Protecting your personal details on our website.
Last updated: 15 August 2019
You have a lot of rights relating to your personal information:
- The right to be informed about how your personal information is being used (like this notice!)
- The right to access the personal information we hold about you
- The right to request the correction of inaccurate personal information we hold about you (although you can probably do most of this through My Account)
- The right to request that we delete your data, or stop processing it or collecting it, in some circumstances
- The right to stop direct marketing messages, which you can do through My Account, and to withdraw consent for other consent-based processing at any time
- The right to request that we transfer or port elements of your data either to you or another service provider
- The right to complain to your data protection regulator — in the UK, the Information Commissioner’s Office
How we use your information
Sharing your information
We do not, and will not, sell any of your personal data to any third party – including your name, address, email address or credit card information. We want to earn and maintain your trust, and we believe this is absolutely essential in order do that. We may share some information with:
- Companies in the Niftii group.
- Companies that do things to get your purchases to you, such as payment service providers, warehouses, order packers, and delivery companies
- Professional service providers, such as marketing agencies, advertising partners and website hosts, who help us run our business.
- Credit reference agencies, law enforcement and fraud prevention agencies, so we can help tackle fraud
- Companies approved by you, such as social media sites (if you choose to link your accounts to us), Marketplace sellers where you place an order.
- We may provide third parties with aggregated but anonymised information and analytics about our customers and, before we do so, we will make sure that it does not identify you.
When we're required to enter into a contract with you
We use your personal information to process your orders and payments or to give you a refund.
Where you have provided consent
We use email and text messages to communicate with you about our products and services, competitions, offers, promotions or special events where you tick a box.
- If you give us permission, to communicate with you about our third party partners that we believe may interest you
Where there is a Legitimate Interest
As a Company we are often required to process your personal data in order to carry out certain tasks relating to our business activities. In such cases, processing of personal data can be justified on grounds of legitimate interest.
- To provide customer support and to respond to, and communicate with you about your requests
- To contact you if we need to obtain or provide additional information
- To check our records are right and to check every now and then that you’re happy and satisfied (e.g. customer surveys).
- For marketing activities (other than where we rely on your consent) e.g. marketing permissions captured during the course of a sale, personalising marketing messages through social media and other third party platforms;
- To send promotional material (e.g. offers) to you in the post or inform you of our offers by telephone or e-mail
- To comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request)
- To send communications to you about your orders, purchases or accounts and bill you for using our products or services
- To let you post on our blogs and interact with us through social media.
Personalise & Improve our Service
- To personalise your experience on our online services. This could include providing you with interesting, relevant content, or making navigation to our Sites easier
- To help us understand more about you as a customer, the products and services you use, the way you use them and how you shop across the company, so we can serve you better
- Improve the content and appearance of the Website(s) or App(s), and to make sure that content is presented in the most effective manner for you
- To operate, evaluate and improve our business, including the development of new products and services; to determine the effectiveness of our sales, marketing and advertising; and the analysis and improvement of our products, offers, promotions, and Online Services and other technologies
- Where you fail to repay what you owe Us or return our property, we may need to trace your whereabouts (sometimes using a tracing Agent) in order to recover payment or reclaim property. This might be carried out by a third Party debt recovery agent on our behalf
- To protect against, identify and prevent fraud and other criminal activity, claims and other liabilities
- For network and information security in order for us to take steps to protect your information against loss or damage, theft or unauthorised access.
When we're required to comply with our Legal Obligation
We'll use your personal information to comply with our legal obligations including:
- To identify you when you contact us
- To verify the accuracy of data that we hold about you
- To assist HMRC and/or the Police and/or other regulatory bodies in relation to an investigation by a public authority.
Where it is in your Vital Interest
In certain circumstances it is in your vital interests for us to process your personal information. We may need to contact you if there are any urgent safety or product recall notices or where we otherwise reasonably believe that the processing of your personal information will prevent or reduce any potential harm to you.
Information we collect
We collect personal information about you when you visit one of our stores, use our Websites ("Websites"), or if you communicate with us by phone, e-mail and social media. We refer to our Websites and Apps collectively as "Online Services".
The types of personal information we collect includes:
- Personal details such as your name, address, date of birth, email address, phone number and other contact information Transaction information, such as the product you purchased, its price, your method of payment and your payment details.
- Your account information – such as dates of payments owed and received or any other information related to your account
- The phone numbers that you call/send messages to or the phone numbers that you receive calls/messages from.
- The date and time of the calls and messages you send or receive through our network, and your location at the time these communications take place.
