What Is GDPR?

GDPR stands for the General Data Protection Regulation. It's an EU legislation that is the framework for data protection across Europe. Companies must not only be compliant but demonstrate compliance, or face fines of up to 4% of annual global turnover or 20 million (much higher than the 500,000 fine imposed under the Data Protection Act 1998).

What Does GDPR Mean For Me?

The GDPR gives individuals 8 key rights regarding data:

  1. The right to be informed, about what data is being captured, and what it is used for.

  2. The right of access, to the data a company holds on you. The company must provide this within 30 days of the request.

  3. The right to rectification. If the data held is incorrect or incomplete, an individual can request rectification (verbally or in writing). Again, a company has 30 days to respond to this.

  4. The right to erasure. Also known as the right to be forgotten. A right for individuals to have their personal data erased - within 30 days.

  1. The right to restrict processing. Individuals can request restriction or suppression - which means that companies are permitted to store the personal data, but not use it.

  2. The right to data portability. This allows individuals to obtain and reuse their personal data for their own purposes across different services.

  3. The right to object. Individuals have the right to object to direct marketing and other forms of data processing

  4. Rights related to automated decision making including profiling. Individuals have the right to object to automated decision making, including profiling.

 

These are the rights the GDPR brings to individuals, or you as a user or customer of websites and businesses.

What Does It Mean For Businesses?

There are a number of steps that businesses have to take in preparation for GDPR as outlined by the ICO (the Information Commissioner's Office) here. Peeli Ltd. have followed and completed all of these steps.

  • Awareness. Making key decision makers aware of GDPR and the change in law.

  • Information they hold. Document the data that a company holds, where it came from, what it is used for etc.

  • Privacy information. Businesses must review their current privacy information and communicate it with those affected.

  • Individual rights. The 8 key rights as listed above - make sure there are procedures and processes in place to respond to any of the requests individuals have the right to make (for example, deleting personal data).

  • Lawful basis for processing personal data. Identify the lawful basis for a businesses processing activity, document and update privacy notice to explain this. As explained in our privacy policy.

  • Consent. Review how the business seeks, records and manages consent. Refresh any existing consents if they don't meet the new standard.

  • Data breach. Have procedures in place to detect, report and investigate a personal data breach.

  • Children. Obtain parental or guardian consent for any data processing activity regarding children.

  • Data Protection Officers. Designate someone to take responsibility for data protection. Some businesses may be required to formally designate.

What Has Peeli Ltd Done?

Peeli Ltd. have followed and completed all of the 12 steps outlined by the ICOl. Most of the steps we have taken are outlined in or privacy policy.

 

Overall

We welcome the GDPR and the changes it brings. Keeping your data secure and operating in a safe, secure and transparent way is important to us - we ask our staff to treat all data as if it is their own. If you have any questions around our compliance to the GDPR or data security and privacy in general then please get in touch.

Disclaimer

Peeli Ltd. published this guide based on information we have gathered about GDPR to help our customers understand the steps we have taken but it is in no way legal advice. For full information and help regarding the new regulations, please visit the Information Commissioner's Office (ICO) website.

 

Privacy Policy

Peeli Ltd. takes the privacy of its customers seriously and is committed to the following policy.

Who We Are

We are Peeli Ltd. a company registered in England and Wales (Company No. 11176617 ) with a registered office at 39 Smith St, Warwick CV34 4JA.

We are registered with the Information Commissioner in accordance with the Data Protection Act 1998 (the Act, Data Protection Registration no. Z9389651). For the purposes of the Act we are the data controller of your personal data.

The Information We Collect

Information Provided By You:

We collect the following personal information on customers who have created orders with us.

  • Full name

  • Email address

  • Contact telephone number

  • Delivery address

  • Billing address

This information is required to process payment and deliver your order to you and is provided by you to Peeli Ltd.  when you place an order with us online or over the telephone.

 

Information Collected Automatically:

We store some information automatically as you browse our site, such as the IP address of the device you are visiting with. This is for the purpose of security and gaining information on the way you use the website for market research etc.

Full details of the information collected automatically is outlined in our cookie policy.

How we use this information

The information you provide to us is used so that we can offer you, the customer, the best experience possible.

Peeli Ltd. are committed to being transparent when it comes to data and your privacy. We use data that you provide us for the following reasons:

Processing your order - We use the information you provide to process your order. For example, we need to supply address details to our suppliers and couriers in order for them to dispatch your purchase.

Provide you with order details and account information - This section of the website allows you to manage your contact details, view a history of conversations and messages with our customer services team and view your order history.

Offer a better service - For example, we use anonymised order data to offer better products for sale.

Marketing - Unless you give us consent, we do not use information you provide to us as part of placing an order for marketing purposes. You can opt-in or opt-out to receive marketing communications as outlined below.

Research - We use anonymised order data for market research purposes. For example, to report on how many orders we had from a city/town in a given period.

Analysis - We use anonymised data about how you use the website in order to to monitor traffic and website performance. We use tools like Google Analytics to do this. More information about this is found in our cookie policy. For more information on how you can opt-out of sending information to Google Analytics, see Google's support document here.

Telephone - From time to time, we may monitor or record telephone calls for training purposes in order to offer a better service to our customers.

Gift Vouchers - Gift vouchers are available to purchase on Peeli Ltd.  As they are an intangible item, information about the recipient and sender are needed to actually process the voucher order and deliver to the recipient. As part of placing an order for a gift voucher, you give us permission to contact the recipient with the information regarding the voucher on your behalf.

 

Who we share this information with:

In order to fulfil our contractual obligation to you as a customer who has placed an order with us, it may be necessary for us to share information with other third party data processors. An example of those third parties can be found below.

