The DPA & GDPR May 2018
We and this website complies with the DPA (Data Protection Act 1998) and the GDPR (General Data Protection Regulation) which comes into effect from May 2018.
If you have any questions relating to GDPR please contact our Data Protection Officer Clive North (firstname.lastname@example.org).
Commitment to Customers Privacy
We will hold your details on our internal system. We do our best to ensure the security of your details by using up to date industry practices to guard against unauthorised access, use, disclosure or loss.
Your personal details will not be used in ways to which you have not consented.
It is possible to view our site without providing any personal details. However, without registering your details you will not be able to order from us.
Use of Information and Preferences
We will only ask for personal information from you where it is necessary for us to provide services to you. We will only collect information where it is specifically and knowingly provided by you. For example, we will ask for your name, email and physical address, telephone number and payment card details when you register with us or place an order.
We will use this information to process your order and payment. If you default on payments, we may disclose your relevant details to debt collection agencies.
We may also review the products you buy using our online service or in store to enable us to give you information about products and services that you may be interested in.
We keep a record of your emails to assist in our management of your account with us.
Your telephone calls to us may be recorded and monitored for quality control, training and service delivery purposes.
We will also use your contact details to communicate with you.
We might also pass your personal information, but never your credit card or payment details, to selected third parties for the provision of services. Again, however, we will not do this if you tell us not to, when registering with us, when you select your preferences, or if you later tell us not to, by changing your preferences. You can review or change your preferences on the contact preferences section of "My account".
The only other circumstances when we may provide details, from which you are identifiable, to third parties, are where we are required to do so by law, in order to administer your order (see section on Payment Details below), to our suppliers who process data on our behalf in the UK or abroad, inside or outside the EEA, and where required for business succession reasons.
We may occasionally need to contact you to enable us to fulfil your order correctly. For example, if an item you have ordered is unavailable or if your delivery day needs to be changed, we would need to contact you. On such an occasion, we will normally try to reach you by telephone or email. If you have told us that you would prefer us to use a particular form of contact, we will endeavour to do so. You can update your preferred form of contact by viewing the account dashboard section of 'My account' when you are logged into our website.
From time to time we may also send you a letter, email or other communication, telling you about new products or special offers offered by us or by carefully selected third parties which we believe may interest you. We might ask for your views on our products or services to improve our offering. We will not send you any non-administrative emails or text messages without your consent. You can choose to opt in when you register with us.
If you cancel your account with us, we may archive your address and occasionally send you communications inviting you to try us again. You can remove yourself from our mailing list at any time by contacting our office (contact details are given on the account dashboard page of our website).
As a company that does business over the Internet, we understand the importance of security. We have highly secure facilities to give you confidence when using your payment card, and when you give us personal information, such as your address or telephone number. Please note, however, that although we use technology and systems designed to ensure security, we cannot guarantee the security of your information.
We use Secure Sockets Layer (SSL) technology to encrypt your details as they're transmitted between your computer and our systems. This ensures, to the extent we can, that your payment card and personal details are kept private, except where we have advised you otherwise in our terms and conditions or in this statement. Your payment card details are encrypted and stored on a secure server that is set up to the extent practicable, so as not accessible via the Internet.
You store your payment card details with us, so we can automatically take payment for your deliveries. When you look at the 'payment details' section of 'My account’, you will only see the last four digits of your card number. This enables you to check it's right but prevents anybody else (except those staff of ourselves and our agents and your card issuer, applicable bank and their agents who need to see those details strictly only to enable your payment to be processed) from seeing your full card details. Access to your card details within Tom Hixson & Co Ltd is highly restricted.
Every time you fill out personal or payment details on our site, your browser is switched to 'secure mode', to encrypt the information that you send to us. To verify you are in a secure part of the site look for a closed padlock icon, commonly in the bottom bar of your internet browser. If you have any further questions, please contact us.
Your payment details, credit card numbers etc. will remain within the operational system at Tom Hixson & Co Ltd. They will be processed using a system which uses up to date security technology supported by SagePay or an equivalent supplier. Beyond this, they will never be shared with any third party except in the limited circumstances explained above.
