Privacy Policy
Who we are
At Plug Plants by Post we respect your privacy, and aim to comply with the latest data protection regulations. This policy explains how we collect and handle data relating to website visitors. Please note that this policy may be altered in the future. It was last updated in May 2024. Our website address is: https://plugplantsbypost.co.uk/
Information About Us
Plug Plants by Post is a sole trader.
Address:
5 Bridge Terrace,
Melmerby,
Penrith,
CA10 1HL
What does this notice cover?
This Privacy Information explains how we use your personal data: how it is collected, how it is held, and how it is processed. It also explains your rights under the law relating to your personal data.
What is personal data?
Personal data is defined by the UK GDPR and the Data Protection Act 2018 (collectively, “the Data Protection Legislation”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
Users under 18 years of age
Any user under 18 years of age must have their parents’/guardians’ consent to use our website. Users without this consent are not allowed to provide us with personal information.
What personal data we collect and why we collect it
Contact forms
We need to collect minimal personal information so we can provide the products and services you have requested from us.
When you contact us by email or via the contact form on the website, we will collect your name, email address and contact number so that we can process your inquiry. When you contact us via a contact form, we also need to collect your anonymised IP address to help prevent spam.
Purchases
When you make a purchase on this site, we need to collect certain personal data in order to fulfil your order and process your payment. Personal data required to fulfil your order includes your address, delivery address, email address and telephone number. In addition we will collect transactional data about payments to and from you and other details of products you have purchased from us. We need this data to process and fulfil your order, manage payment fees and charges, and collect and recover money owed to us, or issue refunds.
We accept payment via PayPal, Credit Card and Debit Card. At no point do we collect or store any card or payment information. That is handled by PayPal Payments Processing and you can read their privacy policy, and control your settings, here. The PayPal payment gateway is fully compliant with PCI-DSS which helps ensure the secure handling of debit and credit card information.
Account Data
You do not have to create an account if you purchase from this store. If you do decide to create an account, we will store certain information about you so that we can display your account details and allow you to view past purchases, as well as to fulfil orders. This includes your name, email address, postal address and phone number. If you choose to ship your deliveries to a different address, we will also retain your shipping address. At no point do we store any payment information on this site.
If you do create an account on this store, we strongly recommend implementing two factor authentication via an authenticator app to further secure your personal details and prevent unauthorised access should your password be compromised.
Analytics
We use google analytics to gather anonymised information about visitors to this site and how they interact with my site in order that we can improve the website. You can read more about those cookies, and how to opt out in the Cookie Policy.
Embedded content from other websites
This site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website. If you do not accept cookies, this functionality might not work as intended.
Who we share your data with
We will not share your personal information with third parties for marketing purposes. Personal information will only be given to a third party when we are legally obliged to do so. Anonymous data derived from cookies may be shared with third parties, but only for technical purposes, not marketing ones.
We share your personal data and card details with PayPal to facilitate payments processing. As a reminder, you can read their privacy policy, and control your settings, here.
Marketing
You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the Data Protection Legislation and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will always have the opportunity to opt-out. We will always obtain your express opt-in consent before sharing your personal data with third parties for marketing purposes and you will be able to opt-out at any time.
We will only use your personal data for the purpose(s) for which it was originally collected unless we reasonably believe that another purpose is compatible with that or those original purpose(s) and need to use your personal data for that purpose. If we do use your personal data in this way and you wish us to explain how the new purpose is compatible with the original, please contact us.
If we need to use your personal data for a purpose that is unrelated to, or incompatible with, the purpose(s) for which it was originally collected, we will inform you and explain the legal basis which allows us to do so.
In some circumstances, where permitted or required by law, we may process your personal data without your knowledge or consent. This will only be done within the bounds of the Data Protection Legislation and your legal rights.
How long we retain your data
Personal data may be required for legal purposes and record keeping. All data will only be stored for as long as it is legally required. If you subscribe to a marketing campaign, blog updates or similar, and consequently unsubscribe, we will delete your data on an annual basis.
What rights you have over your data
You can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. When you make a request to receive or erase your personal data, we may ask for additional information to prove your identity.
If you are not satisfied with our response or do not believe we are processing your personal data in accordance with the law, you can complain to the Information Commissioner’s Office (ICO).
Where we send your data
Contact Forms may be checked through an automated spam detection service. Payment details are processed by Paypal as outlined above.
We use a spam checking service called Antispam Bee to check product reviews. We restrict reviews to the English language to prevent spam. As part of that functionality Antispam Bee uses franc to detect language settings. It sends the comment to the service securely via HTTPS. Other data about the commentator (like IP or email address) are not sent. You can read more here: https://antispambee.pluginkollektiv.org/documentation/#allow-comments-only-in-certain-language
Additional information
How we protect your data
We will store all personal information you provide securely. All traffic between your browser and this website is encrypted and protected via SSL (Secure Socket Layers).
We will not allow weak passwords to be used in account creation. We provide the option of adding two factor authentication via an authenticator app, and we would strongly encourage you to make use of this functionality.
Data Breaches
Finally, we will endeavour to report any unlawful data breach of this website’s database or the databases of any of our third party data processors to any and all relevant persons and authorities within 72 hours of the breach if it is apparent that personal data stored in an identifiable manner has been stolen.
Contact
If you have any queries about this privacy policy or how we safeguard your personal data, please contact us at
Cookies
This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful. You can read more about this in our cookie policy.