The Stickleback Fish Company Customer Privacy Policy

The Stickleback Fish Company Ltd understands and is committed to respecting privacy and protecting information provided and obtained during the course of managing its business relationships.

This Privacy Policy explains what happens to any personal data that you provide, or that is collected from you as part of our usual business, marketing and/or accessing our website. The majority of the data that we collect and store will be business data relating to the customer that we are dealing with. However, as part of our business and marketing processes we will be collecting and using limited personal data.

Other websites

Our website contains links to other sites which are not managed by us and are not covered by this Privacy Policy. We do not accept any responsibility or liability for information contained on other sites and you should take time to read their privacy policy.

Regulations

All personal information processing is in accordance with the Data Protection Act 20 I 8 (the ’20 I 8 Act’) and the EU General Data Protection Regulation (‘GDPR’).

For the purpose of these Regulations the data controller is The Stickleback Fish Co Ltd, a company registered in England and Wales under company number 5476544 whose registered office is at Unit 4 Apex Point, Travellers Lane, Welham Green, Hertfordshire. AL9 7HB.

Data protection principles

Personal data must be processed in accordance with six ‘Data Protection Principles.’ It must:

  • be processed fairly, lawfully and transparently;
  • be collected and processed only for specified, explicit and legitimate purposes;
  • be adequate, relevant and limited to what is necessary for the purposes for which it is processed;
  • be accurate and kept up to date. Any inaccurate data must be deleted or rectified without delay;
  • not be kept for longer than is necessary for the purposes for which it is processed; and
  • be processed securely

We are accountable for these principles and must be able to show that we are compliant.

What information do we collect about you?

When we provide you with products or services we may collect and store any personal information that you provide to us. This may include:

  • name
  • address
  • delivery address
  • email address
  • telephone numbers – work and personal if provided to us as best form of contact
  • we may also hold information relating to dietary needs and physical needs if appropriate which we have collected for you to attend one of our events. This will be to ensure your comfort and safety
  • photographs of you attending an event that you have consented to being used for promotional purposes

At the time of this policy being written we do not offer a direct debit facility so do not hold any form of payment details for your account If this changes in the future you will be informed and explicit consent will need to be given to process payments in this way.

We currently use NetPay to receive payment by card and this information is not stored or held by us following the transaction.

Use of information

In addition to business and personal information we have collected or has been provided by you we may also process other types of personal information. This can include that which is obtained from other organisations in the course of our business relationship, such as; Companies House, credit reference agencies and trade referees.

In broad terms, we use your data for the following purposes:

  • to provide products and services you request or have expressed an interest in;
  • to communicate with you regarding availability of products or services you have requested and suggest alternatives;
  • to carry out market research so that we can improve the products and services we offer;
  • to track your activity on our websites and company social media so we can improve your customer experience
  • to create an individual profile for you so that we can understand and respect your preferences
  • to communicate directly with you
  • for profiling purposes to enable us to personalise and/or tailor any marketing communications that you may consent to receive from us;
  • the recording of answerphone messages and phone calls to ensure accuracy and for training purposes
  • for record keeping and
  • in order to prevent fraud

Legal basis for processing customer personal data

The Stickleback Fish Co collects and uses customers’ business and sometimes personal data because is it necessary for:

  • providing of our services to you
  • the pursuit of our legitimate interests (as set out below);
  • the purposes of complying with our duties and exercising our rights under a contract for the sale of goods to a customer; and
  • complying with our legal obligations

The normal legal basis for processing customer data is that it is necessary for the legitimate interests of the company including:

  • selling and supplying goods and services to our customers;
  • protecting customers, employees and other individuals and maintaining their safety, health and welfare;
  • promoting, marketing and advertising our products and services;
  • sending promotional communications which are relevant and tailored to individual customers;
  • understanding our customers’ behaviour, activities, preferences and needs
  • improving existing products and services and developing new products and services;
  • complying with our legal and regulatory obligations;
  • preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies;
  • handling customer contacts, queries, complaints or disputes;
  • managing insurance claims by customers
  • protecting the company, its employees and customers by taking appropriate legal action against third parties who have committed criminal acts or are in breach of legal obligations to the company;
  • effectively handling any legal claims or regulatory enforcement actions taken against the company and
  • fulfilling our duties to our customers, colleagues, shareholders and other stakeholders

Consent

In most situations we will not rely on your consent as a lawful ground to process your data. In general consent will only be relied on for sending direct marketing communications via email, social media or mobile phone messaging.

If you attend an event or meeting at our premises we may also ask that you give us permission to use your photographs for the promotion of our business.

If we do ask for consent for a specific purpose, you have the right not to provide it or to withdraw it at a later date.

