Privacy & Cookies Policies

Please read our Privacy and Cookies Policies shown below and our Terms and Conditions which apply to our website at nutsandboltsdirect.com (hereafter called the "Website") as by accessing and using the Website and/or submitting any personal information and/or placing any order for any product or service through the Website you agree to be bound by them. If you do not agree or if you are under 18 years of age then you should not access or use the Website or submit any personal information or order any product or service through the Website.


Privacy and Cookies Policy


1. Introduction

Simply Oysters is a controller of your personal data. We respect your privacy and we are committed to protecting your personal data. This Privacy Notice will inform you as to how we use your personal data when you visit our website at nutsandboltsdirect.co.uk (hereafter called the "Website") and tell you about your privacy rights and how the law protects you.


This Privacy Notice provides you with information about:

·         what personal data we collect

·         how and when we use and process this data for our legitimate business interests

·         the safeguards we have in place to ensure your privacy is maintained

·         your legal rights relating to personal data and how you can instruct us if you prefer to limit the use of this data.

 

2. Data we may collect

We will not knowingly collect information from anyone under the age of 18. If you are under 18 years of age, you should not access or use the Website, or submit any personal information and/or order any product or service through the Website.


We may collect data from you:

·         when you purchase products or services from us

·         when you create an online account with us

·         when you email us or receive emails from us

·         when you request information or marketing from us

·         when you enter a competition, promotion or survey

·         when you contact us or provide us with feedback

·         when you browse the Website

·         when you interact with our social media channels.

 

This data may include:

·         name and contact details including your address, telephone number and email address

·         records of your transactions including what products you purchased and when you purchased those products from us

·         payment card details. These details are collected, used, and stored on our payment service provider’s systems (PayPal’s merchant payment gateway system); not on our systems.

·         usernames and passwords you create for your online account

·         email and other correspondence and communications with us

·         marketing preferences and survey responses

·         browsing activity on the Website which may be passively collected by us through the use of cookies and other technologies. This online usage may be linked to a unique identifier but we do not link online usage to named individuals

·         other publicly available personal data, including any which you have shared via a social media channels (such as Twitter or Facebook).

 

This list is not exhaustive and, in specific instances, we may need to collect additional data for the purposes set out in this Privacy Notice. Some of the above personal data is collected directly, for example when you purchase a product or service from us, or set up an online account with us, or send an email to us. Other personal data is collected indirectly, for example, through your browsing activity on the Website.

 

3. What we do with this data

We may process and use your personal data:

·         to provide products and services to you

·         to provide an online account to you

·         to register and manage the online account you set up with us

·         to make the Website available to you

·         to help us manage client service communications with you

·         to improve our understanding of our clients and to improve our products, services and client relationships and experiences

·         to contact you about special offers, prize draws, products, services and other news which we think may interest you

·         to notify you about changes to our Privacy Notice, Cookie Policy, or Terms and Conditions

·         for our own market research purposes

·         for crime and fraud prevention and detection

·         where we have a legal right or duty to use or disclose your data. For example in relation to an investigation by a public authority or in a legal dispute.

 

We will not rent or sell your personal data to other organisations for marketing purposes.

 

4. Marketing and special offers

You may receive electronic marketing from us if you provided your personal details to us when you registered with us or you purchased any product or service from us. We use your personal details for electronic marketing purposes primarily where we aim to update you about our products, service, special offers, prize draws, news and events which we believe are of interest and relevance to you. We will only do so where we have a lawful basis to do so.


You have the right to opt out of receiving our marketing emails at any time, by:

·         the “unsubscribe” link; and/or

·         the “update your preferences” link; and/or

·         email us at sales@nutsandboltsdirect.co.uk

 

5. Advertising cookies

We do not use ‘Advertising Cookies’ on the Website, and we do not place these types of cookies on your device. For information about the cookies we use when you visit the Website, please see our Cookie Policy below. 

 

6. Sharing data with third parties

In order to provide our products and services, securely fulfil transactions, and provide you relevant marketing communications, we may need to share your personal data or anonymous data with our service providers including payment processing companies, IT service providers (such as hosting companies), analytics companies and marketing services agencies. We only allow our service partners to handle your personal data when they conform to the appropriate data protection and security controls. Our service partners have obligations relating to data protection and security restricting their use of your data to provide services to us and to you, and for no other purposes. We will not rent or sell your personal data to other organisations for marketing purposes.


Aside from our service partners, we will not disclose your personal data to any third party, except as listed below:

·         governmental bodies, regulators, law enforcement agencies, courts/tribunals and insurers where we are legally required to do so

·         to comply with our legal obligations

·         to exercise our legal rights. For example in court cases

·         for the prevention, detection, investigation of crime or prosecution of offenders

·         third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Notice.

 

7. How long we keep data

We will not retain your data for longer than necessary for the purposes set out in this Privacy Notice. In general, we will keep your data for the duration of our relationship with you and for a certain period afterwards. In considering how long to keep personal data, we take into account the nature of the information, the nature of the relationship with you, the relevance of the information, and our obligations to comply with applicable laws and regulations. The longest we hold any personally identifiable data is four years after your last order, or interaction with our marketing communications, or contact with us. After that time, we make anonymous any transaction data that we hold for the purposes of accounting records or business analysis.

 

8. How we protect data

We are committed to keeping your personal data safe and secure and we follow strict security procedures which include:

·         regular network vulnerability scans

·         scanning to protect against malicious threats to our IT infrastructure

·         security controls which protect our IT infrastructure from external attacks and unauthorised access

·         secure disposal of all redundant IT hardware.

 

9. EEA transfers

If you are based within the European Economic Area (EEA), please note that we may transfer personal information to countries outside the EEA. Not all countries provide the same level of protection in relation to personal information as within the EEA. Where necessary to make such transfers, we will comply with our legal and regulatory obligations in relation to the personal information. This will include having a lawful basis for transferring the personal information and putting appropriate safeguards in place to ensure an adequate level of protection for the personal information.

 

10. Our legal basis for processing data