Privacy Policy

Last updated: March 2019 in line with GDPR Compliance and Principles, as follows:

The Get Better Box assures you that Personal Data shall be...

lock-1516242_960_720.jpg
  • Processed lawfully and fairly.

  • Collected for specified, explicit and legitimate purposes only.

  • Adequate, relevant and limited to what is necessary.

  • Accurate and, where necessary, kept up to date.

  • Kept for no longer than is necessary.

  • Processed in a manner that ensures appropriate security.

 

Section 1: Who are we?

Delirious Fox Limited is our Registered Company, No: 10046498. Office 17 Beckenham Grove, Bromley, Kent, BR2 0JN.

The Get Better Box is a product line of Delirious Fox Ltd. www.thegetbetterbox.co.uk is an online store. We sell a range of luxury letterbox care hampers to customers in England, Scotland and Wales, UK.

This policy applies to information we collect about: 1. visitors to our website; 2. visitors to our website that complete any forms, providing their personal details; 3. people who do business with us, place orders from us or register for our service online or otherwise.

Section 2: Application of this policy

This Policy describes how we collect, use and otherwise handle the “Personal Information” that we receive from you and explains the circumstances in which we may transfer this to others.

“Personal Information” is information about you which can be used alone, or combined with other information, to identify you personally.

Our Privacy Policy must be read together with any other legal notices or terms and conditions available on other pages of our Website.

Our Policy on retaining your Personal Information is as follows:

Our policy is to keep as little of your information as we possibly can and to keep that information as securely as possible.

Your information and privacy is important to us. We apply a policy of retaining only the minimum information necessary for operations, legal and statutory compliance and by maintaining it as securely as possible. We use Microsoft secure cloud storage facilities, which have been approved by the European Union’s data privacy authorities, to store our data.

Section 3: Collecting and handling your personal information

Legal grounds for collection and use of Personal Information

We will only collect, use and otherwise handle your Personal Information when:

  • You have agreed for us to do so, by opting in via our website or in person by providing us with your details. We will only retain and use these details when it is necessary for our legitimate interests in connection with providing you with the services we offer such as:

  • responding to your queries;

  • providing services/products and/or information to you;

  • administering the services/products/information we provide for you

  • hosting and maintaining our Website

  • providing technical support to you

  • preventing and detecting fraud and other criminal offences

  • ensuring network and information security, as long as, in each case, these interests are in line with applicable law and your legal rights and freedoms

  • where you have agreed to this for specified, explicit and legitimate purposes

  • where this is necessary to satisfy our statutory obligations.

How we collect and use Personal Information that you provide to us

Forms:

We may collect your Personal Information which you choose to provide when you fill in forms, online or otherwise (at events, in person, over the phone etc). When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give via Squarespace and Stripe. This may include, for example, your name, title, contact details (such as email, telephone number and address, and/or the recipient's contact details). This is so that we can deliver the product/service you have bought to either yourself or the person you are gifting. This is also to apply your personal preferences, choices and requirements specific to particular requests or product services. We also collect other sorts of Personal Information to ensure that the services we provide are appropriate for you. We may use this Personal Information to respond to your queries, and/or provide the services and/or information that you have requested.

You should also note that when you browse our store, we automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system. This helps us to provide you a seamless user experience.

Consent:

Events: if you register for one of our events, we will collect whatever information you provide to enable us to enrol you. If you provide your details to us at any events we are hosting at, we will retain the details you have provided us with for the purposes you have opted-in to. We will never send you anything you have not agreed to, and we will never retain your information unless it is necessary for any/all of the reasons stated above. If you change your mind about opting in and wish us to remove your details, simply contact us and will be happy to accomodate this.

Marketing Opt-In:

Where you have provided us with your contact details, we may contact you by your preferred channel for marketing purposes relating to our services. We will enable you to opt-in to these services. We will only contact you for these marketing purposes by electronic means (email or SMS) where you have agreed to this.

Marketing Opt-Out:

You are entitled to opt-out from receipt of marketing communication at any time and free of charge by using the contact details provided in this Privacy Policy or by using the “unsubscribe” option included in any marketing e-mail or other marketing material received from us.

We may also use any Personal Information that you provide to us:

  • where legally permitted for specific purposes made clear at the point of collection on particular pages of our Website; and/or

  • where we otherwise have legal grounds for collection and use of your Personal Information as explained in more detail above.

If you choose not to provide Personal Information requested by us, we may not be able to provide you with the information and/or services you have requested or otherwise fulfil the purpose(s) for which we have asked for the Personal Information. You will be informed of that if it is the case.

Section 4: Our Website “Cookies”

We’ve all heard of “cookies” on websites…these are small text files which are downloaded onto our computers when we open webpages.

These cookies hold useful information such as whether a user has previously opened that webpage, whether they chose any settings that they’d like to take effect whenever they are on that webpage, or whether a user has successfully logged in to that website.

If our site uses cookies, you will always be informed and asked to accept them.  They will not pass any personal details to anyone and we will not store anything that they have logged.  We only use cookies to make your time on our site as easy and as friendly as we can.

Section 5: Google Analytics

Google provides a web analysis service (Google Analytics) which collects data to track and examine the use of websites.  Google utilises this data to prepare reports on its activities and share them with other Google services. Google may use the data collected to contextualise and personalise the ads of its own advertising network.

In order to produce the analysis stated above, Google collects personal information from Cookies and Usage Data.  This data is then processed in the USA.

For more details on this, you can view Google’s privacy policy here.

Website users can opt-out of Google Analytics for Display Advertising and also customise Google Display Network ads using the Ads Settings.  To get help on how to do this, click here.

