Privacy policy
Last updated: 14.09.2024
If at any time you have concerns or questions about how BRUNO handles your data, please contact us at mail@brunobaby.co.uk.
We are committed to protecting your privacy and ensuring that your personal information is handled responsibly. This policy aims to inform you about how we use the personal data that you provide us or that we collect from you. We encourage you to read this information carefully to understand how we handle your personal data.
This Privacy Policy describes how BRUNO (the "Site", "we", "us", or "our") collects, uses, and discloses your personal information when you visit, use our services, or make a purchase from brunobaby.co.uk (the "Site") or otherwise communicate with us (collectively, the "Services"). For purposes of this Privacy Policy, "you" and "your" means you as the user of the Services, whether you are a customer, website visitor, or another individual whose information we have collected pursuant to this Privacy Policy.
Please read this Privacy Policy carefully. By using and accessing any of the Services, you agree to the collection, use, and disclosure of your information as described in this Privacy Policy. If you do not agree to this Privacy Policy, please do not use or access any of the Services.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time, including to reflect changes to our practices or for other operational, legal, or regulatory reasons. We will post the revised Privacy Policy on the Site, update the "Last updated" date and take any other steps required by applicable law. We recommend you check this page periodically to ensure you remain happy with the latest version.
How We Collect and Use Your Personal Information
In order to fulfil your order and any future customer service requests, we need to know certain personal data collected at the time of order.
The types of personal information we obtain about you depends on how you interact with our Site and use our Services.
When we use the term "personal information", we are referring to information that identifies, relates to, describes or can be associated with you. The following sections describe the categories and specific types of personal information we collect.
The information we hold will consist of but not be limited to the following:
- Title;
- Name;
- Address;
- Mailing Preference flags such as ‘Do not mail’;
- Products purchased from us in the past, including their cost;
- Telephone number, if offered to us.
- Email address;
- Where we believe you heard about us from.
- Credit card details are encrypted after data entry and are not stored on our systems after use.
We do not collect any Special Category Data (sensitive data) such as race, religion, biometrics or health data. It is our policy that your information is private and confidential.
Accordingly, the personal information you provide to us is stored in a secure location, and is accessible only by designated staff.
We also collect data because it is necessary for the pursuit of our legitimate interests.
Our legitimate interests are set out below:
• Direct Marketing
• Understanding our customers’ wishes and shopping preferences
• Improving our service and our products
How We Use Your Personal Information
Providing Products and Services. We use your personal information to provide you with the Services in order to perform our contract with you, including to process your payments, fulfill your orders, to send notifications to you related to you account, purchases, returns, exchanges or other transactions, to create, maintain and otherwise manage your account, to arrange for shipping, facilitate any returns and exchanges and to enable you to post reviews.
Marketing and Advertising. We use your personal information for marketing and promotional purposes, such as to send marketing, advertising and promotional communications by email, text message or postal mail, and to show you advertisements for products or services. This may include using your personal information to better tailor the Services and advertising on our Site and other websites.
Security and Fraud Prevention. We use your personal information to detect, investigate or take action regarding possible fraudulent, illegal or malicious activity. If you choose to use the Services and register an account, you are responsible for keeping your account credentials safe. We highly recommend that you do not share your username, password, or other access details with anyone else. If you believe your account has been compromised, please contact us immediately.
Communicating with you. We use your personal information to provide you with customer support and improve our Services. This is in our legitimate interests in order to be responsive to you, to provide effective services to you, and to maintain our business relationship with you.
How we use your information for Direct Marketing & how to manage your marketing preferences
When you choose not to opt out of 1st party marketing, we may collect your email address, name and order details so that we can tailor our communications with you and send you relevant offers and news via email by posting you our latest catalogue. If at any time you wish to opt out of receiving our catalogues and/or emails, email us at mail@brunobaby.co.uk.
We also advertise on digital platforms, such as Facebook and Google. We use these platforms to reach you and people like you with relevant, targeted offers and updates from BRUNO.
To turn off targeted ads on any of these platforms, please see the individual privacy settings for each.
