Privacy Policy

This privacy notice provides you with details of how we collect and process your personal data through your use of our site www.ohmygift.co.uk, including any information you may provide through our site when you purchase a product or service, sign up to our newsletter or take part in a prize draw or competition.

Oh My Gift Limited is the data controller and we are responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice). We will only use your personal data when legally permitted.

SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?

When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.

When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.

Email marketing: We may send you emails about our store, new products and other updates. These can be unsubscribed from.

SECTION 2 - WHAT DATA DO WE COLLECT ABOUT YOU?

We may process certain types of personal data about you as follows (for the purposes of engaging with you for a contract (sale), for legal obligations, for legitimate interests in the running of our business):

  • Identity: may include your first name, maiden name, last name, username, marital status, title, date of birth and gender.
  • Contact: may include your billing address, delivery address, email address and telephone numbers.
  • Financial: may include your bank account and payment card details.
  • Transaction: may include details about payments between us and other details of purchases made by you.
  • Technical: may include your login data, internet protocol addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform and other technology on the devices you use to access this site.
  • Profile: may include your username and password, purchases or orders, your interests, preferences, feedback and survey responses.
  • Usage: may include information about how you use our website, products and services.
  • Marketing: may include your preferences in receiving marketing communications from us and our third parties and your communication preferences.

We do not collect any Sensitive Data about you.
Please email [email protected] if you wish us to explain the specific legal ground we are relying on to process your personal data.

SECTION 3 - CONSENT

Generally we do not rely on consent as a legal ground for processing your personal data other than in relation to sending marketing communications to you via email.

How do you get my consent?

When you provide us by post, phone, email, completing a form on our site or otherwise, with personal information to create an account, complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.

If we ask for your personal information for a secondary reason, like for marketing communications, competition or prize draw entries, promotions or surveys or to  give us feedback, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no.


How do I withdraw my consent?

If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by either using the opt-out link on the marketing communication itself, or contacting us at [email protected].

SECTION 4 - MARKETING COMMUNICATIONS

You will receive marketing communications from us if you have:

  • requested information from us or purchased goods from us; or
  • if you provided us with your details and ticked the opt in box for us to send you marketing communications; and
  • you have not opted out of receiving that marketing. 

We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.

You can ask us to stop sending you marketing messages at any time by following the opt-out link on any marketing message sent to you.

Where you opt out of receiving our marketing communications, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to find out more about how the processing for the new purpose is compatible with the original purpose, please email us at [email protected]

If we need to use your personal data for a purpose unrelated to the purpose for which we collected the data, we will notify you and we will explain the legal ground of processing.

We may process your personal data without your knowledge or consent where this is required or permitted by law.

SECTION 5 - DISCLOSURE

We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.

SECTION 6 - PAYMENT

Your credit card data is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.

PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

SECTION 7 - THIRD-PARTY SERVICES

In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.

However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.  For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.

Some of our 3rd party service providers (eg Mailchimp, Stripe, PayPal) are based outside of the EU so their processing of your data will involve a transfer outside of the EU.  Currently all these service providers are covered by the EU-US Privacy Shield which requires them to provide similar protection to personal data shared between the EU and the US.  We will ensure all 3rd party service providers are covered by GDPR compliant legislation.

Once you leave our store’s website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our website’s Terms of Service.

When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

SECTION 8 - SECURITY

To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.

We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

COOKIES

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

The table below lists the cookies we collect and what information they store.

COOKIE name

COOKIE Description

CART

The association with your shopping cart.

CATEGORY_INFO

Stores the category info on the page, that allows to display pages more quickly.

COMPARE

The items that you have in the Compare Products list.

CURRENCY

Your preferred currency

CUSTOMER

An encrypted version of your customer id with the store.

CUSTOMER_AUTH

An indicator if you are currently logged into the store.

CUSTOMER_INFO

An encrypted version of the customer group you belong to.

CUSTOMER_SEGMENT_IDS

Stores the Customer Segment ID

EXTERNAL_NO_CACHE

A flag, which indicates whether caching is disabled or not.

FRONTEND

You sesssion ID on the server.

GUEST-VIEW

Allows guests to edit their orders.

LAST_CATEGORY

The last category you visited.

LAST_PRODUCT

The most recent product you have viewed.

NEWMESSAGE

Indicates whether a new message has been received.

NO_CACHE

Indicates whether it is allowed to use cache.

PERSISTENT_SHOPPING_CART

A link to information about your cart and viewing history if you have asked the site.

RECENTLYCOMPARED

The items that you have recently compared.

STF

Information on products you have emailed to friends.

STORE

The store view or language you have selected.

USER_ALLOWED_SAVE_COOKIE

Indicates whether a customer allowed to use cookies.

VIEWED_PRODUCT_IDS

The products that you have recently viewed.

_utma

Identifies visitors and sessions.

_utmb

Determines new sessions/visits.

_utmc

Determines if the visitor is in a new session/visit.

_utmz

Saves the traffic source or campaign that explains how the visitor reached the site.

2c.cld

Display personalised product recommendations on-site, which make the shopping experience easier, more personal and enjoyable.

In using our site, we may automatically collect Technical Data about your equipment, browsing actions and usage patterns. We collect this data by using cookies, server logs and similar technologies. We may also receive Technical Data about you if you visit other websites that use our cookies.

SECTION 9 - AGE OF CONSENT

By using this site, or by providing us with your data, you warrant to us that you are over 18 years of age.

SECTION 10 - DATA RETENTION  

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.

SECTION 11 - CHANGES TO THIS PRIVACY POLICY

We reserve the right to modify this privacy policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.

If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.

SECTION 12 - YOUR LEGAL RIGHTS  

Under certain circumstances, you have rights under data protection laws in relation to your personal data to request access, correct, erase, object to processing, request restriction of processing or transfer of your personal data and the right to withdraw consent.

You can see more about these rights at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

If you wish to exercise any of the rights set out above, please email us at [email protected]

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

To help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights) we may need to request specific information from you. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

SECTION 13 - AMENDMENTS

We may update this policy from time to time by publishing a new version on this website.

You should check this page occasionally to ensure you are happy with any changes to this policy.

We may notify you of changes to this policy.

QUESTIONS AND CONTACT INFORMATION

If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information contact our Privacy Compliance Officer at [email protected].

If you are not happy with any aspect of how we collect and use your data, we you to contact us first so that we can try to resolve it for you.  If you do have a complaint you have the right to complain to the Information Commissioner’s Office.

It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at [email protected]