The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area which came into force on 25 May 2018. GDPR requires that we disclose how we gather, use and store your information.
Information That We Collect from You
To browse this site, you are not required to provide any information about yourself. When you contact us via email, you will need to provide your email address so that we can reply. To order products from this site, you will be asked to provide certain information about yourself as detailed below.
Online orders: Our secure shopping cart is hosted by WooCommerce. When you place an order online, you will be asked for your name, billing address, delivery address, telephone number and email address. When you agree to pay, your name and billing address will be passed from WooCommerce to Sage Pay, our secure payment provider. When your payment is processed, all of the information you entered except for your card details are passed to us for processing of your order. We do not see or have access to your card details.
Phone orders: When you place an order by phone, we will ask you for your name, billing address, delivery address, telephone number, email address and payment card details. We enter your payment information into Sage Pay, our secure payment provider. We do not store your card details.
Use of Your Information
We use the information you provide to:
- process your payment via Sage Pay, our secure payment provider
- fulfill your order
- post your order via the Royal Mail
- enable you to participate in our loyalty programme, should you wish to do so
Sharing of Your Information
We use your name and delivery address to create a mailing label. We use the Royal Mail to post your order, so these details (only) are shared with them so that they can deliver your order.
If you make a claim for a lost item, we contact the Royal Mail and give them your name and address (only) so that they can investigate.
We do not share your details with any other organisation, unless required to do so by law.
We do not do direct/email marketing.
We will contact you only for the following reasons:
- When you place an order, an automated receipt for your purchase will be emailed to you.
- If we have a question about your order, we may contact you by email, text or phone. This is sometimes necessary with personalised orders or if we notice an error in your order.
- After we’ve posted your order, we will email you a shipment notification.
- If the Royal Mail returns your order to us for some reason, we will need to get in touch with you.
- If you have asked us to contact you about a product that has been out of stock.
We do not do direct/email marketing, so we will never contact you except as described above.
Cookies are small text files that are used by websites and placed on your browsing device (PC, phone, etc). Our site creates a session cookie only if you add an item to your basket, to enable you to order online. Session cookies are temporary and are normally deleted when you close your browser. The EU Privacy Directive allows us to use this type of cookie without asking user consent because it is ‘strictly necessary’ for our website to function. We do not use persistent or tracking cookies like some other websites.
You may set up your browser to block cookies by following the relevant instructions which can be found at www.aboutcookies.org. If you block cookies, you may not be able to place an order online, but we would be happy to take your order over the phone instead.
Security and Data Retention
We employ security measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage. We will retain your information for a maximum of 3 years or until you ask us to delete it. Sage Pay retains payment information for 7 years.
We do not store any credit card details at www.kittycollars.co.uk. For maximum security, payments are processed by Sage Pay, the UK’s leading online payment processor. Sage Pay has achieved the highest level of compliance with the Payment Card Industry Data Security Standard (PCI DSS). They adhere to the most stringent levels of fraud screening, ensuring that your card details remain secure throughout the transaction process.
If you have a comment, question or request relating to our use of your information, please contact us.