We are dedicated to protecting your data and ensure we comply with GDPR. We maintain the technical, security and organisational measures to protect personal data against unlawful use, accidental loss, damage or disclosure.
How do we collect your information?
When registering to use our website you are agreeing to disclose your personal information to us. Upon registration you will be asked to provide information such as your name, address and email address. This information allows us to process and fulfil your order as well as notifying you on your order status. We will not use your details for marketing activity unless you consent to receiving emails from us. You can unsubscribe from these emails at any time by clicking ‘unsubscribe’ at the end of our newsletters.
How do we use your information?
We will not sell or disclose any personal data to any third party unless required to do so by law. We use a sub-processor for IT support who are also GDPR compliant.
Retention of Data
We will not retain order data longer than is necessary to fulfil the purposes for which it was collected. Data obtained for order processing will be kept for 120 days for order query, refund and replacement purposes. From there, this data will be archived for VAT purposes.
Securing your personal information
We use Secure Socket Layers (SSL), the most advanced security system available. All the personal information you enter, including your name, address, is encrypted by secure server software before it is safely transmitted across the internet. All data is held on servers which are located in Manchester (UK). The EEA comprise of Austria, Belgium, Bulgaria, Croatia, Republic of Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden and the UK. Personal data can be transferred, processed and stored within these countries safely and securely as they offer an adequate level of protection to personal data in comparison to the UK.
There are number of additional countries that can also offer an adequate level of protection these are Andorra, Argentina, Canada, Faroe Islands, Guernsey, Israel, Isle of Man, Jersey, New Zealand, Switzerland, Uruguay and the US.
For the purposes of providing this service currently your data is stored within the UK. If your information is to be sent outside Europe, we will make sure that it will be subject to standards of protection and security that are as high as those we use here in the UK.
We take your data very seriously therefore we will always conduct a full review of all our supplier’s processes and procedures including storage solutions for our data. To ensure adequacy when sending your data outside of the EEA we put in place contracts based on the Standard EU Model Contract Clauses which are designed by the European Commission to guarantee adequacy for any data transfer and processing of this nature.
Securing your password
When you register, you do so as an individual. You must not share your username and password with anyone else. We know that you may use the same password for other internet accounts, and that it is highly sensitive. Rest assured, your password will remain encrypted and we do not have access to it
Credit Card Transactions
Your card details are not recorded or stored in our database. They are encrypted and transferred securely to our payment service provider for immediate authorisation. Once we have received authorisation from the payment service provider we will confirm your order.
GDPR and Your Rights
However, please be aware that restricting or blocking cookies set on speshgifts.com may impact the functionality or performance of the speshgifts.com website, or prevent you from using certain services provided through speshgifts.com. It will also affect our ability to update speshgifts.com to cater for user preferences and improve performance.