Definitions and Interpretation:
Data – collectively all information that you submit to Wild Oats Ltd via the Website.
Cookies – a small text file placed on your computer by this Website when you visit certain parts of the website and/or when you use certain features of the Website.
Data Protection Laws – any application law relating to the processing of personal Data, including but not limited to the Directive 96/46/EC (Data Protection Directive) or the GDPR, and any national implementing laws, regulations and secondary legislation, for as long as the GDPR is effective in the UK.
GDPR – the General Data Protection Regulation (EU) 2016/679.
Wild Oats Ltd, We or Us – Wild Oats Ltd, a company incorporated in England and Wales with the registered number 08365294.
UK and EU Cookie law – the Privacy and Electronic Communications (ED Directive) Regulations 2003 as amended by the Privacy and Electronic Communications (EC Directive) Regulations 2011.
User or you – any third party that accesses the Website
Website – https://woats.co.uk, and any subdomains of this site unless expressly excluded by their own terms and conditions.
Wild Oats Ltd may collect the following data, which includes personal data, from you:
Identity Data – includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
Contact Data – includes billing address, delivery address, email address and telephone numbers.
Financial Data – includes bank account and payment card details.
Transaction Data – includes details about payments to and from you and other details of products and services you have purchased from us.
Technical Data – includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Profile Data – includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
Usage Data – includes information about how you use our website, products and services.
Marketing and Communications Data – includes your preferences in receiving marketing from us and our third parties and your communication preferences.
How We Collect Data
Data is given to us by you.
Data is collected automatically via cookies.
Data That is Given to Us By You
When you contact us through the website, by telephone, post, email or any other means.
When you register with us and set up an account to receive our products and/or newsletters and/or loyalty scheme.
When you make payments to us, through this website or otherwise.
Data That is Collected Automatically
We automatically collect some information about your visit, which helps us make improvements to website content and navigation. This includes your IP address, the date, times, and frequency with which you access the Website and the way you use and interact with its content.
We will collect your data automatically via cookies, in line with the cookie settings on your browser.
CCTV is in operation for security purposes. Clear signs are displayed to inform customers according to guidelines. Access is available to designated staff who can assist customer enquiries.
How We Use the Data
Fulfilling customer orders.
Communicating throughout the order process.
Contacting you in the event of personal items left at Wild Oats Ltd.
Who We Share Data With
Our employees for processing orders.
Keeping Data Secure
We use technical and organisational measures to safeguard your data.
Access to your account is controlled by a password and a username that is unique to you. We store your data on secure servers.
Data stored in store is kept in staffed area out of public site. Data stored for repeat orders are kept in a file in staffed back-office for 6 months for reference or until parcels are received.
Newsletter and/or Loyalty customer names, phone numbers and email addresses are held securely in a database stored by Mailchimp.
Access to Mailchimp is password protected and used only by authorised designated staff.
Paper loyalty system sign-up forms are securely destroyed once data is input into database.
Password protection on any computerised files and shop phone.
Unless a longer retention period is required or permitted by law, we will only hold your data on our systems for the period necessary to fulfil your order, or until you request that the data be deleted.
Even if we delete your data, it may persist on archival data for legal, tax or regulatory purposes.
Any payment information entered in the payment process is not saved on any of our servers, this is dealt with in the third-party portal Stripe.
- Strictly necessary cookies – associated with sites using CloudFlare, used to speed up page load times. It does not contain any user identification information.
- Performance cookies – used to distinguish unique users by assigning a randomly generated number as a client identifier so Wild Oats Ltd can analyse website use.
- Targeting cookies – used by Facebook to deliver a series of targeted advertisement products such as real time bidding from third party advertisers.
Wild Oats Ltd may disclose your personal information if we are required by law to do so.
Customer data can only be accessed, altered, disclosed or deleted by designated authorised staff.
Security Access to Shop – Keyholders
Named authorised staff keyholders are kept on a list accessible by management staff.
2 additional authorised keyholders for deliveries are named by specific suppliers.
All keyholders have alarm codes for access.
Staff have training guidelines to follow when asking for and taking down customer data.
Training as part of induction with ‘refresher trainings’. This includes the 8 rights of individuals in data handled by the shop and high level of sensitivity.
Adherence to and Procedures to ensure individuals’ rights are covered, including deletion of personal data or provision of data electronically and in a commonly used format. These rights are:
- The right to be informed.
- The right of access.
- The right to rectification.
- The right to erasure.
- The right to restrict processing.
- The right to data portability.
- The right to object.
- Rights in relation to automated decision making and profiling.
You may contact Wild Oats Ltd by email at [email protected]