At sugarpoke (part of Cocoon Collection Limiited), we are committed to protecting and respecting your privacy. When you use our website or submit information to us, we act as the “data controller”. This means that we are responsible for keeping your information private and secure. We may then pass this information onto trusted third part partners, known as “data processors”. These partners may use and securely store your information as detailed below. These companies may also be data controllers themselves, with their own strict privacy policies in place.
We have also appointed a Data Protection Officer who is responsible for overseeing questions in relation to this privacy notice. This person can be contacted on firstname.lastname@example.org.
We keep this page up to date so that you have the peace of mind that we will only ever collect and use your information responsibly. By using our website, or placing orders offline with us, you are agreeing to be bound by this policy.
This policy was last updated on: May 24, 2018
What type of information do we collect?
We collect two types of information from you. This is anonymous usage data, such as how you use the website and what pages you visit, as well as personal information, such as your email address and name.
The web browsers of most computers are initially set up to accept cookies. You can set your web browser to disable cookies or to inform you when a website is attempting to add a cookie. You can also delete at any time cookies that have been added to your computer’s cookie file.
If you disable cookies you may not be able to use all of the features of our website, such as to retrieve your basket for example.
Personal information that we gather will include your name, address, phone number and email address, and the name/s, address/es, phone number/s and email address/es of recipients you ask us to deliver orders to on your behalf. This is information that you enter into our website or give to us via email or over the phone, or by letter, such as when you place an order, subscribe to our emails or complete a web form. We will never collect this sensitive information without your consent.
Payment information is also gathered when you place an order, but this is handled over a secure channel via our third party payment processors, such a Monek and PayPal. These companies specialise in the secure online capture and processing of payments. We do not store any payment information on our own systems.
If your payment information does appear to be stored or pre-populated on our website, then this is a setting on your device and not something that we have saved for you. We do not store payment information and we are unable to see credit or debit card numbers in full when you make a purchase (only the final four numbers and the card’s expiry date, which will only be used for verification purposes).
We do not collect any information that might highlight especially private details, such as race or ethnicity, date of birth, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. Nor do we collect any information about criminal convictions and offences.
How do we collect information from you?
We obtain information from you when you use our website, such as when you browse products or make a purchase. This is anonymous usage data and cannot be used to identify you.
Any personal information gathered by us is entered by you when using the services on our website or by placing orders or making enquiries about potential orders offline, such as filling out contact forms, signing up to our newsletter, creating an account, entering competitions, leaving reviews/feedback, completing surveys, and when you place an order, whether online or offline. We use technology which captures data you enter into forms and shopping carts used on our website, regardless of whether you complete or abandon the form or shopping cart. For example, if you entered your contact information into a shopping basket because you are thinking of purchasing an item from our website, we will capture this data if you choose to "Save as Quote". As soon as you enter information we have the ability to see and record it securely (this does not apply to card or payment details). We will never use your information for marketing purposes unless you give us clear consent to do so.
How is your information used?
We will only use personal data when the law allows us to, and we will never use any information we gather for marketing purposes unless you give explicit consent to receive our email newsletters. To give us consent, you would need to check the relevant box on our checkout page or sign up to receive our marketing emails through a web form or another channel. It will always be made clear when the option to consent to our marketing is available, and the decision will always be yours. We will never assume your consent for marketing.
You may receive transactional emails from us, even though you have not consented to marketing emails. These will only ever be emails that are informational in nature, such as order confirmations, shipping details, saved shopping baskets, notices that we have updated any terms or conditions, or anything of a similar nature.
We will also use your data where we need to comply with a legal or regulatory obligation.
Your personal information will also be used to assist with any services you use with us, such as processing an order, dealing with an issue raised to our Customer Support team, drawing the winner of competitions and any assistance you may require when you place an order with us.
Other uses for your data may also be used to help us:
- manage and administer our business
- review and improve our goods and services
- administer internal operations, such as trouble shooting and testing
- grant access to interactive features of our website (when you choose to do so)
- provide support and services
- keep our site safe and secure
- to measure or understand the effectiveness of web features
- to make suggestions and recommendations to you and other users
- If you have given us your explicit consent, we will place your email address on our email marketing list. This means that you may receive marketing emails from us from time to time. We will always try to send information that we feel may be of interest to you, such as offers and news about products. You will only ever receive these emails if you have requested them.
If you fail to provide us with all of the necessary personal data we need to complete your request (such as place an order), then we may not be able to fulfil the specific services requested until we have the required information. In this case, we may have to cancel your order and refund you any costs associated with it, but we will attempt to contact you at the time if this is the case.
How to unsubscribe from our marketing emails
If at any time you want to stop receiving our emails, simply scroll to the bottom of any email and click on the “Unsubscribe” link. This link (available on every email we send) will then take you to a confirmation page where you can unsubscribe from future email marketing campaigns. Alternatively, simply email email@example.com with a request for us to remove you from our mailing list and we will do this manually within one working day.
You will still receive any emails of a transactional nature, such as order confirmations, password reset requests or any other emails you would expect or specifically request.
Should you unsubscribe as another email campaign send is in progress, there is still a small chance that you will receive another email from us. However, after this last email, you will be unsubscribed from all future marketing unless you choose to opt-in again.
Using your data for analytics
In order to develop our website in line with our customers’ needs, we keep a track of which pages on our website are visited most frequently and how long visitors spend on our website. We use this information to help improve the website.
