Hairyfish Data Protection Statement
The General Data Protection Regulation and Data Protection Acts 1988-2018 apply to the processing of personal data. Hairyfish is committed to complying with its legal obligations in this regard. We collect and process personal data relating to its customers, suppliers, potential candidates and our employees, in the course of business in a variety of circumstances, and to protect the legitimate interests of the organisation.
This notice covers any individual about whom Hairyfish processes data. This may include current and former clients and current and former suppliers. Processing of data includes: collecting; recording; storing; altering; disclosing; destroying; and blocking. Personal data kept by Hairyfish shall normally be stored on a CRM electronic database. The organisation has appropriate security measures in place to protect against unauthorised access.
Customers & Suppliers
Hairyfish are committed to processing personal information about our customers in ways that comply with our legal obligations as well as being clear with our customers about what we do with their personal information. Some of the key points of our privacy statement are:
We don’t sell your data to third parties
We aim to make it easy for you to manage your information, you can change your communication preferences at any time
We do use data to help us provide great customer service, which includes tailoring the information we share with you to help ensure that it’s relevant, useful and timely
We control the personal information which you provide to us or which we collect from you.
The range of personal information relating to you, includes:
credit or debit card information and/or other payment information which you have provided and requested that we store for future purchases
any other personal information that you choose to provide to us when you complete our online contact forms or otherwise make contact with us.
We use your personal information:
to maintain our relationship with you whilst you are a customer;
to process orders and provide agreed goods and services to you;
for invoicing, processing payments, account set up and maintenance;
to communicate with you, including to respond to information requests /enquiries submitted and/or to obtain your feedback on our products and services;
for record keeping, statistical analysis and internal reporting and research purposes;
to ensure data security and to provide you with access to secure areas of our Websites;
to notify you about changes to our products and services;
to decide on and notify you about price changes;
to monitor the quality of our products and services;
for logistical purposes, including to plan and log delivery routes;
to investigate any complaint you make;
to provide evidence in any dispute or anticipated dispute between you and us;
to customise various aspects of our Websites to improve your experience;
as we may otherwise consider necessary to support the operation of our Websites;
to obtain credit references, credit checks and for debt collection, fraud detection and prevention and risk management purposes;
We may send you direct marketing in relation to our own products and services by phone and email, as long as this is in line with any marketing preferences that you have provided to us.
We will only send you direct marketing in relation to our own products and services by email:
where you have consented to this; or
where you have not objected to this, and we are marketing similar products and services to those which were the subject of a previous sale or negotiations of a sale to you.
How long we keep your personal information
We retain your personal information for no longer than is necessary for the purposes for which the personal information is collected. When determining the relevant retention periods, we will take into account factors including:
legal obligation(s) under applicable law to retain data for a certain period of time;
statute of limitations under applicable law(s);
(potential) disputes, and;
guidelines issued by relevant data protection authorities.
Otherwise, we will securely erase your information once this is no longer needed.
Under the General Data Protection Regulation (GDPR) and The Data Protection Act 2018 (DPA) you have a number of rights with regard to your personal data. You have the right to request from us access to and rectification or erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability.
If you have provided consent for the processing of your data you have the right to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn.
Identity and contact details of controller and data protection officer
Hairyfish is the controller and processor of data for the purposes of the DPA and GDPR.
Should you have concerns with regard to our personal data, please email [email protected]