Hereby we inform you, as our website’s and webshop’s visitor and user of our services about our company’s privacy policy. We know that you care how information about you is used and shared and we appreciate your trust in us to do that carefully and sensibly.
- What principles do we follow during data processing?
Our company follows the following principles during data management:
- We use personal data lawfully and fairly, as well as in a transparent manner.
- We only collect personal data in accordance, for a clear and legitimate purpose and we do not misuse them.
- The collected and handled personal information are appropriate and relevant and is limited to the neccessary.
- We do every reasonable measure, that the data used by us are precise and up-to-date, data that is incorrect will be corrected or deleted without delay.
- Personal data is saved in a form which permits identification ofdata for no longer than is necessary for the purpose for which the data were collected or for which they are further processed
- We protect personal data with appropriate technical and organisational measures, to protect the data against accidental or unlawful usage, accidental loss, destruction or impairment.
How we handle your data
- We collect, organise, store and use your data based on your prior informed consent and voluntary permission, and only in the required manner and always connected to the purpose.
- In certain cases your data’s handling is based on regulatory requirements and is obligatory, we will inform you about these cases.
- In certain cases handling your personal data is required to be done by us or is in the interest third party, for example, our website’s and shop’s maintenance, development, and security.
- Company information
United Flow Limited
Registered office and trading address: Unit 4, Orbital Industrial Estate, Horton Road, London, UB7 8JL
Our website: https://thegoodnessproject.co.uk
Contact: hello@thegoodnessproject.co.uk
Address: Unit 4, Orbital Industrial Estate, Horton Road, London, UB7 8JL
E-mail address: hello@thegoodnessproject.co.uk
Registered number: 8408252
Our company is not required to appoint a data protection officer in accordance to the GDPR article 37
Our hosting service provider’s name, address and contact details:
Nimenor Consulting & Marketing Ltd.
Hova House, 1 Hova Villas
Brighton & Hove, BN3 3DH
United Kingdom
In order to provide our customers with a quality service, we use the following data processors:
COMPANY NAME |
ADDRESS |
ACTIVITY |
Admiral Accounting Ltd | Legacy Centre | Accounting, tax processing |
Nimenor Consulting & Marketing Ltd. | Hova House, 1 Hova Villas | IT services, database maintenance and processing, issuing riports, hosting services, direct marketing |
Royal Mail plc | 100 Victoria Embankment London EC4Y 0HQ | Delivery company |
DPD group | PO BOX 6979, Roebuck Lane, Smethwick, West Midlands, B66 1BN | Delivery company |
SendinBlue | 55 rue d’Amsterdam, 75008 Paris | email marketing, online marketing |
Paypal | Nevada Attorney General, 555 E. Washington St., Suite 3900, Las Vegas, NV 89101 | online payment |
Stripe Payments Company | Suite 550, 185 Berry Street, San Francisco, CA 94117 | Online card payment |
In case there are changes in the group of data processors, we will reflect this in our current document.
Data handled by us:
Name of the activity and purpose of data processing
| Legal base | Data handled | Timeframe |
Website visit The aim is to provide the working of a functional and quality website,
To monitor and correct the quality of our services, To identify malicious visitors attacking our website, To measure visitor numbers, Statistic purposes
| Our company’s legitimate interest | IP address Time of visit Data from the visited subsites The operating system and browser used by you
| 1 month |
Registration on the website The goal is that our visitors receive a better user experience, notification about fallback, changes to our company’s contact details, etc.
| contribution | First name, Last name E-mail address Billing address Delivery address Phone number | Until the registration is deleted or until the contribution is withdrawn
|
Use of the website shop services Aim is the registration and recording the visitors Order processing and fulfilment, Handling orders, invoices and deliveries, handling of complaints, processing returns, analysing the habits of our customers, keeping in touch with our customers.
