Wellred Books

Skip to Main Content »

Setting
 
Shopping Cart (0 item)
My Cart

You have no items in your shopping cart.

You're currently on:

Privacy Policy

Wellred Books is committed to safeguarding your privacy. At all times we aim to respect any personal data you share with us, or that we receive from other organisations, and keep it safe. This Privacy Policy (“Policy”) sets out our data collection and processing practices and your options regarding the ways in which your personal information is used.

This Policy contains important information about your personal rights to privacy. Please read it carefully to understand how we use your personal data. We may update this Policy from time to time without notice to you, so please check it regularly.

The provision of your personal data to us is voluntary. However, without providing us with your personal data, you will be unable to: contact us or purchase books from our website.

  1. We collect information about you:

(1) When you give it to us DIRECTLY

You may give us your personal data in order to purchase a book or when you contact us by phone, email or post.

(2) When you give it to us INDIRECTLY

Your information will also be provided to us when you follow us or otherwise interact with on or via Twitter, when you like and/or join our page on Facebook or Instagram or interact with us in other ways on or via Facebook or Instagram.

(3) When you visit our WEBSITE

We use cookies to identify you when you visit our website. Please refer to our Cookies Policy for details on the way our use of cookies affects your personal data.

  1. What information do we collect?

We may collect, store and use the following kinds of personal data:

(1) We will typically hold your name and contact details, including telephone number, location, and e-mail address. However, we may request other information where it is appropriate and relevant, for example:

  • Your bank details or debit/credit card details (if making a purchase from our website). However, we only store minimal information including the card type and the last four digits of the card number. This is not enough information to make a payment. All payments are handled securely by Braintree Payment Solutions, a validated Level 1 PCI DSS Compliant Service Provider. Braintree is on Visa's Global Compliant Provider List and MasterCard's SDP List.

(2) any communication preferences you give;

(3) information about your computer and about your visits to and use of this website including your IP address, geographical location, browser type, referral source, length of visit and number of page views; and/or

(4) any other information shared with us as per clause 1.

  1. How and why will we use your personal data?

Personal data, however provided to us, will be used for the purposes specified in this Policy or in relevant parts of the website.

We may use your personal information to:

(1) Enable you to purchase products off of our website and for us to deliver those products to a requested location;

(2) Send you information about our work, campaigns, organisations and any other information, products or services that we provide (this will not be done without your consent);

(3) Provide you with the services, products or information you have requested;

(4) If you request, put you in touch with other supporters in your area (who have also provided such consent);

(5) Handle the administration of any payment you make via credit/debit card, cheque, standing order or BACS transfer;

(6) Collect payments from you and send statements and/or receipts to you;

(7) Conduct research into the impact of our campaigns;

(8) Deal with enquiries and complaints made by you relating to the website or us in general;

(9) Audit and/or administer our accounts.

  1. Customer Analysis

Google Analytics

We may use some of your personal information to analyse our digital performance, for example to see how our website can be improved to help us achieve the purposes set out in section 9 below, to record how you are using our website or to assess the popularity of different products.

For more information on how we use your personal information in relation to Google Analytics, please view our cookie policy by clicking this link .

You can opt-out of the collection of information for such purposes here: http://www.aboutads.info/choices

  1. Communications, updates, fundraising

Where you have provided appropriate consent, we will contact you by telephone and e-mail, with targeted communications to let you know about our products that we consider may be of particular interest.

  1. Payments

All financial transactions carried out on our website are handled through Braintree Payment Solutions, a validated Level 1 PCI DSS Compliant Service Provider. Braintree is on Visa's Global Compliant Provider List and MasterCard's SDP List, and their security policy is described here: https://www.braintreepayments.com/en-gb?locale=en-gb

We will provide your personal data to Braintree Payment Solutions only to the extent necessary for the purposes of processing payments for transactions you enter into with us. We only store minimal card details on the Wellred Books website (the card type and the last four digits, which isn’t enough to run a payment).

  1. Children’s data

We do not knowingly process data of any person under the age of 16. If we come to discover, or have reason to believe, that you are 15 and under and we are holding your personal information, we will delete that information within a reasonable period and withhold our services accordingly.

  1. Security of and access to your personal data

We endeavour to ensure that there are appropriate and proportionate technical and organisational measures to prevent the loss, destruction, misuse, alteration, unauthorised disclosure or of access to your personal information.

Your information is only accessible by appropriately trained staff and volunteers.

We may also use agencies and/or suppliers to process data on our behalf. We may also merge or partner with other organisations and in so doing transfer and/or acquire personal data.

Please note that some countries outside of the EEA have a lower standard of protection for personal data, including lower security requirements and fewer rights for individuals. We may transfer and/or store personal data collected from you to and/or at a destination outside the European Economic Area (“EEA”). Such personal data may be processed by agencies and/or suppliers operating outside the EEA. If we transfer and/or store your personal data outside the EEA we will take reasonable steps to ensure that the recipient implements appropriate measures to protect your personal data.

Otherwise than as set out in this Privacy Policy, we will only ever share your data with your informed consent.