How we use your information to understand our customers’ wishes and shopping preferences
Our communications are designed to tell you about the benefits we can offer so that you have access to our best deals. We use the information we have about you to tailor the content and try to ensure that the offers are as relevant to you as possible. Under the Data Protection Legislation, this might qualify as profiling. If you do not wish us to use your data for this purpose, please email us at mail@brunobaby.co.uk.
How we use your information to improve our service and our products
If you raise a customer service ticket with us or return any item, we store your contact and order details. This data is archived after 120 days and this archive is cleared every 24 months. If at any time you wish this information to be removed, erased or not used in any such way, please make this clear in the feedback you provide us with, or email us at mail@brunobaby.co.uk.
We may, from time to time, send you a quick survey about your experiences with us or more broadly about your shopping behaviour. We store this information against your profile so we can better understand our customers and use this insight to improve our service and products.
Data Processors
We work with the following data processors in order to carry out our marketing activities. From time to time we may use other legally compliant data processors as required. These processors will hold data for no longer than is required to complete the analysis before securely deleting it. All data is only accessible to select, authorised individuals.
- Facebook: If you do not wish to see targeted ads on Facebook, you can update your preferences on Facebook by clicking on the Ads section within Settings on Facebook. Facebook matches email address, marketing preferences and purchase history for the purpose of audience selection for our advertising campaigns on Facebook and Instagram.
- Google Ads: They match your email address, marketing preferences and purchase history for the purpose of audience selection for our advertising campaigns on Google Search and Display Networks. For information on how Google ensures GDPR and other data protection law compliance, see here: https://privacy.google.com/businesses/compliance
-
Unisender: We use Unisender to send emails to our customers. We delete your Unisender profile 24 months after the last time you opened an email from us, or the last time you visited our website (https://brunobaby.co.uk), whichever is later. Your Unisender profile also includes how you found our website, and information about your orders with us, but does not include your shipping or billing address.
This enables us to tailor our communications with you. - Shopify Inc: They host our store. To manage your order and any future customer service requests, we collect and store the details you provide at the point of booking. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your order data is stored in Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
How long we keep your data
To serve our customers in the best possible manner and to continue to inform you about new products and services, we retain customer data for seven years after the last purchase date, or until you exercise your right to deletion as described below in the
YOUR RIGHTS section.
Your Rights
You retain at all times the right to access or amend or delete any Personal Data we hold about you or to exercise your right of data portability or to object to, or restrict, the purposes for which your Personal Data is processed on certain grounds.
You may also modify your marketing preferences at any time by emailing us at mail@brunobaby.co.uk.
You may exercise this right by making a request in accordance with Data Protection Laws, by emailing mail@brunobaby.co.uk.
You have the right to access your information
You the right to access information held about you. Your right of access can be exercised by making a request to us verbally or in writing.
We will deal with your request and provide details of the information we hold about you within 28 day.
You have the right to lodge a complaint
If you are not satisfied with the service we provide with regard to the protection of your Data you are entitled to contact the Information Commissioner’s Office Helpline: 0303 123 1113.
You have the right to ask us what personal data we hold about you.
If at any time you wish to exercise this right, you can email us at mail@brunobaby.co.uk.
To protect your privacy and security we may need to verify your identity before sharing this information.
You have the right to ask us to update or amend any out-of-date or incorrect data.
If at any time you wish to amend your data, you can email us at mail@brunobaby.co.uk. To protect your privacy and security we may need to verify your identity before making amendments.
If you wish to update your marketing preferences at any time, you email us at mail@brunobaby.co.uk
You have the right to ask us to delete the data we hold about you.
If at any time you wish to exercise this right you can email us at mail@brunobaby.co.uk.
To protect your privacy and security we may need to verify your identity before deleting your data.
Disclosures
We will seek to act in the best interests of our customers and will not abuse our position of data controller. We wish to be as clear and transparent as possible and uphold any requests for data disclosure or amendment as soon as possible. Due to the nature of data and catalogue printing, when an amendment is made to data it may take up to six weeks for it to become effective, although we will do everything possible to ensure this time delay is kept to a minimum.
Disclosure of your information
We never disclose your information except in accordance with this Policy and with all applicable laws relating to the protection of Personal Data, including the EU Data Protection Directive 95/46/EC, the EU General Data Protection Regulation 2016/679, the EU ePrivacy Directive 2002/58/EC as amended by Directive 2009/136/EC, as amended or superseded from time to time, and any national implementing legislation (“Data Protection Laws”).
