We're committed to protecting your privacy and will only use the information that we collect about you lawfully. You can check the information that we hold about you by contacting us.
We'll never sell your information to another company for their own marketing purposes.
What sorts of personal information do we hold?
Information collected includes your name, billing and delivery address, email for order updates, phone for order queries / delivery updates and order history . Order history lets us keep a track of any order updates, emails or security risks. We also store your IP address to manage fraud and security risks.
When you make an order and give us personal details, we use a secure webpage (HTTPS encrypted) and secure database server (password protected). We only collect details we need to complete your order and will ask for permission before sending any marketing emails.
Our lawful basis for processing your personal information
GDPR Rules require us to tell you the “legal basis” for processing your personal information. They are:-
- Consent: You have told us you are happy for us to process your personal information for a specific purpose; (e.g. cookie consent)
- Legal obligation: We are required to process your personal information by law. (e.g. keeping details for Accouting and HMRC)
- Legitimate interests: The processing is necessary for us to conduct our business (e.g. storing personal details while making an order). We also process your data in order to protect us and our customers from fraud.
How do we use your personal information?
We may use your information in the following ways:
To provide our products and services - we need to use your personal information to make our products and services available to you, process your order and keep you informed of it's progress.
For safety and security - We use customers details and location (e.g. Address / IP address) to help minimise fraud to us and the customer.
Analytics and profiling - we use your personal information (e.g. IP address) for statistical analysis and to help us understand more about our customers. Remembering which pages you visit helps us to guide customers when they call for advice and track popular pages and products.
Load balancing our system - We also remember IP addresses and browser details to stop automated robots from slowing down our system.
Contacting you - we use your personal information to contact you in relation to your order. If you ask us to, we will email you discount vouchers, exclusive offers and newletters. You can opt out at any time in our emails or via our website and your email address will be deleted from this list. We'll never sell your details to another company for marketing.
Sharing your information with other companies
If you specify a "delivery phone number" and we use a courier (usually Royal Mail or DPD), we'll give them this number in case of any difficulty delivering your parcel. Some couriers give a delivery window and tell you when to expect your parcel via a text message to your mobile phone and email address. We'll also give the delivery company your name, delivery address and delivery instructions
If you tell us your parcel is delayed we will contact the delivery company to ask for re-delivery. We will need to supply your name, address and contact number
Supplier Direct Orders
Some orders are shown as "supplier direct", so we will pass on your name, address and number for delivery purposes only.
We share our invoice details with our accountants, and if requested HMRC. Invoices include your name and address.
We pass your name and address to our payment processing company - Paypal. This helps to speed up completing your credit card payments.
We do not store or have access to credit/debit card numbers, expiry dates or card security codes. On-line payments are taken directly from our credit card processing company (which uses 128 bit SSL encryption and anti-fraud technology).
The GDPR rules gives you various rights about the information we hold about you. They include:-
- the right to access a copy of the personal information we hold about you
- the right to correction of inaccurate personal information we hold about you
- the right to restrict our use of your personal information
- the right to be forgotten
- the right of data portability
- the right to object to our use of your personal information.
We will need to verify your identity before we can action any of the above rights, to protect you data from fraud. We'll action any request within 28 days.
How long will we keep your personal data?
We wont keep your personal information longer than necessary.
We have a legal responsibility to keep invoice details for 7 years (HM Revenue and Customs). For fraud prevention, monitor security risks, to process charge back requests (via Credit Card Companies) we record IP address used on our website and keep these details for 2 years. Customers that request marketing emails can be removed any time, although we will remove older entries after 5 years.
Delphi Solutions Ltd (trading as The Baby Collection and Baby C) are the data administrators and controllers, also refered to by "We", "Us" and "Our" in this policy.
The easiest way to contact us is via Customer Service, by sending an online message, email or calling. We can be contacted at The Baby Collection, 3 Chilton Cl, High Wycombe, HP10 8AQ.
You also have the right to lodge a complaint with the UK regulator, the Information Commissioner. Go to ico.org.uk/concerns to find out more.
Updated 31-May-2018 for GDPR
(General Data Protection Rules)