Little Houndales Knits is the trading name of C Foster & Sons, the company which owns and manages this website. We regularly review and update our policies to monitor and deliver compliance with the General Data Protection Regulation 2016 (GDPR) and electronic communication regulations.
The named Data Controller at C Foster & Sons trading as Little Houndales Knits, is Katherine Foster and may be contacted by email: email@example.com, by telephone: 01377 255093, or in writing: Katherine Foster, Little Houndales Knits, Little Houndales Farm, Nafferton, Driffield, East Yorkshire, YO25 4LF.
If we change this policy, which we may do occasionally, this page will be updated as appropriate. So to ensure that you are happy with any changes, you should check this page from time to time. This policy is effective from 25 May 2018.
The GDPR gives specific rights to people with regard to their personal data and duties to those collecting and processing it as follows:
For those collecting data:
- the data must be collected lawfully and transparently
- it must be used only for the reason stated for its collection
- data collection should be limited to that necessary data for the stated purpose
- data must be kept accurate and up to date
- data must only be stored as long as necessary for the purpose for which it was collected
- data security and integrity must be maintained
Individuals providing data have the following rights:
- the right to be informed of the data held
- the right of access to that data
- the right to rectification of any incorrect data
- the right to erasure
- the right to restrict processing
- the right to data portability
- the right to object; and
- the right not to be subject to automated decision-making, including profiling.
This means that we will request explicit consent to the collection and holding of personal data and for processing it for specific purposes, as described below.
We may collect the following information:
- name and title
- contact information, including email address and telephone number
- demographic information like an address and postcode
- legally required information such as business VAT numbers
- past order history
- other information relevant to customer surveys and/or promotional offers, such as interest in particular sheep breeds or yarn types
We collect the information in order to provide you with a better service and products, in particular for the following reasons:
- to provide you with the goods and services you have ordered from us
- internal record keeping and accounting, including legal obligations such as VAT numbers
- to improve our products and services
- if you consent, we may use your email address to contact you with news or promote new products, special offers or other information we think you may find interesting
- occasionally, we may also use your information to contact you by email, phone or mail for market research purposes. We may also use the information to customise our website to account for your interests
If you create an account in our online shop this will enable you to place orders more quickly.
If you sign up for our newsletters, this is done directly into the Mail Chimp database so we rely on their confirmed compliance for this, and check it regularly.
If you follow us on third party platforms such as Ravelry, Facebook, Twitter, Instagram or Pinterest, you will be relying on their data protection and not ours.
Managing your information:
We do not pass any information we collect to anyone else for any purpose with the following exceptions:
- to specific third parties such as Mail Chimp or Survey Monkey in order to deliver our newsletters and market research, and we check with them that the data is secure and used only for the stated purpose
- where legally obliged to do so
We undertake impact assessments for any new information streams or processing methods.
If we wish to pass on any information other than as above we will contact you first for your permission which you are entitled to refuse. This includes putting people in touch with potential partners, suppliers or customers or other databases of use and we will not do this without first asking you.
If you are trading in your own name as a small business and have a website, we may pass on the website address to others if we think it will help you and them with information or business opportunities and we will notify you if we do so. It is important as stated below that any direct links are not secured by this policy and are the responsibility of the owner of the website concerned.
We normally store most information electronically in our computer system, which has encryption, anti-virus and malware protection measures, and back-up facilities. Some information is stored remotely in the cloud and also accessed from remote locations where our staff are not working at our offices and this is also subject to the same protections.
Some information is stored in paper format and we do store this for as long as possible to make it easier to discuss future orders with customers. Normally we will not destroy this paper or electronic information unless and until notified by you that it should no longer be kept as we know that some of our customers rely on this for future orders even after a gap of several years. We will not give past order information to anyone other than the specific customer unless requested to do so by that customer.
We will normally archive information on people who have not been in touch with us for six years and destroy information on people who have not been in touch with us for more than ten years unless we are legally obliged to retain it. If we do this we will attempt to contact you at your last known contact address to confirm this action.
Transactions using bank information:
We prefer to receive payments for services via PayPal, as it is quick and secure. We do also invoice via PayPal and accept cheques (which must be cleared prior to dispatch of any goods.
Where we receive payments in our online shop, we use a secure payment service, PayPal, so that all your data is protected by their systems. We undertake regular monitoring to comply with the PCI-DSS (Payment Card Industry Data Security Standard) system run by banks and payment processors to ensure this.
We do not accept any payment information by email so please do not send it to us! If you wish to make a phone payment we process either directly onto our machines from your instructions or immediately shred the information once it has been successfully used. This does mean that you will have to give us this information every time you wish to undertake a transaction in this way.
We are committed to ensuring that the information you give us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures that safeguard and secure any information we collect on-line.
As keeping information about you secure is important to us, certain sections of the site may encrypt data using SSL or a comparable standard. But no data transmission over the Internet can be guaranteed as totally secure. As a result, whilst we strive to protect your personal information, we cannot ensure or warrant the security of any information which you send to us, and you do so at your own risk.
If we become aware of a data breach we will inform the Information Commissioner’s Office (ICO) and also notify anyone we believe may have been affected.
A cookie is a small text file stored by your browser that is used to hold information related to your visit to our website. It may include shopping basket items and data that help us analyse web traffic.
Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
Overall, cookies help us provide a better website. They enable us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can accept or decline cookies. Most web browsers automatically accept them, but if you prefer you can usually modify your browser setting to decline cookies. But this may prevent you taking full advantage of the website.
We use the information collected from these cookies to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. This information is used for statistical analysis purposes only. It is then removed from the system.
Links to other websites
Our website may contain links to other websites that you may find of interest. Please note that once you have used these links to leave our site, we do not have any control over the other website. We cannot, therefore, be responsible for the protection and privacy of any information which you provide while visiting other sites not governed by this privacy statement. Please exercise caution and look at the privacy statement applicable to the website in question.
Controlling personal information
You may choose to restrict the collection or use of your personal information in the following ways:
- Whenever you are asked to fill in a form on the website, tick only boxes for you which are giving consent and look for the box that you can click to indicate that you do not want the information to be used by us for direct marketing purposes
- If you have previously agreed the use of your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at firstname.lastname@example.org.
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required to do so by law. It is possible that we may use your personal information to send you promotional information about third parties which we think you may find interesting, but only if you tell us that you wish this to happen.
You may request details of personal information which we hold about you under the Data Protection Act 1998 and GDPR 2016. If you would like a copy of the information held on you please write to us at Little Houndales Knits, Little Houndales Farm, Nafferton, Driffield, East Yorkshire, YO25 4LF, UK. We are obliged to respond within a month
If you believe that any information we are holding on you is incorrect or incomplete, please write or email us as soon as possible. We will correct any incorrect information as soon as we can.
You may ask us to remove all information about you and we will do so, confirm to you that we have done so and then hold a record to show that we have done this, which will therefore include your name and contact details for legal compliance reasons.
Please note the following definitions
Browser: A software application used to locate and display web pages
Cookie: A message given to a web browser by a web server. The browser stores the message in a text file called cookie.txt. Each time the browser requests a page from the server, this message is sent back. A cookie’s main objective is to identify users and personalise their visit by customising web pages. This means visitors will be welcomed by name when they next visit the site. A site using cookies will usually invite you to provide personal information including your name, email address and interests.