We've written this policy because we are committed to safeguarding the privacy of our website users and the confidentiality of any information that we collect about you, and we want you to be informed about how we keep your data safe. This privacy and cookies policy explains when and how we collect personal information about visitors to our website, how we use that data and keep it secure, and when it may be disclosed to third parties. This policy may change from time to time, so please do check in occasionally and make sure you’re happy with the changes.
We are Kindly of Brighton. We retail vegan, ethical food and goods. We are a limited company in England (number 12162088) whose registered office is 110-114 Dyke Road, Brighton, BN1 3TE. We are the data controller in respect of all personal data collected via our website, email, telephone, or in person. Whenever you submit your information to us, by these or any other means, we will collect and use such information in accordance with the terms of this policy, and we will ensure that all personal data we hold is treated properly and in accordance with applicable data protection legislation. In accordance with data protection legislation, we are required to explain to you how we will treat any personal data which we collect from or about you. If you have any concerns about the way we have used, shared or processed your data you have the right to lodge a complaint with the Information Commissioner's Office (ICO). However, we would always appreciate the opportunity to address your concerns before you approach the ICO so please do contact us by email at email@example.com or by writing to Kindly of Brighton Data Protection, 110-114 Dyke Road, Brighton, BN1 3TE.
You may give us information about you: when you contact us by any means (including via the website, over the phone, by email or by post) with queries, complaints etc.; when you create an account with us; when you use your account to buy products or redeem vouchers from us; when you engage with us on social media; when you choose to complete any surveys we send you; when you comment on or review any of our products or our services; when you opt in to receive our newsletter; when you take part in a prize draw, competition or survey; when you've given a third party permission to share with us the information they hold about you (for example, pursuant to a third party prize draw, competition or survey). When you are selected for re-engagement marketing campaigns we check to ensure we are mailing you at your most up to date address where this data is available to us through third parties. We reflect any changes in your account to ensure we can continue to provide with information that you have consented to receiving.
The information we may collect, use, store and transfer about you includes the following: name, username or similar identifier (such as social media username), title, date of birth and gender (“Identity Data”); delivery address, billing address, email address and telephone number(s) ("Contact Data"); bank account and credit/debit card information (“Financial Data”); details of your interactions with us, including interactions through our website, by telephone, email, in person and through social media ("Transaction Data"). For example, we may make notes of our conversations with you, log details of any complaints or comments you make and record where any deliveries have been left for you; details of your shopping preferences and personal details (such as purchase history and dietary requirements) which help us to recommend items of interest to you or to send you or make available personalised offers (“Profile Data”); your preferences in receiving marketing from us and your communication preferences (“Marketing Data”); and your comments and product reviews. We may also automatically collect data about you such as internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website ("Technical Data") as you interact with our website. We collect Technical data by using cookies and other similar technologies. Please refer to section 8 for further information regarding the cookies used on our website.
We have set out below a description of how and why we may use personal data you give us and which of the legal bases we rely on to do so. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us by emailing us at firstname.lastname@example.org or by writing to Kindly of Brighton Data Protection, 110-114 Dyke Road, Brighton, BN1 3TE. if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out below.
To set up an account for you so that you can order products from us. Type of data: Identity Data; Contact Data; Financial Data; Profile Data; Marketing Data. Lawful basis for processing: Performance of a contract with you; Necessary for our legitimate interests (in order that we can provide you with the best customer experience and improve the services we are able to offer); Consent (in respect of your marketing preferences).
To process and deliver your order including: Manage payments, fees and charges; Collect and recover money owed to us. Type of data: Identity Data; Contact Data; Financial Data; Transaction Data.
Performance of a contract with you; Necessary for our legitimate interests (to recover debts due to us). Purpose/ Activity: To respond to an enquiry made by you (whether via the website, over the phone, by email or by post). We may also keep a record of our communications with you to inform any future communication we have with you and to demonstrate how we communicated with you throughout. Type of data: Identity Data; Contact Data; Transaction Data.
Necessary for our legitimate interests (to respond to your enquiry and provide you with the information requested regarding our business and our products and services).
To provide you with marketing information regarding our business. Type of data: Identity Data; Contact Data; Profile Data; Marketing Data.
Consent; Legitimate Interests (where legally permitted to do so in order to promote our business and our products - for example, we may use your address details to send you direct personalised marketing information by post telling you about products and services we think may interest you). If you decide that you do not wish to receive such mailings please see section 6 below.
