Last updated: March 2019 in line with GDPR Compliance and Principles, as follows:
The Get Better Box assures you that Personal Data shall be...
Processed lawfully and fairly.
Collected for specified, explicit and legitimate purposes only.
Adequate, relevant and limited to what is necessary.
Accurate and, where necessary, kept up to date.
Kept for no longer than is necessary.
Processed in a manner that ensures appropriate security.
Section 1: Who are we?
Delirious Fox Limited is our Registered Company, No: 10046498. Office 17 Beckenham Grove, Bromley, Kent, BR2 0JN.
The Get Better Box is a product line of Delirious Fox Ltd. www.thegetbetterbox.co.uk is an online store. We sell a range of luxury letterbox care hampers to customers in England, Scotland and Wales, UK.
This policy applies to information we collect about: 1. visitors to our website; 2. visitors to our website that complete any forms, providing their personal details; 3. people who do business with us, place orders from us or register for our service online or otherwise.
Section 2: Application of this policy
This Policy describes how we collect, use and otherwise handle the “Personal Information” that we receive from you and explains the circumstances in which we may transfer this to others.
“Personal Information” is information about you which can be used alone, or combined with other information, to identify you personally.
Our Policy on retaining your Personal Information is as follows:
Our policy is to keep as little of your information as we possibly can and to keep that information as securely as possible.
Your information and privacy is important to us. We apply a policy of retaining only the minimum information necessary for operations, legal and statutory compliance and by maintaining it as securely as possible. We use Microsoft secure cloud storage facilities, which have been approved by the European Union’s data privacy authorities, to store our data.
Section 3: Collecting and handling your personal information
Legal grounds for collection and use of Personal Information
We will only collect, use and otherwise handle your Personal Information when:
You have agreed for us to do so, by opting in via our website or in person by providing us with your details. We will only retain and use these details when it is necessary for our legitimate interests in connection with providing you with the services we offer such as:
responding to your queries;
providing services/products and/or information to you;
administering the services/products/information we provide for you
hosting and maintaining our Website
providing technical support to you
preventing and detecting fraud and other criminal offences
ensuring network and information security, as long as, in each case, these interests are in line with applicable law and your legal rights and freedoms
where you have agreed to this for specified, explicit and legitimate purposes
where this is necessary to satisfy our statutory obligations.
How we collect and use Personal Information that you provide to us
We may collect your Personal Information which you choose to provide when you fill in forms, online or otherwise (at events, in person, over the phone etc). When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give via Squarespace and Stripe. This may include, for example, your name, title, contact details (such as email, telephone number and address, and/or the recipient's contact details). This is so that we can deliver the product/service you have bought to either yourself or the person you are gifting. This is also to apply your personal preferences, choices and requirements specific to particular requests or product services. We also collect other sorts of Personal Information to ensure that the services we provide are appropriate for you. We may use this Personal Information to respond to your queries, and/or provide the services and/or information that you have requested.
You should also note that when you browse our store, we automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system. This helps us to provide you a seamless user experience.
Events: if you register for one of our events, we will collect whatever information you provide to enable us to enrol you. If you provide your details to us at any events we are hosting at, we will retain the details you have provided us with for the purposes you have opted-in to. We will never send you anything you have not agreed to, and we will never retain your information unless it is necessary for any/all of the reasons stated above. If you change your mind about opting in and wish us to remove your details, simply contact us and will be happy to accomodate this.
Where you have provided us with your contact details, we may contact you by your preferred channel for marketing purposes relating to our services. We will enable you to opt-in to these services. We will only contact you for these marketing purposes by electronic means (email or SMS) where you have agreed to this.
We may also use any Personal Information that you provide to us:
where legally permitted for specific purposes made clear at the point of collection on particular pages of our Website; and/or
where we otherwise have legal grounds for collection and use of your Personal Information as explained in more detail above.
If you choose not to provide Personal Information requested by us, we may not be able to provide you with the information and/or services you have requested or otherwise fulfil the purpose(s) for which we have asked for the Personal Information. You will be informed of that if it is the case.
Section 4: Our Website “Cookies”
We’ve all heard of “cookies” on websites…these are small text files which are downloaded onto our computers when we open webpages.
