How Do We Protect Your Information?
At La Tienda by Jose Sol, your privacy and data security are our top priorities. Here’s how we handle your information:
What Information Do We Collect?
To process your order, we require your name, email address, and delivery address. Without these details, we cannot process or confirm your order.
We also ask for a contact telephone number to reach you in case there are any issues with your order. If necessary, we may share your contact details with our couriers or delivery partners to facilitate the delivery process or resolve any logistical concerns.
Your Preferences:
When you sign up with us, you can choose whether to receive emails about exclusive offers, promotions, or updates from us. You can update these preferences at any time.
How Do We Secure Your Data?
Our website employs secure server technology to safeguard your information. All data you provide, including payment and account details, is encrypted before being transmitted to us. This helps minimize the risk of unauthorized access during transmission.
Our Commitment to Security:
We adhere to stringent data protection procedures in compliance with UK legislation, ensuring your personal information remains secure. Access to customer data is strictly limited to authorized personnel whose job requires it. Our systems are protected with password-controlled logins, and we periodically review and enhance our security measures to protect against unauthorized access.
Periodic Security Updates:
To ensure your data remains safe, we regularly review and update our confidentiality practices and database access controls.
Any personal information provided to or gathered by the business or entity controlling this website, being the site available from this domain (“Site”) is controlled by the organisation whose details are on available from the Contact Us page (“we”, “us”, “our”).
We are committed to protecting and maintaining your privacy; this Privacy Notice describes how we collect, process and store personal data, to include via our Site, other sites and other online platforms. All personally-identifiable information provided to or gathered by us, including through our website, will be treated as confidential and we will not abuse this trust by providing all or any part of your information to others unless you have consented to this, where this is in our legitimate interests or to meet a legal obligation, further outlined below. Your information will never be sold, licensed, loaned or otherwise distributed to any other organisation unless we are required to do so by applicable law. Subject to any overriding obligation to which we are subject, you have the right to object to the processing of your personal information, by a simple request that we stop such processing.
Collection of your Personal Information
We may collect personal information in various ways, including in e-mail or written correspondence with you or to which we are copied, via third party services, through our website or directly from you at meetings or events. You have a choice whether to provide any information to us, except where this is necessary to fulfil any contract – such as in relation to the provision of our services (albeit recognising that such a decision may mean that we are unable to provide our services as you expect), or where we are required to do so by applicable law or a Government agency or law enforcement.
We maintain records of consent, where we rely on active consent for the processing of personal data, and will ensure processing is limited or ceases where such consent is withdrawn.
Why we Process your Personal Information
Our use of your personal information will at all times be in accordance with applicable data protection laws; we rely on the following grounds justifying our processing of personal data:
Where information is obtained through or as a result of your use of our Site, we use this information for the following purposes:
Managing Your Preferences, including for Marketing
In addition, we may process your information for marketing purposes (including offers, promotions and updates in relation to our services, that we believe may be of interest to you) that relate to similar goods or services, either where you are or have been a user of our services or have made an enquiry about them previously or where you have given your explicit consent.
You have the right to manage your preferences in relation to the kinds of information that we collect and the manner in which your information is processed – you can update these preferences at any time through our site; you can also withdraw your consent, either as a whole or in relation to particular kinds of information or delivery methods. We encourage our users and clients to exercise these preferences so that they only receive the information that they wish from us and so that our use of their information is consistent with their own expectations.
You may ask us to erase information that we hold about you, except where there is some other reason requiring us to maintain the information, such as for insurance purposes, for example. We monitor and will also delete information and data that we hold, where we reasonably consider this no longer to be required.
If you have accepted the relevant cookies, we may collect, store and process non-personal information about you automatically as a result of your use of this site, such as the type of internet or mobile browser that
you are using to gain access and any website from which you linked to us, but you cannot be identified from this information. We will only use such non-personal information to help provide an effective and more relevant website offering.
Where your browser settings have been set to automatically accept cookies, by remaining on our site, we will take this to mean that you are happy to accept our use of cookies. You can update these preferences at any time but please be aware that certain functions of the site may not work as well where cookies are blocked.
Information Officer
Under GDPR (which, in this Privacy Notice, means EU Data Protection Regulation 2016/679 and laws implementing or supplementing GDPR as the data protection or privacy laws of any other country), the nature of the processing that we undertake does not require us to appoint a formal Data Protection Officer (DPO); however, we may maintain equivalent standards and the nominated representative for the purposes of compliance with our data protection obligations is the owner or managing director of our organisation.
Technical and Organisational Measures and Security
The protection of our clients’/customers’ or users’ personal information is important to us and therefore we have and maintain appropriate technical and organisational measures to achieve these aims. These seek to protect personal information that we process from and against unauthorised or unlawful use, or accidental loss, damage or destruction and we review these measures, on a regular basis to ensure that they are appropriate.
These include encrypted access to our systems, only accessible by our personnel, utilising secure and regularly-updated passwords and access to and processing of information though our site, using secure HTTPS. We do not however process any bank or card details through our site; instead using an established third party provider to take payments online.
In relation to data security, you accept the risk that data transmitted to us through this site via electronic means may be intercepted before reaching us or may be accessed by unauthorised third parties, or exploited unlawfully. We do not assume any responsibility for guarding against the acts of third parties and shall not be liable for any direct, indirect or consequential losses or damages incurred or suffered as a result.