As a customer, you can request to see a comprehensive list of data that we share with other data processors.

  • Dispatch/Fulfillment

  • Couriers

  • Payment Providers

  • Marketing Software Providers

Saved card details and payment information:

Peeli Ltd. do not store card details directly. Instead, any card details you provide are stored securely by our Merchant Bank (AIBMS). Prezzybox store a reference/token to your securely held card details so that the information is retrievable by you - the customer - for repeat purchases.

Data Retention

We retain information provided indefinitely as we use it to provide individuals access to information about their order history and to enable communications with our customer service teams etc.

We also retain customer records in accordance with FCA and PCI policy - as governed by law and in interest of preventing crime and fraud.

In compliance with GDPR, we respect the individuals right to access, rectification and erasure of personal data. For more information on how to access, edit or erase information we hold please see the relevant points below.

Your Rights

In compliance with GDPR and as part of our privacy policy, we inform you as an individual that you have the following rights:

  • The right to be informed

  • The right of access

  • The right to rectification

  • The right to erasure

  • The right to restrict processing

  • The right to data portability

  • The right to object

  • The right not to be subject to automated decision-making including profiling

Withdrawing Consent

Marketing communications are only sent to users who explicitly opt-in and give Peeli Ltd.  consent, at the time of creating an account, to contact them for marketing purposes (e.g. special offers, discounts, seasonal promotions etc).

If you are subscribed to our marketing emails and no longer wish to receive them, you can unsubscribe from marketing communications easily by clicking the unsubscribe link located at the bottom of every marketing email.

Alternatively, please contact a member of our customer services team who will be happy to assist you.

Lawful Basis for Processing Personal Data

Peeli Ltd.  Ltd. have a lawful basis for processing personal data, that you provide at the time of placing an order, in order to fulfil our contractual obligations to you. For example, without using the delivery details that you provide to us at time of purchase, we wouldn't be able to delivery your order to you.

By placing an order and disclosing this information with us at the time of purchase, you consent to the collection, storage and processing of that information in the manner as set out in this policy.

This lawful basis for processing personal data is in compliance with the new GDPR as stated in Article 6(1)(b): processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

Full information on lawful basis for processing personal data can be found on the Information Commissioner's Office website.

Right Of Access: Data Access Requests

In compliance with GDPR, individuals have the right to access your personal data. Individuals have the right to obtain

  • Confirmation that their data is being processed;

  • Access to your personal data; and

  • Other supplementary information

What does this mean?

The purpose of right access under GDPR is to clarify the reasons to allow individuals to access their personal data. Individuals should be aware of, and can verify the lawfulness of the processing (details of which can be found above).

You can request to see a copy of the data that we hold.

Peeli Ltd.  have the right to charge a reasonable fee when a request is manifestly unfounded or excessive, particularly if the request is repetitive. Peeli Ltd.  may also charge a reasonable fee to comply with requests for further copies of the same information. The fee will be based on the administrative costs of providing the information.

Peeli Ltd.  must provide this information without delay and within one month of the receipt of the request. This period can be extended by a further two months where requests are numerous or complex. If this is the case then Peeli Ltd.  must inform the individual within one month of the receipt of the request and explain why the extension is necessary.

What if the request is manifestly unfounded or excessive?

Where requests are manifestly unfounded or excessive, in particular because they are repetitive, Peeli Ltd. can:

  • charge a reasonable fee taking into account the administrative costs of providing the information; or

  • refuse to respond.

Where Peeli Ltd.  refuse to respond to a request, we must first explain to the individual why we have made this decision and inform them of their right to complain to the supervisory authority and to a judicial remedy without undue delay and at the latest within one month.

Changes to Privacy Policy

Any changes to this privacy policy will be made on this page. Where possible and appropriate, we will notify you of any changes by email.

Contact Details

If you require any further assistance with regards to matters of privacy, then please do not hesitate to contact our team by e-mail on: hello@peeli.co.uk.

Cookies are small text files, located in browser directories. They are used to help users navigate through the Peeli website efficiently.

 

Peeli Limited uses cookies on www.peeli.co.uk. There are two types of cookies used on our website: 

 

Session (Transient) cookies - these cookies are erased when you close your browser, and do not collect information from your computer. They typically store information in the form of a session identification that does not personally identify the user.

 

Persistent (Permanent/Stored) cookies - these cookies are stored on your hard drive until they expire (i.e based on a set expiration date) or until you delete them. These cookies are used to collect identifying information about the user, such as web surfing behaviour or user preferences for a specific site.

 

Most browsers allow you to refuse to accept cookies and to delete cookies. The methods for doing so vary from browser to browser, and from version to version. Please note, if you block cookies, it will have a negative impact upon our website usability.

 

Our Details

This website is owned and operated by Philip Baker and Dani Boniface from Peeli Limited.

Peeli is registered in England and Wales and our registered office is:

Peeli Ltd, 39 Smith Street, Warwick, Warwickshire, CV34 4JA.

 

You can contact us by post, to the postal address given above, by using our website contact form or by emailing: hello@peeli.co.uk.

 

We may update this policy from time to time by publishing a new version on our website.

You may wish to check this page occasionally to ensure you are happy with any changes to

this policy.

Last updated: 12th April 2019

Peeli Ltd

39 Smith Street

Warwick

CV34 4JA

Call: (+44) 01926 409570

Email: hello@peeli.co.uk

Company registration no: 11176617 

      ©2019 Peeli   //  Website created by Wild Type

  • Facebook Logo
  • Twitter Logo
  • Peeli Ltd LinkedIn
  • Instagram Logo