PHP Gift & Baby Ltd needs to gather and use certain information about individuals.  We are committed to protecting your personal data and we respect your privacy.  This privacy notice will inform you about the type of personal data we collect; through the use of our sites, any data you may provide when you sign up for a newsletter, make an enquiry, purchase a product, open an account with us or correspond with us by phone, email or otherwise and how we at PHP Gift & Baby Ltd use, disclose and protect that information.

Our data protection representative is responsible for overseeing questions in relation to this privacy notice.  If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact us using the details below.

The data we collect

  • Personal data – title, name, age, gender, date of birth.
  • Contact data – billing and shipping addresses, phone numbers, fax numbers, email addresses.
  • Geographical data – the country you visit our website from, your language preference.
  • Financial data – credit/debit details, PayPal account details, Apple Pay account details.
  • Transaction data – details of payments from you to us and from us to you (in relations to exchanges and refunds), products and services purchased from us.
  • Profile data – account details such as your username and password, preferences, clothing sizes, interests, feedback, comments, suggestions, survey responses.
  • Technical data – IP address, time zone and setting, internet or mobile data service provider, browser type and version, operating system and platform and the device type you are using to access our website.
  • Usage data – which of our website pages, products and services you interact with, which emails and other marketing materials you are sent and interact with.
  • Marketing and communication preferences – which marketing channels you are subscribed or unsubscribed to, how you prefer or prefer not to be contacted.
  • Social media data – information on which of our posts, ads or pages you follow or are subscribed to and any interactions you have with them.
  • Other information specific to customer surveys and/or offers.

We will not collect any special categories of personal data about you.  This includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data.  We do not collect any data about criminal convictions and offences.

How we collect your data

  • You place an order with us
  • Direct interactions; you may give us your identity, contact and financial data by corresponding with us by post, phone, email, face to face at events and exhibitions or otherwise
  • You open an account with us
  • You create an account on our website
  • Subscribe to our newsletters
  • Request marketing to be sent to you
  • Supplied to fulfil a marketing requirement (for example a gift is sent to you at our customers request)
  • Third parties or publicly available sources
  • Identity and contact data from data brokers or aggregators
  • Identity and contact data from publicly available sources such as Companies House and the Electoral Register based inside the EU

How we use your data

We will only use your personal data as the law allows us to.  Most commonly we will use your personal data in the following circumstances.

  • Process, evaluate and respond to your enquiries
  • To register you as a customer
  • To process and deliver your order
  • To manage our relationship with you
  • To perform the contract that we are about to enter into or have entered into with you
  • To send you newsletters and/or updates
  • To make you aware of our goods and services that may be of interest to you
  • To verify your identity
  • To operate, evaluate and improve our business

If you do not provide personal data

Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example to provide you with goods).  In this case, we may be unable to process an order for a product and fulfil our contract with you.  We will notify you at the time if this is the case.

Disclosures of your personal data

We may have to share your personal data for the purpose of fulfilling our contract with you.  These may include:

  • Internal third parties such as our employees or officers and legal entities within the company
  • External third parties including specialist IT support, suppliers and subcontractors for the performance of our websites and our contracts.
  • Courier companies to deliver your order; including DHL, Yodel, FedEx, DPD, APC, Hermes, Royal Mail, Interlink
  • Third party freight agents to deliver your goods
  • Card payment solutions; including WorldPay, PayPal, First Data Merchant Solutions
  • Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them.  If a change happens within our business, the new owners may use your data in accordance with this privacy policy.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law.  We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Transfers of personal data outside the European Economic Area (EEA)

The EEA includes all EU countries, as well as Iceland, Liechtenstein and Norway. The personal data that we collect about you may be transferred to, accessed, used or stored in, a country outside the EEA, either by us or by any of the third parties with whom we share your personal data, for example to the United States of America. Where your personal data is transferred to a country outside of the EEA and that country is not subject to an EU adequacy decision, we will ensure your data is protected by appropriate safeguards and that it continues to be governed by this privacy policy. These safeguards can be in the form of EU approved standard contractual clauses, a Privacy Shield certification, or a supplier’s Binding Corporate Rules.

Data Security

The security of your data is very important to us and we are committed to protect the personal information we collect about you.  We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way.  In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.  Your personal data is processed only on our instructions and are subject to a duty of confidentiality.  We have procedures in place to deal with a suspected data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

 

Data Retention

We will only retain your data for as long as necessary to fulfil the purposes we collected it for, satisfying any legal, accounting, or reporting requirements.  To determine the length of retention we will consider the amount, nature and sensitivity of the personal data, the possible risk from unauthorised use or disclosure, the purpose for which we process your personal data and whether we can achieve those purposes through other means and the applicable legal requirements.

Your legal rights

  • If you advise us that the data we hold about you is incorrect or incomplete we will correct and complete the information as soon as possible
  • You have the right to request that your personal data be deleted, we will delete your data immediately unless continued retention is necessary and permitted by law
  • You have the right to object to use processing your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
  • You have the right to request that we suspend processing your personal data, but hold it for you, in the event the data we hold is inaccurate, the processing is unlawful, or we no longer need the personal data. Once restricted, we will only continue to process your personal data if you consent or we have legal basis for doing so
  • You have the right to access information held about you and any access request will usually be free of charge.
  • You have the right to receive a copy of your personal data that you gave to us
  • You may withdraw your consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent
  • We may need to request specific information from you to confirm your identity and ensure your right to access your personal data.
  • We will try to respond to legitimate requests within one month. Occasionally it may take us longer if your request is complex or you have made a number of requests.  In this case, we will keep you updated.

 

Contact details:

PHP Gift & Baby Ltd
Email address: [email protected] 

Postal Address: Bown of London, Mill Mead, Staines-upon-Thames, Surrey, TW18 4UQ, UK

Should you have any concerns we would welcome the opportunity to deal with them in the first instance.  Please raise any concerns to [email protected] 

You have a right to make a complaint at any time to the ICO (Information Commissioner’s Office, the UK supervisory authority for data protection issues www.ico.org.uk

Cookies

A cookie is a small file which is placed on your device’s storage. If your browser permits, the file is added, and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyze data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer – however, this may prevent you from using or taking full advantage of the website.