Sharing your Personal Information
We will never share your personal information with others for commercial gain or in ways that you would not reasonably expect of us.
Unless we have your explicit consent otherwise, we will only share your personal information where this is necessary to fulfil our contract with you or where we have a legal obligation to do so. You appreciate that in order
to provide you with our services or to sell you our products, it may be necessary or more efficient for us to engage other businesses that provide complementary services, allowing us to fulfil your needs or where such other services are necessary for us to operate our business; examples, without limiting this description, may include IT and website backups, hosting providers, HR advice and consultancy, payroll and bookkeeping services, software and program providers, banking and financial provider and equipment suppliers.
In addition, we may process your information where we are required or permitted to do so under applicable law, where required to do so by any Government agency or law enforcement, where it is necessary in connection with the sale or potential sale of our business or where we conclude that we have and can show one or more legitimate interests for doing so.
If you are unhappy with the way in which we handle your information or any response from us, you may seek further guidance or file a complaint with the Information Commissioner’s Office (ICO), Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF. Tel: 03031231113 (local rate); 01625 545745.
Linking to Other Sites
To add value to visitors’ experiences when using our site, we may provide links to other websites or resources for you to access at your sole discretion, but you agree that we shall not be responsible or liable to you in respect of the availability or content of, or consequences of you linking to, any such external site and you should review the privacy notices of those sites before proceeding; although we welcome links to this site, we shall be entitled to demand that such links are broken if we consider the content or nature of the linking site to be unsuitable or unprofessional, as we see fit.
Service Providers and Third Parties
We may on occasion have the need to transfer your data to suppliers located outside of the European Economic Area (“EEA”), including in the USA. We will only do so where the legal regimes of those territories outside of the EEA offer an equivalent standard of data protection to our own.
Where it is necessary to provide information to external service providers or partners in relation to services that they provide to us, in order to operate our business or to provide you with the services requested, we have adopted approved model data protection clauses in our arrangements with them, to ensure they meet the same high standards required in relation to the processing of your personal information under applicable data protection laws.
How long we Store Personal Data
We maintain the data that we collect in providing our products and/or services to customers/clients or users, for certain periods of time that we have determined; after which such data will generally be erased or securely destroyed.
Your Rights and how to Exercise Them
You may request a copy of the information that we hold about you (known as a Subject Access Request). In addition, under the GDPR, you may exercise the following rights:
Please contact us via a simple request, where you wish to exercise any of your above rights or if you wish to file a complaint about our collection, processing or use of your personal information.
Right to Object to Processing
Whatever justification we rely on, under GDPR you have a right to object to our processing of your personal information, unless we have a separate legal or regulatory obligation to do so, in which case our processing will only be limited to the extent to which we need to process your information. However, except for this, you may confirm your objection to the extent and kinds of processing being undertaken, by sending us a simple request, updating your preferences.
Disclosure of your Information
We only transmit data to third parties in very limited circumstances and never for the purposes of marketing or to ‘sell’ the data we hold. Certain information may be available to essential organisations upon whom we rely to run our business; our contractual terms with those third parties provide the assurances under Article 28 of GDPR that they will abide by the requirements of GDPR in processing data, to the extent that we require, on our behalf.
We will never sell, transfer or disclose personal data for commercial gain or for any purpose outside of that strictly necessary to run our business and provide our services.
Your Preferences about our use of your Personal Information
If we send you any information by way of marketing, this will be based on our having previously sold to you or responded to an enquiry for similar goods or services; all communications of this nature will include a simple means of unsubscribing. You may wish to update your preferences concerning what you receive and in what format that takes; to let us know about your preferences, to include if you wish to change them, please visit the relevant area of this Site or otherwise send us a simple request confirming those changes and we will update your preferences to reflect your wishes immediately.
Should you no longer wish to be contacted by us, please either confirm this in a simple request or by updating your preferences.
Retaining Personal Information
We will only keep your personal information for such period as we deem necessary to fulfil the purpose(s) for which it has been collected or in relation to legal obligations to which we are subject. We monitor and regularly delete information and data that we hold, where we reasonably consider this to be no longer required for any legitimate purpose.
Where we are able to fulfil a request to delete and erase your personal information, we will fulfil that request, unless there is some other obligation to which we are subject requiring us to retain your data, in which case we will retain it only for so long as is necessary to meet that other legal obligation.
Your Information and Keeping it Up-to-Date
You have the right to request details of the information that we hold about you. Should you wish to be provided with these details, please contact us with a simple request.
We wish to keep any information that we hold about you accurate and up to date and therefore please contact us if the information we hold about you needs updating.
If you have any questions or concerns regarding your privacy, or if you experience difficulties in accessing or viewing any site(s) operated by us, please contact us.
We value your feedback in relation to our online presence and therefore welcome any comments or feedback which you may have.
Changes to this Privacy Notice
We may change or modify this Privacy Notice at any time and we recommend that you check the latest version of this notice each time that you access the Site. The date of the most recent update will appear below. Any significant changes to this notice may be confirmed through direct communication with you, where we consider that such changes should specifically be brought to your attention.
This Privacy Notice was last updated on 22 Nov 2024.