Tom Hixson & Co Ltd use a feature of your internet browser called a 'cookie' on our site. Cookies are small text files sent by a web server to your web browser, stored on your computer and sent back to us each time you visit. Cookies are used by the vast majority of websites to provide features, such as a shopping basket or automatic login. We use them in three ways:
We also offer you the option of automatic login to our system, which means that our system will recognise you and will log you in automatically when you access the site. This service works by using cookies which store your membership number and name. This information is encrypted and we do not store your password, but since this will enable any person using your computer to access your account, we strongly recommend you do not enable this service on a shared computer. The auto-login service is provided at your own risk. The auto-login service is permanent until you cancel it via your 'My account' pages or manually delete the cookie.
Cookies are also used in email messages you have agreed to receive and at our website to help us measure the response to our marketing. We are able to understand how you interact with the pages of our website through the combination of the cookie and pixels set on the pages of our website. This enables us to understand what interested you in our emails and what did not, and what interests you about our website and what does not. We can then try to send you more tailored information in the future. We consider this information at an aggregated level, rather than looking at each individual's use of our website. Please note that this information is for our use only - we do not disclose or share this information with any third parties, except those who help us with the distribution of emails and functionality of the website. These companies are limited in number and always bound by strict confidentiality agreements. If you do not wish this to happen, you can change the cookie settings in your browser.
There will not be any personally identifiable information in the Cookie when an anonymous user browses the website and orders things from the catalogue. Use of the auto login stores your customer account number and username in the Cookie, and your password will be stored there in an encrypted membership form. The Tom Hixson & Co Ltd Cookie will remain on your hard disk indefinitely.
Website Visitor Tracking
This website uses tracking software to monitor its visitors to better understand how they use it. The software will save a cookie to your computer’s hard drive in order to track and monitor your engagement and usage of the website, but will not store, save or collect personal information.
Downloads & Media Files
Any downloadable documents, files or media made available on this website are provided to users at their own risk. While all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third party anti-virus software or similar applications.
We accept no responsibility for third party downloads and downloads provided by external third party websites and advise users to verify their authenticity using third party anti-virus software or similar applications.
Email Mailing List & Marketing Messages
We operate an email mailing list program, used to inform subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process where they have given their explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named in 'The Policy' above. Subscribers can unsubscribe at any time through an automated online service, or if not available, other means as detailed in the footer of sent marketing messages (or unsubscribe from all iContact lists). The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription.
Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data. This data will only be used by us to improve our service to you.
External Website Links & Third Parties
Although we only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites, similar to: the BBC News Homepage or http://www.bbc.co.uk/news).
Shortened URL's; URL shortening is a technique used on the web to shorten URL's (Uniform Resource Locators) to something substantially shorter. This technique is especially used in social media and looks similar to this (example: http://bit.ly/zyVUBo). Users should take caution before clicking on shortened URL links and verify their authenticity before proceeding.
We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Social Media Policy & Usage
We adopt a Social Media Policy to ensure our business and our staff conduct themselves accordingly online. While we may have official profiles on social media platforms, users are advised to verify authenticity of such profiles before engaging with, or sharing information with such profiles. We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.
There may be instances where our website features social sharing buttons, which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page. You can find further information about some social media privacy and usage policies in the resources section below.
We are registered under the Data Protection Act 1998 and comply with the Act in our dealings with your personal data. The Act protects your personal data by providing, amongst other things, that the data we hold about you should be processed lawfully and fairly. It should be accurate, relevant and not excessive. The information should, where necessary, be kept up to date and not retained for longer than is necessary. It should be kept securely to prevent unauthorised access by other people. You have the right to see what is held about you and correct any inaccuracies.
During any on line session you will be able to see and amend the details you have provided on line by clicking on 'My Account'.
The full history of your orders with Tom Hixson & Co Ltd is available on line.
Changes to this statement
From time to time it may be necessary for us to update this Privacy Statement. We will highlight any such changes by posting them on the Tom Hixson & Co Ltd website.