When you're online the information we collect includes:
- Account information, like your username, password, and other identifiers or credentials you use to access our online services or to buy our products and services, details of your shopping preferences, such as your favourite brands and products, as well as which of our stores you prefer to shop in
- IP address and cookie data
- Information that you provide in your dealings with us. This includes when you register to use our online services, or when you subscribe to our services or request further services and/or information from us.
The situations when you provide personal information could include when you:
- Purchase products online or over the phone
- Register or use our Online Services
- Request to receive marketing or other communications
- Submit information when you’re providing feedback
The Website is brought to you by Niftii. Niftii believes it is important to protect your Personal Data (as defined in the Data Protection Act 1998) and we are committed to giving you a personalised service that meets your needs in a way that also protects your privacy. This policy explains how we may collect Personal Data about you. It also explains some of the security measures we take to protect your Personal Data, and tells you certain things we will do and not do. You should read this policy in conjunction with the Website Terms.
When we first obtain Personal Data from you, or when you take a new service or product from us, we will give you the opportunity to tell us if you do or do not want to receive information from us about other services or products (as applicable). You can normally do this by ticking a box on an application form or contract. You may change your mind at any time by emailing us at the address below.
Some of the Personal Data we hold about you may be 'sensitive personal data' within the meaning of the Data Protection Act 1998, for example, information about your health or ethnic origin.
We may collect Personal Data about you from a number of sources, including the following:
- From you when you agree to take a service or product from us, in which case this may include your contact details, date of birth, how you will pay for the product or service and your bank details.
- From you when you contact us with an enquiry or in response to a communication from us, in which case, this may tell us something about how you use our services.
- From documents that are available to the public, such as the electoral register.
- From third parties to whom you have provided information with your consent to pass it on to other organisations or persons.
Using Your Personal Information
- Personal Data about our customers is an important part of our business and we shall only use your Personal Data for the following purposes and shall not keep such Personal Data longer than is necessary to fulfil these purposes:
- To help us to identify you when you contact us.
- To help us to identify accounts, services and/or products which you could have from us or selected partners from time to time. We may do this by automatic means using a scoring system, which uses the Personal Data you have provided and/or any information we hold about you and Personal Data from third party agencies (including credit reference agencies).
- To help us to administer and to contact you about improved administration of any accounts, services and products we have provided before, do provide now or will or may provide in the future.
- To allow us to carry out marketing analysis and customer profiling (including with transactional information), conduct research, including creating statistical and testing information.
- To help to prevent and detect fraud or loss.
- To allow us to contact you in any way (including mail, email, telephone, visit, text or multimedia messages) about products and services offered by us where
- these products are similar to those you have already purchased from us,
- you were given the opportunity to opt out of being contacted by us at the time your Personal Information was originally collected by us and at the time of our subsequent communications with you, and
- you have not opted out of us contacting you.
- To allow us to contact you in any way (including mail, email, telephone, visit, text or multimedia messages) about products and services offered by us and selected partners where you have expressly consented to us doing so.
- To keep you up to date with our member benefit scheme under which, as part of your membership benefits, we will give you membership information and details of discounts and offers we negotiate from time to time on behalf of our members. If you do not wish to receive this benefit, please write to our Data Protection Manager at the address given in clause 7.1 below.
- We may monitor and record communications with you (including phone conversations and emails) for quality assurance and compliance.
- We may check your details with fraud prevention agencies. If you provide false or inaccurate information and we suspect fraud, we will record this.
- We may allow other people and organisations to use Personal Data we hold about you in the following circumstances:
- If we, or substantially all of our assets, are acquired or are in the process of being acquired by a third party, in which case Personal Data held by us, about our customers, will be one of the transferred assets.
- If we have been legitimately asked to provide information for legal or regulatory purposes or as part of legal proceedings or prospective legal proceedings.
- In connection with any transaction which we enter into with you:
- We may carry out with one or more licensed credit reference and fraud prevention agencies:
- credit checks where you have given us your express consent, and
- fraud prevention checks.
We and they may keep a record of the search. Information held about you by these agencies may be linked to records relating to other people living at the same address with whom you are financially linked. These records will also be taken into account in credit and fraud prevention checks. Information from your application and payment details of your account will be recorded with one or more of these agencies and may be shared with other organisations to help make credit and insurance decisions about you and members of your household with whom you are financially linked and for debt collection and fraud prevention. This includes those who have moved house and who have missed payments.
- If you provide false or inaccurate information to us and we suspect fraud, we will record this and may share it with other people and organisations. We, and other credit and insurance organisations, may also use technology to detect and prevent fraud.
- If you need details of those credit agencies and fraud prevention agencies from which we obtain and with which we record information about you, please write to our Data Protection Manager at Niftii, firstname.lastname@example.org
We have strict security measures to protect Personal Data.