We are not able to gather other information from your device. We collect a copy of the data held by the cookie for inclusion in any analysis. We use full SSL protocols when collecting visitor information on secure pages; this ensures that the website’s security is not compromised. We encrypt all transmitted visitor information so no-one else can read the information we gather.
None of the information can be traced to an individual – we do not know who you are as a unique user, merely that there are a certain number of people using the website. We only collect data that relates to what goes on, on our website and the information cannot be used for marketing on an individual basis.
From time to time we may also use non-personal information to test different layouts of our website in order to improve the quality of our customers' website experience.
Who has access to your information?
We will never sell or rent your information to third parties, nor will we share your information with third parties for marketing purposes.
We may pass your information to our trusted third party service and software providers for the purposes of completing tasks and providing services to you (for example, facilitating deliveries, processing payments and sending our emails). When we use these third party service providers we only disclose the personal information that is necessary to deliver the services that you expect. All of these companies specialise in the secure storage of information and are under strict contract that forbids them from using your information for their own marketing. Rest assured, we will never release your information to any other party for their own marketing purposes unless we are required to do so by law (for example, by a court order or for the purposes of crime prevention).
Your information may be shared in this way with our couriers, email service provider, web development agency and other similar services. In some instances, we may work with these companies as “joint controllers”. This means that both Cocoon Collection Limited and its carefully chosen partner agencies may work together when processing and using your personal data. Please feel free to request an up-to-date list of our current partners from firstname.lastname@example.org. Your request may take up to 28 days to process.
How to access and update your information
We always try to maintain the most up-to-date information about you on our records. If you change email address or want us to update or remove any other information we have about you (including the option to completely delete your details), please email us on email@example.com with your request. Alternatively, you could write to us at Cocooon Corporate, Unit 3 Mere Farm Business Complex, Redhouse Lane, Hannington, Northampton, NN6 9FP. You can also request a full record of all data we have stored that relates to you. Depending on the nature of your request, this may take up to 28 days to process, particularly during busy periods of the year.
For more information about your legal rights regarding privacy and your data, please visit the Information Commissioner’s Office at ico.org.uk. Alternatively, we would be happy to answer any questions on this subject via email on firstname.lastname@example.org. Please note that depending on the complexity of your request, it might take up to 28 days to answer your query.
In short, you have the right to:
- request access to your personal data
- request corrections and alterations to the personal data we already hold about you
- request that we delete any of your personal data from our systems
- object to the processing of your data (e.g. unsubscribe from marketing emails)
- request the transfer of your personal data
- withdraw consent at any time where we rely on your consent to process your data
- If you contact us with a query that requires altering your data or accessing order information, we may need to request specific information from you to confirm your identity. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask for further information in relation to any requests you submit to us in order to speed up our response.
How we secure your data
There are several measures in place to ensure that all personal information you give us is secured to protect your privacy. Any sensitive information (such as credit or debit card details) is encrypted and protected by a 256-bit SSL encryption. Pages protected with this encryption will display a small green padlock icon in the web address bar, usually found to the left of the current web page address.
Any information we receive from you is stored securely either on one of our own servers, or with one of our third party service providers who specialise in data security. Some of your private information can be stored and viewed via your account on our website. In these instances, it is your responsibility to keep the password used to access this information confidential. We ask that you do not share this password with anyone.
Where your information can be accessed for use with the website and related customer support channels, we limit who has access to your information, ensuring that only the most necessary employees can see it. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
How long do we store your data?
We store all data for up to six years. This is the standard length of time that we are required to hold specific data, such as purchase information, for the purpose of audits by official bodies, such as HMRC. If you would like any identifying information about you removed within this time period, please contact us on email@example.com to action your request.
Some of your data might be stored for much less than six years (such as resolved customer support cases and behaviour/site usage data). Similarly, some of your data might be anonymised for use with future research and other applications, in which case the data can be kept for longer than six years.
Targeted offers and advertising
We may analyse your personal details and behaviour when you browse the sugarpoke website to contact you with information that is relevant to you. Where this translates to email marketing campaigns, you will only be contacted if you have given us your explicit consent to opt-in to our email marketing list. We may also use your personal information to detect and reduce fraud and credit risk.
Links to other websites
If you are aged 18 or under
This website is not intended for children and we do not knowingly collect data relating to children. We want to protect the privacy of all users, but especially that of children aged 18 or under. If you are aged 18 or under, please seek your parent or guardian’s permission before you provide us with any personal information.
Transferring your information outside of Europe
Some of the suppliers we use to provide you with services are operated from outside the European Union. As such, some of your information might be transferred out of the EU to secure data centres elsewhere (such as the US). These countries may not have the same data protection laws as the UK, but where possible, the partners we work with have data processing agreements (or similar) that guarantee the privacy and security of your information, in line with current EU law. We choose our third party suppliers very carefully, and always choose companies that specialise in the secure handling of your information, wherever they are based.
How to contact us
You can contact us by email on firstname.lastname@example.org or by phone on 01604 780111. Our team operates during regular office hours (Monday to Friday), with our phone lines being open from 930am until 5pm. If you send us an email, we will get back to you with a response within two business days.
You can also send us letters through the post to our head office address: sugarpoke, Unit 3 Mere Farm Business Complex, Redhouse Lane, Hannington, Northampton, NN6 9FP.