Psyched Paddleboarding are committed to keeping your personal data safe and ensuring the security of any personal data we may process.
We are committed to complying with the new GDPR directive that comes into force on 25th May 2018 that gives greater protection to your personal data.
- Explains the personal information we hold about you
- Our legal bases for processing your personal data
- What we do with your personal information
- Who your personal data may be shared with
- Your rights under the data protection regulations
WHAT IS PERSONAL DATA AND HOW IS IT COLLECTED?
Personal data includes any information that directly or indirectly identifies an individual.
We may collect certain personal data such as name, address, email, telephone number, and IP address, and other information gained during interactions or correspondence with you.
OUR LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA
We will only process your data where we have a legal basis for doing so.
Contractual Necessity - In order to fulfil our obligations to you. For example, we will need to process your personal data in order to process any purchases you make. We will need to share some of this data with our payment processors and the delivery companies that we use.
Legitimate Interest - We may use your data for our legitimate business interest in order to provide you with the best customer service, to provide a service that is tailored to your needs, and to improve the quality of information on our website and in our shop. For example, we may rely on our legitimate interest to process your personal data for the following purposes:
- Marketing related to previous purchases you have made with us.
- Customer service communications as part of the purchase process.
- To obtain feedback from you about our customer service and products.
- To enhance, modify, personalise or otherwise improve our services and communications for your benefit
WHO WE SHARE YOUR PERSONAL DATA WITH?
We may share your data with approved third-party providers that have data protection measures in place that align with the requirements of the data protection regulation. For example:
- Payment providers
- Companies we use to deliver our products
- Our newsletter provider with your consent.
- Professional companies and other persons providing services to us including legal advisers, professional advisers, tax and accountancy advisers, IT services, and printing services
We do not share data outside of the EU and we do not sell your personal data or other information to any third party.
YOUR RIGHTS IN RESPECT OF YOUR DATA ARE:
Access rights. You can request a copy of the personal information we hold about you.
- Right to request rectification. We take reasonable steps to keep your information accurate, but you can also ask us to change any information we hold about you to keep it accurate, complete and current.
- Right to request erasure (‘to be forgotten’). You have the right to ask us to delete the personal information we hold on you.
- Right to raise an objection to our processing. Where our processing of your information is performed on the basis of ‘legitimate business interest’, then you can request we stop.
- Right to complain to a supervisory authority. If you are dissatisfied with our use or management of your personal information, you have the right to complain to an EU Data Protection Supervisory Authority. In the UK, the relevant Data Protection Supervisory Authority is the Information Commissioners Office (ICO) and you can contact them via their website: www.ico.org.uk