HOW WE USE YOUR INFORMATION…
This privacy statement tells you what to expect when LooseHeadz collects your personal information. It applies to information we collect about:
- Visitors to our website
- Complaints and feedback received
- Information required for commercial purposes for providing our services to our customers
- Information for marketing of LooseHeadz
- Job applicants and our current and former employees
LooseHeadz respects your privacy. In general, you can visit www.looseheadz.co.uk on the Web without telling us who you are or revealing any information about yourself. There are times, however, when we may need information from you, such as your full name, home address, e-mail address and phone number for example. It is our intent to let you know before we collect personal information from you on the Internet.
If you choose to give us personal information through the Internet that we may need to correspond with you or process an order, it is our intent to let you know how we will use this information. If you tell us that you do not wish to have this information used as a basis for further contact with you, we will respect your wishes.
Information collected by LooseHeadz is used internally by authorised LooseHeadz employees for three main purposes. First, we collect information to determine how to improve our site by seeing which areas, features and products are most popular. Second, we collect information in order to personalise the site for our customers. For example, in the future, we may recommend products or features you may like based on what you have liked in the past. Lastly, we keep track of the domains from which people visit us. We analyse this data for trends and statistics, and then we discard it. We do not sell, rent, loan, or transfer any personal information regarding our customers to any unrelated third parties. We are committed to protecting your privacy. In addition to LooseHeadz’s company guidelines, your personal data is protected according to the applicable law in respective markets.
VISITORS TO OUR WEBSITE
When someone visits our website, we use a web collection service, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, the contact form, used by yourself with consent, will be our only means of collecting your personal information. In turn, this will not be shared with anyone outside of our organisation, unless this is part of the service you have given consent for. We will make it clear when we collect personal information and will explain what we intend to do with it.
SUBMISSION OF YOUR INFORMATION
Submission of your information, requested, from our website is held on our secure platform. This is protected by all methods necessary. Only the required personnel have access to this information. Your information will only be used for the stated intended purpose and will not be shared outside of LooseHeadz without your express consent. Your consent to share your information will be sought at the time of you submitting your data.
Payment can be made by credit card, direct debit invoice or as may otherwise be instructed at the Web Shop. Where payment is subject to validation and/or authorisation by a card issuer or bank or to credit validation, any Order Confirmation is subject to such validation or authorisation. We co-operate with an authorised payment service provider (PSP), who processes your personal details in accordance with the international security standard PCI DSS, developed by international credit card companies such as VISA and MasterCard. All transactions will be sent through SSL (Secure Sockets Layer) in encrypted form and all card details and payment information will be protected and processed with a high level of security.
COMPLAINTS AND FEEDBACK
Should you wish to make a complaint our complaints process is available upon request. All information received during the course of a complaint is handled with the same level of security protection on need for privacy as any other information we collect.
INFORMATION REQUIRED FOR COMMERCIAL PURPOSES FOR PROVIDING OUR SERVICES TO OUR CUSTOMERS
LooseHeadz use information provided by yourself to provide our services and products to our customers. This data is only used for its intended and stated purpose. This includes financial information for the production of invoices and receiving of payments for services provided.
PROTECTING YOUR INFORMATION
In order to protect your information, we have in place the following methods of protection: –
- Monitored Firewall protection
- Malware protection on all platforms
- Encryption on data at rest and at point of use
- Ongoing backups
- Auditing for data integrity on an ongoing basis
LooseHeadz have a backup policy in place. We retain backups indefinitely. Upon receiving a request to remove data of a personal nature, this will be completed by removing all reference and data from the production environment.
REQUESTS FOR YOUR INFORMATION
We will respond to requests for the information we hold on you within the required 30-day period. Initial requests will not be charged. However, should more than 2 requests be made within a 3-month period of time, subsequent requests will be charged at £10 per request.
All information will be provided in the format of a PDF document.
LooseHeadz collect information from various sources for marketing purposes. This information can be from social media forums, industry forums to name but a few. We retain this information for a period of no more than 18 months, or the duration of the marketing campaign only.
LooseHeadz share information with the following external organisations for commercial purposes: –
- Mailshot Companies
Information is shared with organisations in the UK.
The exception to this criteria is the sharing of information with UK authorities for investigatory purposes as per current legislation on finance and personnel.
LooseHeadz are aware that sometime information with regards to suppliers is personal in nature. This information is protected to the full extent as any other information within our environment. This information is not shared unless express permission is granted by the individual.
LooseHeadz is committed to protecting the privacy needs of children and we encourage parents and guardians to take an active role in their children ‘s online activities and interests. LooseHeadz does not knowingly collect information from children under the age of 13 and LooseHeadz does not target its websites to children under 13.
JOB APPLICANTS AND OUR CURRENT AND FORMER EMPLOYEES
When LooseHeadz receive job applications we hold these in a secure manner. The application forms are deleted or, in the instance of hard copies, shredded after the selection period is completed. This information is not shared outside our organisation and is only shared internally with designated personnel. Were information of an applicant is to be retained for future use only the contact information will be retained. Consent from the applicant will be sought prior to the retention of any personal contact information.
All personal information held by LooseHeadz on current employees is managed and maintained in a secure manner, the same as any other information we hold. All employees have the right to view the data we hold on them at any time. A formal request is required to be made for this information through their line manager.
All personal information held by LooseHeadz on former employees is managed and maintained in a secure manner, the same as any other information we hold. Should a former employee wish to view the data that we hold on them the steps for requesting information (detailed above) is followed. Information held on personnel is retained for a period no longer than 3 years after the cessation of employment, in line with current UK legislation. After this period of time all information on the former employee is deleted. If requested, a confirmation of this will be communicated to the person.
REPORTING OF DATA BREACHES
LooseHeadz report all major data breaches, of data we have control and are responsible for, to the Information Commissioners Office, our customers and/or suppliers. All potential data breaches are fully investigated as per our Information Security Incident Policy.
When a data breach is detected, and the severity ascertained, this will be reported to the ICO within 72 hours.
SECURITY AND PROTECTION
LooseHeadz take security of all information seriously, system is audited and verified on an annual basis
DATA PROTECTION OFFICER
LooseHeadz have not designated a Data Protection Officer (DPO), however they have nominated a responsible person: Dave Nicoll.