We are committed to safeguarding the privacy of our website visitors; this policy sets out how we will treat your personal information.
We may collect, store and use the following kinds of personal information:
- (a) information about your computer and about your visits to and use of this website (including your IP address, geographical location, length of visit, page views, and website navigation);
- (d) any other information that you choose to send to us.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
We may use both “session” cookies and “persistent” cookies on the website. Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until deleted, or until they reach a specified expiry date.
We will use the session cookies to: keep track of you whilst you navigate the website; and prevent fraud and increase website security.
We may use your personal information to:
- (a) administer the website;
- (b) enable your use of the services available on the website;
- (c) send you general (non-marketing) commercial communications;
- (d) send you email notifications which you have specifically requested;
- (e) send you marketing communications relating to our business which we think may be of interest to you, by post or, where you have specifically agreed to this, by email or similar technology (and you can inform us at any time if you no longer require marketing communications);
- (f) deal with enquiries and complaints made by or about you relating to the website;
- (g) keep the website secure and prevent fraud;
- (h) verify compliance with the terms and conditions governing the use of the website.
Where you submit personal information for publication on our website, we will publish and otherwise use that information in accordance with the licence you grant to us.
We will not, without your express consent, provide your personal information to any third parties for the purpose of direct marketing.
We operate a data retention policy in respect of all data, whether paper-based or digital. We will retain and process your personal data for the following purposes and retention periods.
|Purpose of Collection||Data Collected||Purpose of Collection||Lawful basis for processing||Data Shared with||Retention Period|
|To provide you with more information on our products and services||Name, Email, company, role, geographical location, phone number, business sector, address||To provide more information on our products via email and to process a sale of products or services||Legitimate Interest||Internally and will our financial and banking processing platforms. Under their Privacy Policies||8 years from the date of the performance of consent|
|Transactional Information||Name, Email, company, role, geographical location, phone number, business sector, address||To process purchase transactions for products and services with customers, and to ensure any transaction issues can be dealt with. For accounting and taxation purposes||Legitimate Interest & Contractual performance Statutory Obligation||Internally and will our financial and banking processing platforms Under their Privacy Policies||8 years for VAT Records|
|Fulfilment information||Name, Email, company, role, geographical location, phone number, business sector, address||To fulfil orders and deliver products and services||Contractual performance||Internally and will our financial and banking processing platforms and logistics providers Under their Privacy Policies||8 years for VAT records and business performance analysis.|
pureLiFi is a UK-domiciled organisation whose primary offices are in the UK.
- The majority of our websites and web applications are hosted in the EU and are accessed
- only by pureLiFi Staff from EU based servers.
- Our customer relationship management, marketing and accounting systems for all our businesses are either EU-based or hosted by companies participating in the EU – U.S. Privacy Shield Framework.
- We use a wide range of Cloud Service Providers (CSPs) as part of our processing environment. Unless we specifically state otherwise, we are, in respect of all these CSPs, the data controller.
- Unless we specifically state otherwise all of the CSPs that we use utilise EU-located processing facilities.
- Our payment processors, banking arrangements and financial information platforms are based in the EU EU-based or hosted by companies participating in the EU – U.S. Privacy Shield Framework.
- We ship and deliver physical products around the world; we, therefore, use logistics companies that are based outside the EU and operate in other countries. We have appropriate legal and security relationships with those partners.
When we process on the lawful basis of legitimate interest, we apply the following test to determine whether it is appropriate:
- The purpose test – is there a legitimate interest behind the processing?
- Necessity test – is the processing necessary for that purpose?
- Balancing test – is the legitimate interest overridden, or not, by the individual’s interests, rights or freedoms?
In addition, we may disclose your personal information:
- (a) to the extent that we are required to do so by law;
- (b) in connection with any ongoing or prospective legal proceedings;
- (c) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
- (d) to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling, unless otherwise agreed upon; and
- (e) to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.
INTERNATIONAL DATA TRANSFERS
Information which you provide may be transferred to countries (including the United States) which do not have data protection laws equivalent to those in force in the European Economic Area.
In addition, personal information that you submit for publication on the website will be published on the internet and may be available, via the internet, around the world. We cannot prevent the use or misuse of such information by others.
You expressly agree to such transfers of personal information.
SECURITY OF YOUR PERSONAL INFORMATION
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
WE will store all the personal information you provide on our secure (password- and firewall-protected) servers.
All electronic transactions entered via the website will be protected by encryption technology.
You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
You are responsible for keeping your password and other login details confidential. We will not ask you for your password (except when you log in to the website).
EU GDPR Representative
We have appointed IT Governance Europe Limited to act as our EU Representative. If you wish to exercise your rights under the EU General Data Protection Regulation (GDPR), or have any queries in relation to your rights or privacy matters generally please email our Representative at firstname.lastname@example.org or post your request or query to: EU Representative, IT Governance Europe, Third Floor, The Boyne Tower, Bull Ring, Lagavooren, Drogheda, Co. Louth, A92 F682
- The right of access
You may request a copy of the personal data we hold about you free of charge. Once we have verified your identity and, if relevant, the authority of any third-party requestor, we will provide access to the personal data we hold about you as well as the following information:
- a) The purposes of the processing
b) The categories of personal data concerned
c) The recipients to whom the personal data has been disclosed
d) The retention period or envisioned retention period for that personal data
e) When personal data has been collected from a third party, the source of the personal data
- If there are exceptional circumstances that mean we can refuse to provide the information, we will explain them. If requests are frivolous or vexatious, we reserve the right to refuse them. If answering requests is likely to require additional time or occasions unreasonable expense (which you may have to meet), we will inform you.
- The right to rectification
When you believe we hold inaccurate or incomplete personal information about you, you may exercise your right to correct or complete this data. This may be used with the right to restrict processing to make sure that incorrect/incomplete information is not processed until it is corrected.
- The right to erasure (the ‘right to be forgotten’)
Where no overriding legal basis or legitimate reason continues to exist for processing personal data, you may request that we delete the personal data. This includes personal data that may have been unlawfully processed. We will take all reasonable steps to ensure erasure.
- The right to restrict processing
You may ask us to stop processing your personal data. We will still hold the data but will not process it any further. This right is an alternative to the right to erasure. If one of the following conditions applies you may exercise the right to restrict processing:
- a) The accuracy of the personal data is contested
b) Processing of the personal data is unlawful
c) We no longer need the personal data for processing, but the personal data is required for part of a legal process
d) The right to object has been exercised and processing is restricted pending a decision on the status of the processing
- The right to object
You have the right to object to our processing of your data where
- Processing is based on legitimate interest;
- Processing is for direct marketing;
- Processing is for the purposes of scientific or historic research;
- Processing involves automated decision-making and profiling.
The website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.
Please let us know if the personal information which we hold about you needs to be corrected or updated.
9 Haymarket Terrace