Last updated: 24th May 2018

Privacy Policy

Torch Direct Limited are committed to protecting and respecting your privacy. We will process your personal data in accordance with the law. For the purposes of data protection legislation, we are the data controller and we will process your personal data in accordance with the General Data Protection Regulation (EU) 2016/679 and national laws which relate to the processing of personal data.

This policy explains what personal data we collect from you, or that you provide to us and how it will be processed by us. Please read the following information carefully regarding your personal data and how we will treat it.

By visiting www.torchdirect.co.uk you are accepting and consenting to the practices described in this privacy policy.

For the purpose of the data protection legislation, the data controller is:

Torch Direct Limited
Nunn Brook Road, The County Estate
Huthwaite, Sutton in Ashfield
Nottinghamshire
NG17 2HU
United Kingdom

Registered in England and Wales with company number 8737876. ICO registration reference: ZA118736.

Information we may collect from you

You may give us information about you by filling in forms on our website or by corresponding with us by telephone, email or otherwise. This includes information you provide when you place an order on our website or enter a competition or promotion. The information you give us may include your name, address, telephone number, email address and payment details.

With regard to each of your visits to our website we may automatically collect the following information, internet protocol (IP) address used to connect your computer to the internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the page and any phone number used to call our customer service telephone number.

We work closely with third parties (including, for example, sub-contractors in technical, payment and delivery services, analytics providers and search information providers) and may receive information about you from them.

Your data will not be transferred outside the European Economic Area (EEA) unless that country or territory also ensures your personal data is protected under applicable laws such as the European Commission Data Adequacy or they are certified with the international Privacy Shield Framework and the third party provider is compliant with the General Data Protection Regulation (EU) 2016/679.

We use Google Analytics on our website to understand how you engage and interact with it. For information on how Google Analytics collects and processes data using cookies, please visit www.google.com/policies/privacy/partners/. You can opt out of Google Analytics tracking by visiting: tools.google.com/dlpage/gaoptout

Uses made of the information

Information you give to us
We will use this information to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, goods and services that you request from us and where you have consented we will provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about or other goods or services we feel may be of interest to you and to notify you about changes to our service.

Information we collect about you
We will use this information to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes, to improve our website to ensure that content is presented in the most effective manner for you and for your computer, as part of our efforts to keep our website safe and secure, to measure or understand the effectiveness of advertising we serve to you and others, to deliver relevant advertising to you and to make suggestions and recommendations to you and other users of our website about goods or services that may interest you or them.

Feedback Request
As part of a legitimate interest in providing an excellent service to our customers we will also request feedback from you regarding our service and/or the products purchased on your order. You will receive an email request asking for feedback 5 days after dispatch of your order.

Additional Notes
Our newsletter and marketing emails are opt-in only, so you will never receive these types of emails without your consent via a double opt-in proceedure. You can also opt-out again at any time. We never sell, rent or exchange mailing lists and we never send unsolicited emails to email addresses.

Disclosure of your information

We may share your personal information with suppliers and sub-contractors for the performance of any contract we enter into with you and analytics and search engine providers that assist us in the improvement and optimisation of our website.

We may also disclose your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms of Use, Terms of Supply or other agreements; or to protect our rights, our property, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

Where we store your personal data

All information you provide to us is stored on secure third party provider servers using SSL encryption for transmission of data. In the case of payment information the servers are those of our secure payment providers, we use Stripe, SagePay and Paypal which all meet PCI DSS v3.2 Level 1 compliance and also use SSL encryption for transmission of data.

Where you have chosen a password to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Your rights

You have the right to ask us not to process your personal data for marketing purposes. Our marketing emails are opt-in only, so you will never receive these types of emails without your consent via a double opt-in proceedure. You can also opt-out again at any time. You can also exercise the right at any time by contacting us by email to sales@torchdirect.co.uk.

How long we retain your personal information

Your personal data is retained for as long as is necessary in order to provide the services agreed with you. Other types of data, for example, order data, may be retained for differing periods of time, including following the termination of our services. Legal and Statutory requirements determine how long we are required to retain certain types of data. Broadly, these include:

Taxation Laws
Value Added Tax Laws (at least 6 years)
Employment Law
Administrative Law (the body of Law and legal work that deals with Government agencies)

In the absence of any legal requirements, personal data will only be retained as long as is necessary to provide you with the agreed services. Data will be erased if you withdraw consent to the data being processed or held and request it be erased, except where any data may be required to be held for Statutory, Historical or Statistical purposes.

From time to time during the retention period, the need to retain identified data will be reviewed. In particular, the type of data and its purpose for processing will be re-considered and whether there remain lawful grounds for its continued processing. Out of date information will be archived.

Following the expiration of the applicable retention period, personal data may not necessarily be completely erased, if it is considered sufficient to anonymise the data. This may, for example, be achieved by means of:

Erasure of any unique identifier which enables the allocation of particular data to an individual person
Erasure of single pieces of personal data that identify an individual person
Separation of personal data from non-identifying information, for example, an order number from a Client's name and address
Aggregation of personal data in a way that no allocation to any individual person is possible

If no fixed retention period has been determined, because of the limited amount of personal data retained, we will provide the criteria used to determine the rationale for retention of any particular data, upon request.

Access to information

You have the right to access information held about you. Your right of access can be exercised in accordance with the GDPR act. Any access request may be subject to a small fee to meet our costs in providing you with details of the information we hold about you. If lawful to do so, we will delete information or correct any inaccuracies for no charge as soon as you make the request.

Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be emailed to sales@torchdirect.co.uk