To enable you to partake in a prize draw, competition or complete a survey (survey messages will not contain any promotional content and do not require prior consent). Type of data: Identity Data; Contact Data; Profile Data; Marketing Data.
Performance of a contract with you; Necessary for our legitimate interests (to study how customers use our products, to develop them and grow our business).
Necessary to comply with a legal obligation.
To administer and protect our business and our website from fraud and other illegal activities (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data). Type of data: Identity Data; Contact Data; Financial Data; Technical Data.
Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise); Necessary to comply with a legal obligation.
To use data analytics to improve our website, customer relationships and experiences.
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy).
To make suggestions and recommendations to you about products that may be of interest to you. Type of data: Identity Data; Contact Data; Technical Data; Profile Data.
Necessary for our legitimate interests (to develop our products/services and grow our business). If we require your information for the purposes of performing a contract with you and you fail to provide this information, or if the information you provide is not accurate, we may not be able to perform the contract we have or are trying to enter into with you. You warrant that any information you supply to us is accurate and up to date, that you will inform us if any such information requires updating, and that if you submit a third party’s details to us you have that third party’s permission to do so. We will not sell any of your personal data to any third party. Third Parties
You can ask that marketing information is no longer sent to you by logging in and withdrawing your consent by opting out in the contact preferences of your account on our website, emailing us at email@example.com, by writing to Kindly of Brighton, 110-114 Dyke Road, Brighton, BN1 3TE, or by clicking on the appropriate link in any of our marketing emails. It may take up to 15 working days to remove you from our marketing lists.
We will take all reasonable steps to protect your personal data. However, the Internet is global and no data transmitted via the Internet can be guaranteed by us to be completely secure during transmission. We cannot guarantee the security of any data that you disclose online and we will not be responsible for any breach of security unless this is due to our negligence or wilful default. Our website is hosted in the UK and all data provided to us is stored within our servers located in the UK or the European Economic Area (“EEA”). Sometimes we may need to transfer personal data we collect from you to third-party data processors in countries that are outside the EEA - for example, this might be required in order to fulfill your order, process your payment details or provide support services. If we do this, we will ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented: The transfer is to a third party located in a country that has been deemed to provide an adequate level of protection for personal data by the European Commission. The transfer is subject to use of a contract approved by the European Commission which gives personal data the same protection it has in Europe. The transfer is to a third party based in the US which is part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. In the absence of an adequacy decision in respect of the relevant country, or appropriate safeguards as detailed above, we will not transfer your personal data outside of the EEA unless we have a lawful basis for doing so (for example, because you have explicitly consented to the proposed transfer).
If we are sending marketing materials to you by any means, you may ask us to stop sending such marketing materials at any time. Please see section 6 above for further information on how to do this. You have a legal right to see a copy of the personal data that we keep about you, subject to certain exemptions. Requests for such information should be made by email to firstname.lastname@example.org or in writing to Data Protection Office, Kindly of Brighton, 110-114 Dyke Road, Brighton, BN1 3TE.
rectify or erase any personal data we hold about you; restrict our processing of your personal data; object to us processing your personal data (for example, where we are processing your personal data based on our legitimate interests, you can ask us to stop processing your personal data. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data); data portability in respect of your personal data. In accordance with applicable data protection legislation, we follow security procedures when we process your personal data. We may therefore request proof of your identity before disclosing certain information to you or acting on any requests pursuant to this section 8. Please contact us at the above address if you have any reason to believe that information we hold about you is inaccurate.
We only retain your personal data for as long as we need it for the purpose for which is was collected. Whilst taking in to consideration our legal obligations, we will on an ongoing basis: review the length of time we retain your personal data; consider the purpose or purposes for which we hold your personal data for in deciding whether (and for how long) to retain it; securely delete your personal data if it is no longer needed for such purpose or purposes; and update, archive or securely delete your personal data if it goes out of date. For further information on how long we retain your personal data please contact our Privacy team using the contact details set out in section 8 above.
Our website uses "cookies" to ensure you receive the best possible visitor experience. Cookies are small files which are sent by a web server to an individual's computer which are then stored on that computer's hard drive. A cookie contains text, and is like an identification card which can only be translated by the server it originated from. Cookies cannot tell us information such as your email address, which we can only collect where you tell us, for example if you submit an inquiry to us.