  1. Your rights

Where we rely on your consent to use your personal information, you have the right to withdraw that consent at any time. This includes the right to ask us to stop using your personal information for direct marketing purposes or to be unsubscribed from our email list at any time. You also have the following rights:

(1) Right to be informed – you have the right to be told how your personal information will be used. This Policy and any other policies and statements used on our website and in our communications are intended to provide you with a clear and transparent description of how your personal information may be used.

(2) Right of access – you can write to us to ask for confirmation of what information we hold on you and to request a copy of that information. Provided we are satisfied that you are entitled to see the information requested and we have successfully confirmed your identity, we have 30 days to comply.

(3) Right of erasure – as from 25 May 2018, you can ask us for your personal information to be deleted from our records.

(4) Right of rectification – if you believe our records of your personal information are inaccurate, you have the right to ask for those records to be updated.

(5) Right to restrict processing – you have the right to ask for processing of your personal data to be restricted if there is disagreement about its accuracy or legitimate usage.

(6) Right to data portability – to the extent required by the General Data Protection Regulations (“GDPR”) where we are processing your personal information (i) under your consent, (ii) because such processing is necessary for the performance of a contract to which you are party or to take steps at your request prior to entering into a contact or (iii) by automated means, you may ask us to provide it to you – or another service provider – in a machine-readable format.

To exercise these rights, please send a description of the personal information in question using the contact details in section 15 below.

Where we consider that the information with which you have provided us does not enable us to identify the personal information in question, we reserve the right to ask for (i) personal identification and/or (ii) further information.

  1. Lawful processing

We are required to have one or more lawful grounds to process your personal information. Only 4 of these are relevant to us:

  1. Personal information is processed on the basis of a person’s consent
  2. Personal information is processed on the basis of a contractual relationship
  3. Personal information is processed on the basis of legal obligations
  4. Personal information is processed on the basis of legitimate interests

(1) Consent

We will ask for your consent to use your information to send you electronic communications such as newsletters and advertising emails, and if you ever share sensitive personal information with us.

(2) Contractual relationships

When you purchase products online it will be necessary to process personal information so that we can enter contractual relationships with people.

(3) Legal obligations

Sometimes we will be obliged to process your personal information due to legal obligations which are binding on us. We will only ever do so when strictly necessary.

(4) Legitimate interests

Applicable law allows personal information to be collected and used if it is reasonably necessary for our legitimate activities (as long as its use is fair, balanced and does not unduly impact individuals’ rights).

We will rely on this ground to process your personal data when it is not practical or appropriate to ask for consent.

Governance

  • Internal and external audit for financial or regulatory compliance purposes
  • Statutory reporting

Publicity and income generation

  • Conventional direct marketing and other forms of marketing, publicity or advertisement
  • Unsolicited messages, including campaigns, newsletters, and fundraising appeals
  • Analysis, targeting and segmentation to develop and promote or strategy and improve communication efficiency
  • Personalisation used to tailor and enhance your experience of our communications

Operational Management

  • Maintenance of suppression files
  • Processing for historical, scientific or statistical purpose

Purely administrative purposes

  • Responding to enquiries
  • Delivery of requested products or information
  • Communications designed to administer existing services including subscriptions and financial transactions
  • Thank you communications and receipts
  • Maintaining a supporter database and suppression lists

Financial Management and control

  • Processing financial transactions and maintaining financial controls
  • Prevention of fraud, misuse of services, or money laundering
  • Enforcement of legal claims
  • Reporting criminal acts and compliance with law enforcement agencies

When we use your personal information, we will consider if it is fair and balanced to do so and if it is within your reasonable expectations. We will balance your rights and our legitimate interests to ensure that we use your personal information in ways that are not unduly intrusive or unfair in other ways.

  1. Data retention

The length of time each category of data will be retained will vary depending on how long we need to process it for, the reason it was collected, and in line with any statutory requirements. After this point the data will either be deleted, or we may retain a secure anonymised record for research and analytical purposes.  

In the event that you ask us to stop sending you direct marketing/fundraising/other electronic communications, we will keep your name on our internal suppression list to ensure that you are not contacted again.

  1. Policy amendments

We keep this Privacy Policy under regular review and reserve the right to update from time-to-time by posting an updated version on our website, not least because of changes in applicable law. We recommend that you check this Privacy Policy occasionally to ensure you remain happy with it. We may also notify you of changes to our privacy policy by email.

  1. Third party websites

We link our website directly to other sites. This Privacy Policy does not cover external websites and we are not responsible for the privacy practices or content of those sites. We encourage you to read the privacy policies of any external websites you visit via links on our website.

  1. Updating information

You can check the personal data we hold about you, and ask us to update it where necessary, by emailing us at books@wellredbooks.net

  1. Contact

We are not required by law to have a “Data Protection Officer” – however we have a Data Protection Manager.

Please let us know if you have any queries or concerns whatsoever about the way in which your data is being processed by emailing the Data Protection Manager at books@wellredbooks.net

 
Location

Contact Address: Wellred Books, PO Box 50525, London E14 6WG, United Kingdom.

Email: books@wellredbooks.net

Phone: (00) 44 20 77 392544

Powered by Magento