| contribution contract legislation polisy (GDPR article 6, paragraph (1), section c) | Full name, Phone number and e-mail address, Details of your purchase (product, quantity, price, date and time, gift message), Details regarding your payment (payment deadline, bank account number, bank or debit card number, ePurse, cash on delivery, etc.), Participation in one-off or constant offers, discounts, Data regarding delivery: delivery deadline and delivery address (Postcode, country, county, address line 1 and 2, house number) Billing name, in case of a person full name, Your VAT number or VAT registration number (in case these details are required for invoicing) Billing address ((Postcode, country, county, address line 1 and 2, house number).
| Undefined timeframe whilst the online shop is functioning, but latest until the data processing consent is withdrawn
Data regarding fulfilment of a contract – 5 years. Issued invoices and documents linked to the invoice – 8 years.
|
E-newsletter service Aim: keeping in touch, informing you about offers, news and our new products
| contribution | Full name, e-mail address | Until you unsubscribe from the e-newsletter |
Direct marketing service Through the analyzation of your shopping habits We create and send personalised offers, We contact you for direct marketing Sending information about the products and services carried by us. | contribution | Full name, e-mail address | Direct marketing services until cancellation (unsubscribe) |
Administration, complaint · Reply to feedback and complaints | · legal obligation | · full name · e-mail address · phone number · postal address · other personal message | · 5 years |
Competition, giveaway · Aim: to guide the company’s course of business in a positive direction by drawing attention and give away valueable prizes · To increase the satisfaction of our customers | contribution legal obligation | Depending on the competition/giveaway: · Full name · e-mail address · phone number · home address | · for participant until the competition/giveaway is closed · in the winners’ case 8 years |
We will only request personal information from our visitors, if they wish to register, login, shop in our online Shop or if they wish to be included in an online competition.
Personal data given at registration and during the usage of the online shop services will not be connected and the identification of our visitors is not our goal.
If you have any questions regarding our data processing, please contact us at the hello@thegoodnessproject.co.uk email-address or through our postal address. Our answer will be sent within 15 days (or at least within 1 month) to the contact address given by you.
- What are cookies and how do we handle them?
Cookies are small text files, that are stored on your computer or device when you visit the website. These are downloaded and stored by your internet browser. The majority of the most used internet browsers (Chrome, Firefox, etc.) are accepting cookies download and usage automatically, however you can block or delete these in the setting of your browser, as well as delete the cookies that are already saved on your computer. You can read more information about the use of cookies in each browser’s ‘Help’ section.
There are cookies that doesn’t require your prior consent. Our website gives a short introduction about these, such as authentication, multimedia player, balancing, session and user-based security cookies.
Cookies that require your consent – in case the data processing has already started by entering the website – will have to be acknowledged before the start of your visit.
Our company doesn’t use and doesn’t allow cookies, which would allow third parties to collect your data without your consent.
Accepting the cookies isn’t mandatory, however our company doesn’t take responsibility, if our website doesn’t work properly due to the not acceptance of the cookies.
What type of cookies do we use?
Type | Name | Consent | Description | Purpose | Validity |
Operational cookies
|
| Not required | Firewall session cookie for the online operation, which prevents the abuse against cross-references
| Securing the operation of the website | End of the browsing session |
Debugging cookie |
| required | For personalisation | saving of your settings to increase the efficiency of our services |
30 days |
Debugging cookie (from third parties) |
|
Not required | To identify new visitors and sessions, saved by Google Analytics online debugger | Connected to the the third parties services (eg. Google) during the website visit |
30 days |
Read more about third party cookies in detail here https://www.google.com/policies/technologies/types/, about their privacy policy here https://www.google.com/analytics/learn/privacy.html?hl=hu
- Information about the data processing of our online Shop.
As you provide us with your personal details during registration, shopping and communication with our company, therefore we ask you to pay attention to the genuineness, correctness and promptness of the data, as you are responsible for these. Incorrect, imprecise and incomplete data can be the barrier of using our services.
In case you provide us with other person’s details, we will assume that you have the necessary authorisation to do so.