Disclosure of your information

In order to provide our products and services to you or to otherwise fulfil contractual arrangements that we have with you, we may need to appoint other organisations to carry out some of the data processing activities on our behalf. These may include, for example, payment processing organisations, third party delivery companies, fraud prevention and screening, credit risk management companies and mail services.

We use the following third party service provider for our email communications and to manage out marketing subscriber lists:

We may share your data with third parties:

  • if it is necessary to do so in order to enforce our contractual rights;
  • if we are under a legal or regulatory duty to do so;
  • where disclosure is necessary to protect the safety or security of any persons; and/or
  • to lawfully assist the police or security services with the prevention and detection of criminal activity;
  • otherwise as permitted under applicable law

These third parties could include:

  • similar businesses for marketing or promotional purposes
  • advertising networks and social media platforms for the purposes of selecting and serving the relevant advertisements to you via those networks, media platforms, search engines and analytics providers

We do not send your personal data outside the European Economic Area. If this changes you will be notified of this and the protections which are in place to protect the security of your data will be explained.

In all instances where we disclose your information to third parties, we will do our utmost to ensure that your information is appropriately protected.

Receiving communications from The Stickleback Fish Company

We want you to be the first to know about our special offers, new products, seasonality and availability information, invitations to events and general company and industry news.

We will have discussed communications from us with you at our first meeting, however if you haven’t already signed up to receive these exciting benefits please visit our website to do so.

You can unsubscribe and update your information and preferences at any time by clicking the relevant link at the bottom of our specials email. You can also contact us using the sales email address on our website and at the bottom of this policy.

Please note, if you don’t choose to receive this information, we will be unable to keep you informed of new services, products, events or special offers that may interest you and our ability to help you take advantage of these may be affected.

Security

We take the security of your personal information very seriously. We employ technical and organisational security measures and have procedures in place to protect any paper based systems and computerised databases from loss and misuse, and only allow restricted access to them where necessary. Any use of personal information is carried out under strict guidelines.

We may monitor or record telephone calls for security purposes to improve the quality of services that we provide to you.

Please note that for your safety and security, CCTV is in operation in our premises.

How we use cookies

Overall, cookies help us provide you with a better website by enabling us to monitor which  pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This is used to track visitor use of the website and to compile statistical reports on website activity. For further information visit www.aboutcookies.org or www.allaboutcookies.org.

Our website uses Google Analytics, a web analytics service provided by Google, Inc. Google Analytics sets a cookie in order to evaluate your use of this website and compile reports for us on activity on the website. Google stores the information collected by the cookie on servers in the United States. Google may also transfer this information to third parties where required to  do so by law, or where such third parties process the information on Google’s  behalf  Google will not associate your IP address with any other data held by Google. By using this website,  you consent to the processing of data about you by Google  in the manner  and for  the purposes set out above.

Access to your information and other rights

Under the GDPR and the Data Protection Act 2018 (DPA 2018) you have a number of rights with regard to your personal data.

  • The right to information about what personal data we process, how and on what basis as set out in this Privacy Notice
  • The right to access your own personal data by way of a subject access request
  • The right to rectification – to correct any inaccuracies in your personal data
  • The right to be forgotten – to request that we erase your personal data, however this would only be where we were not entitled under the law to process it or it is no longer necessary to process it for the purpose it was collected
  • The right to restriction of data processing in certain circumstances
  • The right to object if we process your personal data for the purposes of direct marketing
  • The right of portability – to receive a copy of your personal data and to transfer your personal data to another data controller. We will not charge for this and will in most cases aim to do this within one month
  • With some exceptions, the right not to be subjected to automated decision-making
  • In most situations, the right to notification of a significant data security breach concerning your personal data

Complaints

You have the right to complain to the Information Commissioner. You can do this by contacting the Information Commissioner’s Office directly. Full contact details including a helpline number can be found on the Information Commissioner’s Office website (www.ico.org.uk). This website has further information on your rights and our obligations.

Identification will also be requested for security.

Changes to this policy

We regularly review our policies and procedures as we aim to continually improve our standards and ensure all our information is up to date. This Privacy policy may therefore change and we recommend that you check our website regularly. A new effective date will be clearly shown.

If we make any major changes that affect how we use your information, or what information we use, you will be notified using the email address you have provided. Renewed consent may be necessary and we will ensure we adhere to the relevant regulations in this regard.

Contact Us

If you wish to contact us regarding any details contained in this policy including if you wish to exercise your rights with regards to personal data or anything else relating to Data Protection please email: [email protected] or call  01707 257 462.

For general enquiries please email: [email protected] or call on the number above.

Thank you