept cookies, however some of our website features may not function as a result.

4.3 For more information about cookies generally and how to disable them you can visit: allaboutcookies.org.

 

5. Data security

5.1 We have adopted the measures necessary to ensure the security of the personal data we collect, use and maintain, and prevent their alteration, loss, unauthorised processing or access, and the risks to which they are exposed by human action or physical or natural environment. However, as effective as our security measures are, no security system is impenetrable. We cannot guarantee the security of our database.

5.2 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we will use procedures and security features to try to prevent unauthorised access.

5.3 Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

 

6. Your rights

6.1 Your right to access your data

6.1.1 We always aim to be as open as we can and allow people access to their personal information. Where we hold your personal data, you can make a ‘subject access request’ to us and we will provide you with:

  • a description of it;
  • an explanation of why we are holding it;
  • information about who it could be disclosed to; and
  • a copy of the information in an intelligible form – unless an exception to the disclosure requirements is applicable.

6.1.2 If you would like to make a ‘subject access request’ please make it in writing to our contact e-mail address noted in section 2 and mark it clearly as ‘Subject Access Request’.

6.1.3 If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need by email.

6.1.4 Unless we agree a different timeframe with you, we will complete your subject access request within one month.

6.2 Right to be forgotten

6.2.1If we hold personal data about you, but it is no longer necessary for the purposes that it was collected and cannot otherwise be justified – you have the right to request that we delete the data.

6.3 Right to restrict data

6.3.1 If we hold personal data about you and you believe it is inaccurate you have the right to request us to restrict the data until it is verified.

6.4 Right to complain

6.4.1 You always have the right to complain to the personal data regulator, the ICO. You may also be entitled to seek compensation if there has been a breach of data protection laws.

 

7. Policy updates & reviews

7.1 This policy is updated as needed and reviewed at least annually.

7.2 This version of the policy was reviewed and updated on 5th June 2018.