Privacy Statement of Perudo Realisations Ltd 

Introduction

This privacy statement explains how we use and protect any personal data we collect and process through your use of our site www.perudomadethat.com including any information you may provide if you purchase a product or service, complete a form or sign up to our newsletter.

To make this statement easier to understand,  we have included a short Glossary section below. 

We are a Data Controller and are registered with the ICO under reference: ZA328553 with a registration start date of 20 March 2018

Your privacy is important to us. Should we ask you to provide certain information by which you can be identified when using  our site, you can be assured that it will only be used in accordance with our privacy statement. We may revise this privacy statement from time to time. You should check this page to ensure that you are happy with any changes. This statement is effective from 25/05/2018

By providing us with your data, you warrant to us that you are over 13 years of age.

 

How to Contact us

We are committed to taking care of your data and have a dedicated email address data.protection@perudomadethat.com for any questions you may have. 

Our Registered and Postal address is: Outgang Road Baston Peterborough PE6 9PT United Kingdom

 

How we collect personal data

  • Direct interactions when you make contact with us such as information that you provide by filling in forms on our website or by communicating with us by post, phone, email or otherwise, including when you:
    • order our products or services;
    • create an account on our site;
    • use our website;
    • subscribe to our service or publications;
    • request resources or marketing be sent to you; 
    • give us feedback.
  • Automated technologies or interactions: As you use our site, we may automatically collect Technical Data about your equipment, browsing actions and usage patterns. We collect this data by using cookies and similar technologies. We may also receive Technical Data about you if you visit other websites that use our cookies. We have a separate Cookie Policy to give you more information about cookies and our use of them. 
  • Third parties or publicly available sources: We may receive personal data about you from bonafide third parties and public sources, such as Google Analytics

Types of personal data we may collect

We collect data in order to operate effectively and provide you the best experience when browsing our site and with our products and services. 
  • Identity Data such as your name and title and any organisation you may be part of
  • Contact Data may include your billing address, delivery address, email address and telephone numbers
  • Financial Data may include your bank account and payment card details.
  • Transaction Data may include details about payments between us and other details of purchases made by you.
  • Profile Data may include your purchases or orders, username, your interests, preferences, feedback and survey responses.
  • Marketing and Communications Data may include your preferences in receiving marketing communications from us and your communication preferences.
  • Required Data: any data required in order to perform a contract, for example in order to deliver goods or services to you.
  • Technical Data may include your login data, internet protocol addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform and other technology on the devices you use to access this site. This type of data may be Anonymous and statistical data - as below. 
  • Usage Data such as details of your visits to our site and the resources that you access, including referring websites, entry and exit pages and how you use our website and services. This type of data may be Anonymous and statistical data - as below. 
  • Anonymous, aggregate statistical data that cannot be used to identify you personally and does not constitute personal data. If any Aggregated Data is linked with your personal data so that you can be identified from it, then it is treated as personal data.

Why we collect personal data

Any personal data that we collect and store is primarily used to enable us to provide our services to you, which includes using data to improve our services including our website and personalise your experiences. We also use the data to communicate with you,  provide information you have requested, maintain our accounts and records and to meet our contractual commitments to you. 

In short, the most common uses of your personal data are where needed to perform a contract between us, where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests, and where we need to comply with a legal or regulatory obligation.

We may process aggregated data from your personal data but this data does not reveal your identity and as such in itself is not personal data. You can be assured that we will only use your personal data where legally required or permitted.

We may provide information on other products or services that we feel may be of interest to you, where you have previously expressed interest in related products or services, or actively consented to receive such information. 

You have the right to withdraw from receiving marketing communications at any time or update your preferences, by emailing us on the email address above or by using any opt-out option on the communication. Note that this opt-out relates to marketing communication preferences and not to any personal data we may have. 

 

Third-party links

This website include links to third-party websites.  Once you have used these links you leave our site, the content of third-party websites is the responsibility of their respective owners and operators and these websites should have their own privacy policies.  We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.

We cannot accept responsibility for any loss or damage you may suffer as a result of visiting third-party websites, such as that resulting from viruses or malware.

 

What governs our use of personal data

Key  principles governing our use of personal data are in Article 5 of the General Data Protection Regulation (GDPR) and set out below.

Personal data must be:

  1. Processed lawfully, fairly and in a transparent manner
  2. Collected for specified, explicit and legitimate purposes
  3. Adequate, relevant and limited to what is necessary 
  4. Accurate and, where necessary, kept up to date
  5. Retained only for as long as necessary
  6. Processed in an appropriate manner to maintain security

Disclosure of personal data

Where necessary, we entrust some personal data to third parties. Purposes for this are given below. Data shared would be kept to what is applicable for the purpose required. 

  • to fulfil a contract we have with you, for example with suppliers, service providers or couriers working on our behalf;
  • to complete any transaction or provide any product or service you have requested or authorised, including providers of secure card payment services;
  • to service providers who provide IT and system administration services;
  • to professional advisers including financial organisations and insurers who provide consultancy, accounting or other professional services.
  • HM Revenue & Customs, Government bodies, UK regulators and other authorities and relevant jurisdictions where reporting of processing activities may be required;
  • in the event of our selling, transferring, or merging parts of our business or our assets;
  • to assist fraud protection and minimise credit risk;
  • security organisations;
  • when required to by law or to respond to legal process;
  • to protect lives;
  • to maintain the security of our products;
  • to protect the rights or property of our Company;
  • to protect our customers and stakeholders.

Data security

We are committed to ensuring that personal data held by us is kept safe and secure and to protect it from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Ways we do this include:
  • Password protection 
  • Device encryption
  • Limitation of access to personal data to only those employees, agents, contractors and other third parties who have a need to know such data
  • Physical, electronic and managerial procedures to safeguard and secure the information we collect online
  • IT security and access controls

Your legal rights 

Under certain circumstances, you have rights under data protection laws in relation to your personal data. These include the right to:

  • Request access to your personal data.
  • Request correction of your personal data.
  • Request erasure of your personal data.
  • Object to processing of your personal data.
  • Request restriction of processing your personal data.
  • Request transfer of your personal data.
  • Right to withdraw consent.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We reserve the right to charge you a fee to access your personal data (or to exercise any of the other rights) where your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

If you believe that any information we are holding on you is incorrect or incomplete, please advise us as soon as possible, using the contact details above. We will promptly correct any information found to be incorrect.


Glossary of some key terms

GDPR: General Data Protection Regulation

Data Subject: any living individual who is the subject of personal data held by an organisation

Data Controller:  a person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data

Data Processor:  a person, public authority, agency or other body which processes personal data on behalf of the controller

Personal Data:  means any information capable of identifying a data subject. It does not include anonymized data

ICO Information Commissioner’s Office, the UK supervisory authority for data protection issues 

EU Regulation: Law at EU level 

 

Background to the General Data Protection Regulation (GDPR)

The General Data Protection Regulation 2016 replaces the EU Data Protection Directive of 1995 and supersedes the laws of individual Member States that were developed in compliance with the Data Protection Directive 95/46/EC. Its purpose is to protect the “rights and freedoms” of living individuals (data subjects), and to ensure that personal data is not processed without their knowledge, and, wherever possible, that it is processed with their consent.