These cookies hold useful information such as whether a user has previously opened that webpage, whether they chose any settings that they’d like to take effect whenever they are on that webpage, or whether a user has successfully logged in to that website.
Section 5: Google Analytics
Google provides a web analysis service (Google Analytics) which collects data to track and examine the use of websites. Google utilises this data to prepare reports on its activities and share them with other Google services. Google may use the data collected to contextualise and personalise the ads of its own advertising network.
In order to produce the analysis stated above, Google collects personal information from Cookies and Usage Data. This data is then processed in the USA.
Website users can opt-out of Google Analytics for Display Advertising and also customise Google Display Network ads using the Ads Settings. To get help on how to do this, click here.
How We Use Google Analytics
We use Google Analytics to monitor how our website is being used so we can improve it as best we can.
In order for us to ask Google to prepare site usage reports for us, we need to pass them each IP address that is accessing our site.
However, when we pass an IP address to Google, we take advantage of the anonymisation feature which means we DO NOT send Google any details that can then be traced back to the source IP address. For more information on this feature, please click here.
WE DO NOT PASS ANY OTHER INFORMATION TO GOOGLE.
As described in the section above, Google may also share the data from the site usage report with other Google services. In particular, Google may use the data to contextualise and personalise the ads of its own advertising network.
For information on how Google uses the information it collects, please click here.
Section 6: Third Parties
Some services that we provide require the involvement of third parties. We have carefully selected these third parties and taken steps to ensure that your Personal Information is adequately protected.
Certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which these providers will handle your personal information.
Squarespace and Stripe
Our store is hosted on Squarespace. They provide us with the online e-commerce platform that allows us to sell our products and services to you. We process all online payments via Stripe. They provide us with the payment gateway that allows us to securely process your payments.
When making a purchase on our site we use Stripe in conjunction with Squarespace to process this payment. Stripe uses the following security to protect your information when processing this payment. For more information about Stripe visit www.stripe.com. For more information about Squarespace visit www.squarespce.com.
Stripe has been audited by a PCI-certified auditor, and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available. You can read their PCI Compliance statement here: https://stripe.com/guides/pci-compliance.
In particular, remember that certain providers may be located in or have facilities that are located a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in United Kingdom and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
How long do we store Personal Information?
An example of this is that we are required to keep full accounts and tax records for seven years to satisfy our statutory obligations to HMRC.
Section 7: Security
Our Website is hosted on servers in the EEA. We employ appropriate security measures to help protect your Personal Information and guard against access by unauthorised persons. Information storage is on secure computers in a locked and certified information centre and the information is encrypted wherever possible.
We use Microsoft secure cloud storage facilities which have been approved by the European Union’s data privacy authorities to store your Personal Information collected in any way other than for marketing communication.
We undergo periodic reviews of our security policies and procedures to ensure that our systems are secure and protected. However, as r the transmission of information via the Internet is not completely secure we cannot guarantee the security of your information transmitted to our Website or emailed to us.
Stripe has been audited by a PCI-certified auditor, and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available.
Stripe forces HTTPS for all services, including our public website. They regularly audit the details of their implementation: the certificates they serve, the certificate authorities they use, and the ciphers they support. They use HSTS to ensure browsers interact with Stripe only over HTTPS. Stripe is also on the HSTS preloaded lists for both Chrome and Firefox.
All card numbers are encrypted with AES-256. Decryption keys are stored on separate machines. None of Stripe's internal servers and daemons are able to obtain plaintext card numbers; instead, they can just request that cards be sent to a service provider on a static whitelist. Stripe's infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure, and doesn't share any credentials with Stripe's primary services (API, website, etc.).
Age of Consent
By using this site, you represent that you are at least the age of majority in your country, state or province of residence, or that you are the age of majority in your country, state or province of residence and you have given us your consent to allow any of your minor dependents to use this site.
If you wish to:
access, confirm, correct, rectify, update, supplement, anonymise, block, restrict or delete your Personal Information
object to our use of your Personal Information
if you have any questions about our processing of your Personal Information
if you would like to transfer your Personal Information from us to another person or organisation
Please contact us.
We will provide you with all rights in relation to your Personal Information to which you are entitled under law. If you are unhappy with the way that we have handled your Personal Information, you can make a complaint to the data protection authority. Contact details are typically available online, or alternatively, you may ask us for assistance.
How to contact us