How We Use Google Analytics

We use Google Analytics to monitor how our website is being used so we can improve it as best we can.

In order for us to ask Google to prepare site usage reports for us, we need to pass them each IP address that is accessing our site.

However, when we pass an IP address to Google, we take advantage of the anonymisation feature which means we DO NOT send Google any details that can then be traced back to the source IP address.  For more information on this feature, please click here.

WE DO NOT PASS ANY OTHER INFORMATION TO GOOGLE.

As described in the section above, Google may also share the data from the site usage report with other Google services.  In particular, Google may use the data to contextualise and personalise the ads of its own advertising network.

For information on how Google uses the information it collects, please click here.

Section 6: Third Parties

Some services that we provide require the involvement of third parties. We have carefully selected these third parties and taken steps to ensure that your Personal Information is adequately protected.

Where we employ third party companies or individuals to process Personal Information provided by us (and not collected by them), they only use this Personal Information on our behalf and in line with our instructions and this Privacy Policy.

Our Website offers the possibility to share content on social media channels, e.g., Facebook. The respective social media provider will directly gather Personal Information only after you click on the corresponding sharing button. Please refer to the privacy policy of the social media providers to learn more about what Personal Information is collected and used.

Certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.

For these providers, we recommend that you read their privacy policies so you can understand the manner in which these providers will handle your personal information.

Squarespace and Stripe

Our store is hosted on Squarespace. They provide us with the online e-commerce platform that allows us to sell our products and services to you. We process all online payments via Stripe. They provide us with the payment gateway that allows us to securely process your payments.

Payment:

When making a purchase on our site we use Stripe in conjunction with Squarespace to process this payment. Stripe uses the following security to protect your information when processing this payment. For more information about Stripe visit www.stripe.com. For more information about Squarespace visit www.squarespce.com.

Stripe has been audited by a PCI-certified auditor, and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available. You can read their PCI Compliance statement here: https://stripe.com/guides/pci-compliance.

In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

As an example, if you are located in United Kingdom and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.

Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

Links:

When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

How long do we store Personal Information?

It is our policy to retain your Personal Information for the length of time required for the specific purpose or purposes for which it was collected, which are set out in this Privacy Policy. However, on occasion, we may be obliged to store some data for a longer time, for example, where a longer time period is required by applicable laws. In this case, we will ensure that your Personal Data will continue to be treated in accordance with this Privacy Policy.

An example of this is that we are required to keep full accounts and tax records for seven years to satisfy our statutory obligations to HMRC.

Section 7: Security

Our Website is hosted on servers in the EEA. We employ appropriate security measures to help protect your Personal Information and guard against access by unauthorised persons. Information storage is on secure computers in a locked and certified information centre and the information is encrypted wherever possible.

We use Microsoft secure cloud storage facilities which have been approved by the European Union’s data privacy authorities to store your Personal Information collected in any way other than for marketing communication.

Marketing communication information is stored on Mailchimp. Mailchimp’s Privacy Policy can be found here: https://mailchimp.com/legal/privacy/

We undergo periodic reviews of our security policies and procedures to ensure that our systems are secure and protected. However, as r the transmission of information via the Internet is not completely secure we cannot guarantee the security of your information transmitted to our Website or emailed to us.

Stripe has been audited by a PCI-certified auditor, and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available.

Stripe forces HTTPS for all services, including our public website. They regularly audit the details of their implementation: the certificates they serve, the certificate authorities they use, and the ciphers they support. They use HSTS to ensure browsers interact with Stripe only over HTTPS. Stripe is also on the HSTS preloaded lists for both Chrome and Firefox.

All card numbers are encrypted with AES-256. Decryption keys are stored on separate machines. None of Stripe's internal servers and daemons are able to obtain plaintext card numbers; instead, they can just request that cards be sent to a service provider on a static whitelist. Stripe's infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure, and doesn't share any credentials with Stripe's primary services (API, website, etc.).

Age of Consent

By using this site, you represent that you are at least the age of majority in your country, state or province of residence, or that you are the age of majority in your country, state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.

Confidentiality

We acknowledge that the information you provide may be confidential. We do not sell, rent, distribute or otherwise make Personal Information commercially available to any third party, except that we may share information with our service providers for the purposes set out in this Privacy Policy. We will maintain the confidentiality of and protect your information in accordance with our Privacy Policy and all applicable laws.

Your Rights

If you wish to:

  • access, confirm, correct, rectify, update, supplement, anonymise, block, restrict or delete your Personal Information

  • object to our use of your Personal Information

  • if you have any questions about our processing of your Personal Information

  • if you would like to transfer your Personal Information from us to another person or organisation

Please contact us.

We will provide you with all rights in relation to your Personal Information to which you are entitled under law. If you are unhappy with the way that we have handled your Personal Information, you can make a complaint to the data protection authority. Contact details are typically available online, or alternatively, you may ask us for assistance.

How to contact us

If you have any questions in relation to this Privacy Policy, or if you would like to speak to us to exercise your rights as stated in this Privacy Policy, you may contact us at deliriousfox@thegetbetterbox.co.uk

Section 8: Changes to this Privacy Policy

We reserve the right to change our Privacy Policy at any time, so please view it frequently, particularly when there are changes in the laws relating to collecting or retaining data. When we change our Privacy Policy, we will publish the updated policy here. Subject to applicable law, all changes will take effect as soon as we publish the updated Privacy Policy, but where we have already collected information about you and/or where legally required to do so, we may take additional steps to inform you of any material changes to our Privacy Policy and may request that you agree to these changes.