General Data Protection Regulation (GDPR) Terms & Conditions
The new GDPR rules will apply from 25th May 2018 to replace the Data Protection Act 1998. We have updated our terms and conditions accordingly.
What does this mean for you, our customer?
- Your data cannot be used or shared without your explicit consent
- It should be easy for you to have your data removed from any Websites or lists; this process should be transparent and swift
- You must be given the option to unsubscribe from any lists you may have previously signed up to. This is known as The Right to be Forgotten.
What does this oblige us to do:
- We will never store your data for the purpose of marketing. We will not send you newsletters by email. All our newsletters will be made available on our Facebook page and you can choose whether or not to read them. We will NEVER share your data with any third parties.
- Any data we have from you (address/ email address/ telephone number) will have been gathered as part of the order process when you purchased an item from us. The order details are stored for an accounting purpose for a period of seven years. You have the right to ask for this information to be removed from our Website. You can contact us by email firstname.lastname@example.org or telephone 07716 097927 and ask to have this information removed. Your order details will be permanently removed from our back office system within 48 hours of your request.
- We will not sign you on to an email list or social media platform as a result of your custom. If you have ‘liked’ our social media platforms but no longer wish to keep in contact you are free to unsubscribe using your own social media account.
Our commitment to your security
All Medal Hanger Shop staff have unique logins to the order system.
Any staff who leave The Medal Hanger Shop have their access rights terminated immediately. All passwords for all staff are then changed.
Passwords to all order systems are changed at least once every six months as standard.
- We never share your order information with third parties.
- We never store payment information.
- We will never cold call you
- We will never ask for bank details over the telephone
- We will never ask for passwords over the telephone
Any telephone transactions will be initiated by you, the customer, in the event that you do not wish to order over the Internet or have called up with a query, and then proceed with a telephone order.
The emails you receive from us are payment confirmations and order completion notifications. These emails NEVER contain links or Call to Action buttons. You will receive a further email inviting you to review your purchase. If you are suspicious of an email or telephone call, we strongly advise you to independently verify the information.
Data Breach Policy
If our Website is breached we are responsible for identifying the breach and reporting it within 72 hours. We have to assess the breach and its source. We must alter all logins immediately and rectify the breach swiftly.
If you are interested in finding out more about GDPR and your rights regarding personal information, navigate to ico.org.uk/for-the-public