Credit Card Security
We take the security of our customers’ data very seriously and this includes credit card information. On our website at checkout, you are taken to a secure page and should always see a closed padlock beside the URL address or at the top/bottom of your browser window. If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only for as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers. To learn more, you may also want to read Shopify’s Terms of Service or Privacy Statement.
Cookies
Like many websites, we use Cookies on our Site. For specific information about the Cookies that we use related to powering our store with Shopify, see https://www.shopify.com/legal/cookies. We use Cookies to power and improve our Site and our Services (including to remember your actions and preferences), to run analytics and better understand user interaction with the Services (in our legitimate interests to administer, improve and optimize the Services). We may also permit third parties and services providers to use Cookies on our Site to better tailor the services, products and advertising on our Site and other websites.
Most browsers automatically accept Cookies by default, but you can choose to set your browser to remove or reject Cookies through your browser controls. Please keep in mind that removing or blocking Cookies can negatively impact your user experience and may cause some of the Services, including certain features and general functionality, to work incorrectly or no longer be available. Additionally, blocking Cookies may not completely prevent how we share information with third parties such as our advertising partners.
Information We Collect through Cookies
We also automatically collect certain information about your interaction with the Services ("Usage Data"). To do this, we may use cookies, pixels and similar technologies ("Cookies"). Usage Data may include information about how you access and use our Site and your account, including device information, browser information, information about your network connection, your IP address and other information regarding your interaction with the Services.
Information how We use IP addresses
BRUNO may use your IP address to help diagnose problems with its server, and to administer the Site. Your IP address is used to help identify you and to gather broad demographic information. IP addresses are also used to provide an audit trail in the case of any attempted illegal or unauthorized use of the Site.
Information We Obtain from Third Parties
Finally, we may obtain information about you from third parties, including from vendors and service providers who may collect information on our behalf, such as:
- Companies who support our Site and Services, such as Shopify.
- Our payment processors, who collect payment information (e.g., bank account, credit or debit card information, billing address) to process your payment in order to fulfill your orders and provide you with products or services you have requested, in order to perform our contract with you.
- When you visit our Site, open or click on emails we send you, or interact with our Services or advertisements, we, or third parties we work with, may automatically collect certain information using online tracking technologies such as pixels, web beacons, software developer kits, third-party libraries, and cookies.
Any information we obtain from third parties will be treated in accordance with this Privacy Policy. We are not responsible or liable for the accuracy of the information provided to us by third parties and are not responsible for any third party's policies or practices.
Third Party Websites and Links
Our Site may provide links to websites or other online platforms operated by third parties. If you follow links to sites not affiliated or controlled by us, you should review their privacy and security policies and other terms and conditions. We do not guarantee and are not responsible for the privacy or security of such sites, including the accuracy, completeness, or reliability of information found on these sites.
Additional Considerations: Legal Basis for Data Processing
We process your personal data based on legitimate interests as defined in the GDPR. For example, we ensure that such interests do not override your fundamental rights by conducting a balancing test. This test evaluates the necessity of processing against any potential impact on your privacy.
Processing of Children’s Data
BRUNO does not knowingly collect or process personal data from individuals under 18 years of age. If you believe that we have collected such information without proper consent, please contact us immediately at mail@brunobaby.co.uk.
Cookies Policy Enhancement
To provide transparency, we classify our cookies into categories: essential, performance, functional, and advertising cookies. A full list of cookies used on our website, including their purposes and durations, is available at [link]. Users may modify cookie preferences at any time using our cookie management tool.
International Data Transfers
As our service providers may store or process data outside of the UK or EEA, we ensure compliance with GDPR by implementing Standard Contractual Clauses (SCCs) and other safeguards. For more information, please contact mail@brunobaby.co.uk.
Expanded Rights Section
- Right to Restrict Processing: You can request a temporary halt to data processing under specific circumstances (e.g., disputing data accuracy).
- Data Portability: We provide your data in a structured, commonly used format upon request.
Contact
Should you have any questions about our privacy practices or this Privacy Policy, or if you would like to exercise any of the rights available to you, please email us at mail@brunobaby.co.uk