IntroductionYour privacy is important to us. This privacy statement explains what personal data we collect from you and how we use it.
Who are we?
We’re Bootea Ltd, a passionate company aiming to promote an active, health and balanced lifestyle. The registered address is Unit 8, Coopers Court, Coopers Lane, Liverpool, L33 7UB and the company number is 08330909. To get in touch, please email Support@Bootea.com
How we use your information?
Use of information: You will always have the opportunity to decline marketing information and updates before you submit your personal details to us. If you choose to receive marketing updates when submitting your personal information, we may contact you by mail, telephone or email to provide details of services, newsletters and events that are deemed relevant to you. For this purpose, we may disclose your information to our agents and service providers. When purchasing from us, we may also disclose your name and email address to third party review service providers. If you would like to withdraw consent to receive marketing updates or any other communications, please let us know.
This notice tells you what to expect when Bootea Ltd collect personal information. This applies to the information we collect about:
- Visitors to our website
- Create an account
- Sign up to our newsletter
- Purchase a product on our website
- Chat with us
- Contact us via contact us page
1. Visitors to our website (Analytics and Advertising)
When someone visits www.bootea.co.uk or www.bootea.com we use third party services, such as Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site; in order to improve the overall website performance and user experience. This information is only processed in a way which is anonymous and does not identify anyone. We do not make, and do not allow these third party service providers to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.
We may display interest-based ads to you when you are using Facebook through a tool offered by Facebook called Custom Audience. This tool allows us to personalise our ads based on your shopping experience with us. We do not share any of your personal information, including your shopping history, with Facebook. This tool helps us convert your email address to a unique number that Facebook uses to match to unique numbers Facebook generates from email addresses of its users.
2. Create an Account
We use a third party provider, Shopify as the platform for our e-commerce transactions. When you create an account, Shopify collects information about you including your name, email address, number of orders for customers to easily access their account and be able to see relevant account information. For more information, please see Shopify’s privacy notice. We use a third party provider, Klaviyo to deliver our promotional and marketing emails and sms. If you accept to receive marketing, you will go onto our subscriber list for Klaviyo. For more information, please see Klaviyo’s privacy notice: https://www.klaviyo.com/legal/privacy-notice
3. Sign up to our newsletter
If you consent to receive promotional and marketing material from us, your email address and phone number will go to Klaviyo. We gather statistics around email/sms opening and clicks using industry standard technologies to help us monitor and improve our email/sms marketing.
4. Purchase a product on our website
When you purchase, information will go to some Third party providers so we can process your order and improve your customer experience. For example:
Shopify will collect data to be able to process and delivery the order
Klaviyo which will collect data to email/sms you further promotional, product and marketing information.
5. Chat with us
We use a third-party provider, to manage our live chat and customer service experience. Customers will sometimes provide their email and name, which Zendesk will store for 2 years.
6. Contact Us
We use a third-party provider, Helpscout to manage our contact us queries. Customers provide their email and name, which Helpscout will store for 2 years.
What type of information is collected from you?
The personal information we collect might include your name, address, email address, IP address, card details and delivery details to be able to carry out the requirements.
What is the purpose of processing this information?
The purpose of collecting information is made clear to you at the point of information collection.
We process information based upon consent.
Who do we share this information with?
Bootea will never independently sell personal information for commercial purposes. However, Bootea does disclose personal data to third parties or allow third parties to access personal data to help provide services, such as:
To collect data for inventory management and demand planning
To respond and manage support inquiries
Bootea may also provide personal data, where permitted, to prevent, investigate, or respond to:
- Potential fraud
- Illegal conduct
How long do we keep this data for?
We keep personal data for promotions and marketing for 2 years. We keep finance data for business purposes for as long as necessary.
How can we make sure your data is secured?
To protect your personal information, we take reasonable precautions to seek to ensure that it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
Your data is encrypted by Shopify using the HTTPS protocol for secure communication over a computer network.
Shopify also encrypts any sensitive stored information, and salts and hashes passwords using bcrypt.
If you provide us with your credit card information, the information is encrypted. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
Under the Data Protection Act 1998, you have rights as an individual which you can exercise in relation to the information we hold about you.
Access to Personal Information
Individuals can find out if we hold any information by making a ‘subject access request’ under the Data Protection Act 1998. To make this request, please put the request in writing to the address below:
FAO Data Protection Champion
Unit 8 Coopers Court
If we do hold information about you, we will:
- Give you a description of it
- Tell you why we are holding it
- Tell you who it could be disclosed to
- Let you have a copy of the information
FAO Data Protection Champion
Unit 8 Coopers Court
The EU General Data Protection Regulation (GDPR) is a privacy and data protection regulation in the European Union effective from May 25 2018.
The GDPR imposes new obligations on organisations that control or process personal data and introduces new rights and protections for EU citizens.
We are committed to ensuring that your privacy is protected and we strictly adhere to the provisions of all relevant Data Protection Legislation, including GDPR, ensuring all personal data is handled in line with the principles outlined in the regulation that state:
Personal data shall be:
- Processed lawfully, fairly and in a transparent manner in relation to the data subject
- Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
- Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
- Accurate and, where necessary, kept up to date
- Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed
- Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures
Bootea Limited respect our customer and learner’s rights to data privacy and protection and as such we have revised our internal policies, procedures, working practices in order to meet the requirements of the GDPR.
We place a high priority on protecting and managing data in accordance with accepted standards and indeed helping our customers utilise our products and services to the same end.
Bootea Limited are committed to compliance with the GDPR as both a processor and controller of personal data and have established a working group to lead our GDPR implementation project and ensure compliance on an ongoing basis.