- We work to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input.
- We reveal only the last five digits of your credit card numbers when confirming an order. Of course, we transmit the entire credit card number to the appropriate credit card company during order processing.
- We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personally identifiable customer information. Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to you.
- It is important for you to protect against unauthorised access to your password and to your computer. Be sure to sign off when you finish using a shared computer.
- The internet
- If you communicate with us using the internet, we may occasionally email you about our services and products. When you first give us Personal Data through the Website, we will normally give you the opportunity to say whether you would prefer us not to contact you by email. You can also always send us an email (at the address set out below) at any time if you change your mind.
- Please remember that communications over the internet, such as emails and webmails (messages sent through a website), are not secure unless they have been encrypted. Your communications may go through a number of countries before they are delivered - this is the nature of the internet. We cannot accept responsibility for any unauthorised access or loss of Personal Data that is beyond our control.
When we provide services, we want to make them easy, useful and reliable. This sometimes involves placing small amounts of information on your computer. These are called 'cookies'.
These cookies cannot be used to identify you personally and are used to improve services for you, for example through:
- Letting you navigate between pages efficiently
- Enabling a service to recognise your computer so you don't have to give the same information during one task
- Recognising that you have already given a username and password so you don't need to enter it for every web page requested
- Measuring how many people are using services, so they can be made easier to use and that there is enough capacity to ensure they are fast
To learn more about cookies, see:
Users typically have the opportunity to set their browser to accept all or some cookies, to notify them when a cookie is issued, or not to receive cookies at any time. The last of these options, of course, means that personalised services cannot be provided and the user may not be able to take full advantage of all of a website's features. Refer to your browser's Help section for specific guidance on how it allows you to manage cookies and how you may delete cookies you wish to remove from your computer.
Multiple cookies may be found in a single file depending on which browser you use.
The cookies used on this website have been categorised based on the categories found in the ICC UK Cookie guide, as follows:
Category 1: strictly necessary cookies
These cookies are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website. Without these cookies services you have asked for, like shopping baskets or e-billing, cannot be provided.
Category 2: performance cookies
These cookies collect information about how visitors use a website, for instance which pages visitors go to most often, and if they get error messages from web pages. These cookies don’t collect information that identifies a visitor. All information these cookies collect is aggregated and therefore anonymous. It is only used to improve how a website works.
Category 3: functionality cookies
These cookies allow the website to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features. For instance, a website may be able to provide you with local weather reports or traffic news by storing in a cookie the region in which you are currently located. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customise. They may also be used to provide services you have asked for such as a live chat session. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites.
Category 4: targeting cookies or advertising cookies
These cookies are used to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organisations such as advertisers. Quite often targeting or advertising cookies will be linked to site functionality provided by the other organisation.
The list below shows the cookies that we use, other than those that are strictly necessary to this service. If you have any queries about these, or would like more information, please contact our Data Protection Manager at Niftii , email us at email@example.com
This cookie stores all the information about your current and previous visits, whether you are logged in or browsing the site as a guest, and also the contents of your shopping cart.
Acceptance of our cookies
The short-term session cookie exists for the duration of a single visit to your site, and expires when the customer leaves or after a set period of time.
The long-term persistent cookie continues in existence after the end of the session, and can save a record of the shopping cart contents for up to a year.
By using this website, you agree that we can place these types of cookies on your device.
- The Website may include third-party advertising and links to other websites. We do not provide any personally identifiable customer Personal Data to these advertisers or third-party websites.
- We exclude all liability for loss that you may incur when using these third party websites.
- If you would like access to the Personal Data that we hold about you, you can do this by emailing us at firstname.lastname@example.org or writing to us at the address noted above. There may be a nominal charge of £10 to cover administrative costs.
- We aim to keep the Personal Data we hold about you accurate and up to date. If you tell us that we are holding any inaccurate Personal Data about you, we will delete it or correct it promptly. Please email us at email@example.com or write to us at the address above to update your Personal Data.
Text Marketing and notifications:
By entering your phone number in the checkout and initialising a purchase, subscribing via our subscription form or a keyword, you agree that we may send you text notifications (for your order, including abandoned cart reminders) and text marketing offers. Text marketing messages will not exceed 10 a month. You acknowledge that consent is not a condition for any purchase.
If you wish to unsubscribe from receiving text marketing messages and notifications reply with STOP to any mobile message sent from us or use the unsubscribe link we provided you with in any of our messages. You understand and agree that alternative methods of opting out, such as using alternative words or requests will not be accounted as a reasonable means of opting out. Message and data rates may apply.
For any questions please text HELP to the number you received the messages from. You can also contact us for more information. If you wish to opt out please follow the procedures above