Eco Vape Ltd is the data controller of the personal data we may collect as part of your use of this site and connected services.
We understand that looking after the personal data you share with us is hugely important. We want you to be confident that your data is safe and secure with us and you understand how we use it, this privacy and cookies policy (Policy) sets out this key information.
Personal data we collect about you
This section tells you what personal data we collect about you.
We may collect and process information about you, including without limitation:
- Information that you give us. You may give us information about you by filling in forms on our Website or by corresponding with us by phone, e-mail or otherwise. The information you give us may include your name, address, e-mail address and phone number, personal description and photograph.
- Information that we collect about you. With regard to each of your visits to our Website we may automatically collect technical information and information about your visit; and
- Information we receive from other sources. We may receive information about you if you use any of the other websites we operate or the other services we provide. We are also working closely with third parties and may receive information about you from them.
We may supplement the information we collect about you with information we receive from other public sources (eg public registers such as the electoral roll). This allows us to assess the accuracy of the information we hold about you in order to send you relevant offers and information.
How and why we use your personal data
This section explains in detail how and why we use your personal data. Collecting your personal information helps us to better understand what you need from us and to improve our services to you. Without limitation, we may use your information to:
- manage and improve our Website, including to ensure that content is presented in the most effective manner for you and for your computer;
- administer our Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- personalise our services to you;
- tell you about important changes to the Website and our services;
- manage promotions, competitions, customer surveys and questionnaires, and to allow you to participate in interactive features of our service, when you choose to do so; and
- Assess and evaluate any content you submit to us and to contact you to decide on next steps;
- enhance our efforts to keep our site safe and secure.
- You have the right to ask us not to process your personal data for marketing purposes.
Legal basis of processing
In relation to personal data we process to send you any marketing communications that you have agreed to receive, we do so based on your consent. You can withdraw your consent at any time to receiving these communications. In relation to the other personal data processed, we process this based on what is called our “legitimate interests”, these are:
- to help you understand our business, its performance and changes;
- to keep you informed about news and events, including regulatory news connected with Tesco;
- to assess and evaluate any content you submit to us and to decide on next steps in relation to your submission;
- to administer and keep up to date your account, resolve problems and respond to complaints;
- to prevent and detect fraud;
- to invite you to attend events connected with the above.
Sharing your personal data
We may share personal data with other organisations in the following circumstances:
- With our service providers (such as our website or event hosts) in order to run the service and administer your account;
- If you are a shareholder, with our share registrar service provider;
- If you are a shareholder, with our tracing agents in order to locate “missing” shareholders;
- If the law or a public or regulatory authority says we must share the personal data;
- If we need to share personal data in order to establish, exercise or defend our legal rights (this includes providing personal data to others for the purposes of preventing fraud);
- Where we restructure, sell or transfer our business (or a part of it). For example in connection with a takeover or merger.
- With third parties who help us assess and evaluate any content or ideas you share with us.
Data protection officer
Our Data Protection Team can be contacted by email: email@example.com
How we protect personal data
We know how important it is to protect and manage your personal data. This section sets out some of the measures we have in place:
- We apply physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal data;
- We protect the security of your information while it is being transmitted by encrypting it and using password protection.
- We use computer safeguards such as firewalls and data encryption to keep this data safe;
- We only authorise access to employees and trusted partners who need it to carry out their responsibilities;
- We regularly monitor our systems for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security; and
- We will ask for proof of identity before we share your personal data with you.
Whilst we take appropriate technical and organisational measures to safeguard your personal data, it is important that you keep your login details and devices protected from unauthorised access.
The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by companies operating outside the EEA who work for us or for one of our service providers. If we do this we ensure that your privacy rights are respected in line with this Policy. The most common way we do this is to put in place a specific type of contract called “Standard Contractual Clauses” or through an approved scheme such as the “Privacy Shield”.
Complaining to the data privacy regulator
We’d like the chance to resolve any complaints you have, however you also have the right to complain to the UK data protection regulator (the ICO) about how we have used your personal data. Their website is https://ico.org.uk.
Subject access right
You have the right to see the personal data we hold about you. This is called a “Subject Access Request”.
If you would like a copy of the personal data we hold about you, please write to:
The Data Controller, Eco Vape Ltd. Cotes Park Estate, Cotes Park Lane. Alfreton. Derbyshire. DE55 4NJ
You can also email us at: firstname.lastname@example.org
Other privacy rights
If you believe we hold incorrect or inaccurate personal data about you please let us know and we will correct it.
In some circumstances you may also have the right to object to our use of your personal data, restrict our use of it, have us delete it or have us port a copy of it to you or a third party.
You can find out more about these rights by visiting the ICO’s website: ico.org.uk, or alternatively contacting us (per the “Contact Us” section on our website).
How long we use personal data for
We will not keep your personal data longer than we need to, how long this is depend on several factors, including:
- Why we collected it in the first place;
- How old it is;
- Whether there is a legal/regulatory reason for us to keep it;
- Whether we need it to protect you or us.