This Privacy Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from Toffeln Ltd.
We are committed to protecting any data that we collect concerning you. By using our services, you agree to the use of the data that we collect in accordance with this Privacy Policy.
WHAT WE COLLECT
When visiting this website we automatically collect the following information:
- IP address
- time zone, and the cookies that are installed on your device
Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically collected information as “Device Information”.
We collect Device Information using the following technologies:
- Cookies – data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies click HERE.
- Log files – track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
- Web beacons, tags, and pixels are electronic files used to record information about how you browse the Site.
By using this website, you (the visitor) agree to allow third parties to process your IP address, in order to determine your location for the purpose of currency conversion. You also agree to have that currency stored in a cookie on your browser. This is done in order to set up your checkout currency. Additionally, when you make a purchase or attempt to make a purchase through the Site, we collect certain information from you, including your name, billing address, shipping address, payment information (including credit card numbers), email address, and phone number. We refer to this information as “Order Information”. When we talk about “Personal Information” in this Privacy Policy, we are talking both about Device Information and Order Information.
ONLINE PURCHASING
Toffeln offers online purchasing via www.toffeln.shop
This system is designed to be robust and secure. We will only use your data as set out in the GDPR guidelines in relation to the performance of contract.
Our main payment gateway is Shop Pay (from Shopify) who provide end-to-end encryption on all payment details. In addition, there are also the options to pay using Google Pay, PayPal and Klarna. Stripe may also be used for specific types of transactions. No payment details are stored internally at Toffeln for online purchases.
The ‘My Account’ function stores information such as, but not limited to billing address, shipping address, purchase history, name, title, phone number, email, organisation etc. This is to ensure Toffeln Ltd can fulfil its contractual obligation for online purchases. Customers have full control of these details via the ‘My Account’ function. To make changes or request deletion, customers can contact itadmin@toffeln.com
HOW WE USE YOUR PERSONAL INFORMATION
The information we collect is used to:
- Communicate with you
- Screen our orders for potential risk or fraud; and
- When in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
The Device Information that we collect helps us screen for potential risk and fraud (in particular, your IP address), and more generally to improve and optimise our Site. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, the Device Information helps us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. Any of the stored information in no way gives us access to your computer or any information about you, other than the data you choose to share with us. This helps us assess the success of our marketing and advertising campaigns. We also may use the Device Information for advertising and retargeting.
At any time, you can update your preferences by clicking the link in any emails you receive from us. The link will always be in the footer of the email. You can also stop receiving emails from us using that same link.
SHARING YOUR PERSONAL INFORMATION
Through our online purchasing via Toffeln.shop, we share your Personal Information with third parties as described above. We use Shopify to power our online store. To read more about how Shopify uses your Personal Information click HERE. To help us understand how our customers use the Site, we use Google Analytics. To read more about how Google uses your Personal Information click HERE. You can also opt-out of Google Analytics HERE .
Finally, we may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful requests for information we receive, or to otherwise protect our rights.
KLARNA, GOOGLE PAY, PAYPAL & STRIPE – Other Payment Providers
In order to be able to offer you payment options from other Providers, certain aspects of your personal information will be shared, such as contact and order details, in order for these companies to assess whether you qualify for their payment options and to tailor the payment options for you.
General information on Klarna you can find here.
General information on Google Pay can be found here.
General information on PayPal you can find here.
General information on Stripe can be found here.
Your personal data is handled in accordance with applicable data protection law and in accordance with the information in Klarna’s privacy policy, Google Pay’s Privacy policy, PayPal’s privacy policy and Stripe’s Privacy policy.
INFORMATION SECURITY
We take appropriate security measures to protect against unauthorised access to or unauthorised alteration, disclosure or destruction of data. These include:
- periodic internal reviews of our data collection, storage and processing practices and security measures
- periodic external Penetration Testing where a cyber-security expert attempts to find and exploit vulnerabilities in our networks and websites. By stress testing these systems, this ensures they are kept as secure as possible.
- physical security measures to guard against unauthorised access to systems where we store personal data.
We may also use passwords to help verify your identity before granting access to certain services and functionalities. Should you elect to participate in such a password-protected service, we urge you to take appropriate precautions to protect your privacy (e.g., do not disclose your password to others; periodically change your password).
DATA INTEGRITY
Toffeln processes personal information only for the purposes for which it was collected and in accordance with this Policy or any applicable service-specific privacy notice. We periodically review our data collection, storage and processing practices to ensure that we only collect, store and process the personal information needed to provide or improve our services. We take reasonable steps to ensure that the personal information we process is accurate, complete and current, but we depend upon our users to update or correct their personal information whenever necessary.
BEHAVIOURAL ADVERTISING
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page. You can opt-out of targeted advertising by using the links below:
Additionally, you can opt-out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal.
DO NOT TRACK
Please note that we do not alter our Site’s data collection and use practices when we see a Do Not Track signal from your browser.
YOUR RIGHTS
If you are a European resident, you have the right to access personal information we hold about you and to ask that your personal information be corrected, updated, or deleted. If you would like to exercise this right, please contact us through the contact information below.
Additionally, we note that we are processing your information in order to fulfil contracts we might have with you (for example if you make an order through the Site), or otherwise to pursue our legitimate business interests listed above. Please note that due to some of the companies we work with, your information may be transferred outside of Europe, including to Canada and the United States. Such transfers will be completed in compliance with relevant Data Protection Legislation.
DATA RETENTION
When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.
CHANGES
We may update this Privacy policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal or regulatory reasons.
CONTACT US
For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by email at hello@toffeln.shop, by phone on 0345 500 4433 or by mail using the details provided below:
Company Privacy Compliance Officer
Toffeln Ltd
Unit 2, Bridge Road,
Kingswood,
Bristol,
BS15 4FW