You can always withdraw your consent of your data handling anytime free of charge
- By deleting your registration,
- By withdrawing your consent of your data handling, and
- By requesting the withdrawal and deletion of consent, that was requested at registration and is necessary for data processing.
We agree to undertake the registration of the consent withdrawal – due to technical reasons – within 15 days, however, we would like to draw your attention to the fact that some data might be used after the consent withdrawal for fulfilling legal obligations or for purpose of legitimate interests.
In case of misleading personal data or if one of our visitors commit criminal offence or is attacking our company’s system, we will delete the persons data are through the deletion of their registration profile immediately, or we will keep them – if necessary – for the time of the criminal trial or identification of civil liability.
- Information about direct marketing and e-newsletter data handling
With your consent during registration or later, through the changing of your personal data saved in our website shop (which means your consent is given) you approve that we use your personal details for marketing activities too.
In this case – until the consent is withdrawn – your data can be used for direct marketing and/or by sending of an e-newsletter, promotional or other items, as well as information and offers.
You can give your consent to direct marketing and e-newsletter together or separately and you can withdraw them anytime free of charge.
In every case, we will see a deletion of a registration profile as a withdrawal of consent. The withdrawal of the consent to direct marketing and/or e-newsletter will not be identified as the withdrawal of the consent given regarding our online shop data handling.
We agree to undertake the registration of the consent withdrawal – due to technical reasons – within 15 days.
- Information about competitions/giveaways
Our company can host competitions/giveaways on an ad hoc basis, which terms and conditions will be presented in a separate policy. Our current offering and the T&Cs will always be displayed on the landing page of our website in a link at a central place
- Other data handling questions
We only forward your data in a framework determined by law, in case of our data processors, we secure this via contracts, that your personal data cannot be used for conflicting goals without your consent. Further information can be found in the 2. Paragraph.
Our company can only forward data abroad in accordance with the policies set by the GDPR. The court, the prosecutor and other authorities (e.g. Police, tax office, Information Commissioner’s Office) can contact our company to provide information, data or documents. In these cases, we have the data handling right to fulfil these obligations, however only in the manner that it necessary to fulfil the purpose of the request.
Our contributors and employees involved in the data handling and processing are entitled to know your personal data - besides the obligation for confidentiality.
We protect your personal data with appropriate technical and other measures, and we secure your data’s security, availability and protect them from illegal access, modification, damage as well as publication and any unlawful usage.
In accordance to our security questions, we would like to ask your help to protect your password used for our website and/or shop and not to share it with anyone.
- What are your rights and your facilities to appeal?
About the data processing you can: request information,
- request the correction, change and add to your personal data that we manage
- object the data handling and request the deletion of their data (except data for the neccessary data processing),
- appeal in front of the court bíróság elÅ‘tt jogorvoslattal élhet,
- report a concern or start proceedings at the supervisory authority (https://ico.org.uk/concerns/).
Supervisory Authority: Information Commissioner’s Office
- Address: Information Governance department
Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF - Phone number: 0303 123 1113
- E-mail: registration@ico.org.uk
- Website: https://ico.org.uk
- At your request, we provide information about your data handled by us or handled by data processors appointed by us
- About data,
- About their source,
- About the aims and legal base of data handling,
- Time frame, but if that is not possible, about the aspects of determining the time frame,
- The names, addresses and activities connected to data processing of the data processors
- The circumstances of data protection incidents, their effect and their aversion as well as the measures taken to their intervention, and
- The legal base and recipient of the forwarding of your personal data
We kindly ask you, before turning to the supervisory authority or court you’re your complaint – for identification and resolving the problem as soon as possible – please contact our company.
- What is the main legal policy for our activity?
- regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. General Data Protection Regulation (GDPR) (EU) 2016/679
- Change to the privacy policy
We reserve the right to change the current Privacy Policy, about which we will inform the affected in an appropriate manner. Information about the data handling will be published on the thegoodnessproject.co.uk website.
London, 24th of May 2018
Latest update: 28th of November 2022