Passed in 2016, the General Data Protection Regulation (GDPR) is the most significant legislative change in European data protection laws since the EU Data Protection Directive (Directive 95/46/EC), introduced in 1995. The GDPR, which came into force 25 May 2018, seeks to strengthen the security and protection of personal data in the EU and serve as a single piece of legislation for all of the EU. It will replace the EU Data Protection Directive and all local laws relating to it.
We support the GDPR and will ensure all Treezy services comply with its provisions. Not only is the GDPR an important step in protecting the fundamental right of privacy for European citizens, it also raises the bar for data protection, security and compliance in the industry.
- Who We Are
- What We Collect and Store
- Who On Our Team Has Access
- What We Share with Others
- Contact Form
- Where We Send Your Data
- How Long We Retain Your Data
- What Rights You Have Over Your Data
- Contact Us About Your Privacy
- How We Protect Your Data
- What Data Breach Procedures We Have in Place
Who We Are
Treezy.co.uk is owned and operated by Brighter Starts Learning Tree Ltd (BSLT). BSLT respects your privacy. We offer toys and aids for families and teachers working with children and adults on the autism spectrum.
What We Collect and Store
While you visit our site, we’ll track:
- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
- Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order.
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your client account
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings
- Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We will also store comments or reviews, if you choose to leave them.
Who On Our Team Has Access
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
- Order information such as what was purchased, when it was purchased and where it should be sent
- Customer information such as your name, email address, and billing and shipping information
Our team members have access to this information to help fulfill orders, process refunds and support you.
Cookies are small text files that can be used by websites to make a user’s experience more efficient. The law states that we can store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies we need your permission. This site uses different types of cookies: necessary, preferences, and statistics.
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
When You Leave a Comment
If you leave a comment or review on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
For Accounts and Logins
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select ‘Remember Me’, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
What We Share with Others
We share information with third parties who help us provide our services to you. Third parties include payment processors, newsletter services and email services.
We accept payments through Stripe and PayPal. The information that is shared with a payment provider in order to process payments includes:
- Phone number
- City/Post Code
- Unique payment identifier
- Payment provider identifier
Stripe sets the following cookies:
If you choose to subscribe to our newsletter, your personal data will be shared with our newsletter service, MailChimp. This includes:
You can remove consent to be included in our newsletter at anytime by clicking the ‘Unsubscribe’ link at the bottom of newsletter emails or by submitting a removal request to email@example.com.
If you send us a message via a contact form, your personal data will be shared with our email client. This includes:
- Your message
We use Gmail as part of Google Cloud for our email client. You can read about Google Cloud and GDPR compliance here.
Moreover, in order to send messages from our contact form, our site uses the Mailgun Plugin for WordPress. Mailgun receives SMTP requests from our site and processes / sends the message to our email address. Mailgun collects your name, email, subject line and message body. Mailgun is fully GPDR compliant; all our site’s Mailgun data is stored in the EU.
Where We Send Your Data
Visitor comments and reviews may be checked through an automated spam detection service.
Finally, we use Facebook Pixel. You can control your privacy settings here.
How Long We Retain Your Data
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for 7 years for tax and accounting purposes, as per HMRC guidelines for limited companies. This includes:
- Billing and shipping addresses
If you leave a comment or submit a support request, the comment or support request and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments / support requests automatically instead of holding them in a moderation queue.
For users that register on our website, we also store the personal information you provide in your user profile. You can see, edit, or delete your personal information at any time (except you cannot change your username). To do so, login and visit the My Account page. Alternatively, contact firstname.lastname@example.org, as website administrators can also see and edit that information.
What Rights You Have Over Your Data
If you have an account on this site, or have left comments or reviews, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes. Please send Right of Access or Right of Erasure Requests to email@example.com.
Contact Us About Your Privacy
Have questions or concerns about your privacy? Please contact us:
Knatts Valley Road
Kent TN15 6XX
How We Protect Your Data
We seek to protect your data in a number of ways, such as:
- our site uses an SSL connection
- we use 2-factor authentication with our third-party services when applicable
What Data Breach Procedures We Have in Place
If data breaches are detected, we contact anyone affected via email as soon as the breach is discovered.