At Bentons Kitchens we are committed to processing personal information about our customers in ways that comply with our legal obligations as well as being clear with our customers about what we do with their personal information. Some of the key points of our privacy statement are:
✔ We don’t sell your data to third parties
✔ We do make it easy for you to manage your information, you can change your communication preferences at any time
✔ We do use data to help us provide great customer service, which includes tailoring the information we share with you to help ensure that it’s relevant, useful and timely
We are Bentons Kitchens (Part of Stellison Limited, 2nd Floor, Boundary House 4 County Place, Chelmsford, Essex, CM2 0RE.)
We share your concern about the protection of your personal information and are committed to safeguarding your privacy.
This document covers information we collect about you, whether via our websites, through our customer service centre, in our stores, or otherwise. Please read it carefully to understand how your personal information will be treated.
We will be the “controller” of the personal information which you provide to us or which we collect from you.
1. Personal information that we collect
We collect a range of personal information relating to you, including your:
- email address;
- telephone number;
- IP address; and;
- any other personal information that you choose to provide to us when you complete our online contact forms or otherwise make contact with us.
2. How we use your personal information
We use your personal information as follows:
- to maintain our relationship with you whilst you are a customer;
- to process orders and provide agreed goods and services to you;
- for invoicing, processing payments, account set up and maintenance;
- to communicate with you, including to respond to information requests /enquiries submitted and/or to obtain your feedback on our products and services;
- for record keeping, statistical analysis and internal reporting and research purposes;
- to ensure data security and to provide you with access to secure areas of our Websites;
- to notify you about changes to our products and services;
- to monitor the quality of our products and services;
- for logistical purposes, including to plan and log delivery routes;
- to investigate any complaint, you make;
- to provide evidence in any dispute or anticipated dispute between you and us;
- to customise various aspects of our Websites to improve your experience;
- as we may otherwise consider necessary to support the operation of our Websites;
- to monitor and/or record telephone conversations to or from you in order to offer you additional security, resolve complaints, improve our service standards and for staff training purposes; and
- to protect the rights, property, and/or safety of Stellison, its personnel and others.
We may send you direct marketing in relation to our own products and services by email and post, as long as this is in line with any marketing preferences that you have provided to us.
We will only send you direct marketing in relation to our own products and services by email or SMS:
- where you have consented to this;
Your agreement to the use of your personal information for direct marketing purposes is optional and if you choose not to consent, your visit to and use of our Websites will not be affected.
You can choose to opt out of receiving direct marketing information from us at any time, through the ‘Unsubscribe’ link at the bottom of any email you receive, or by contacting us
- by mail – Stellison Limited, 14 Parsons Road South Benfleet Essex SS7 4PY.
- by email – firstname.lastname@example.org
- by telephone – 01268 638055
- by filling in the Contact us form on our website
We use ‘personalised ads’ sometimes called ‘remarketing’ or ‘interest-based ads’. These ads use non-personal data to track the activity on our website in relation to our ads on Facebook.
Facebook Pixel (retargeting)
Facebook Pixel helps give us statistics on our Facebook Ads. This information is non-personal user activity (such as conversions) after viewing our ads.
You can manage your preferences for this on the Network Advertising Initiative opt out page.
3. Legal basis for processing
In terms of the legal bases we rely on to process your personal information, these are as follows:
where you have provided your consent: for direct marketing communications in respect of our own products and services, including in respect of marketing communications sent by electronic means (e.g. email and SMS);
- for the performance of a contract with you (such as a contract for the provision of good and services) or to take steps at your request prior to entering into this contract;
- to comply with legal obligations, including in relation to health and safety and environmental legislation, performing anti- money laundering, terrorism prevention and sanctions screening checks, complaints and investigations or litigation;
- to protect your vital interests or the vital interests of another person, e.g. where you or they are seriously injured or ill, or
- for our legitimate interests in:
- management of your account (including processing payments) and our relationship with you, and communicating with you
- operating our Websites
- sending direct marketing in respect of our own products and services where you have not provided your consent and the marketing communication is sent by non-electronic means (e.g. post or telephone); processing orders and supplying our products and services; and
- our internal business purposes which may include processing for the purposes of: record keeping, research, reporting and statistics, data security, to ensure the quality of our products and services, investigating and responding to queries and complaints, obtaining credit references and credit checks, providing payment performance data to credit reference agencies, changing our pricing, debt collection, fraud detection and prevention, risk management, recruitment and training of our personnel, and protecting our rights, property and safety (and that of others). You can object to processing carried out on the basis of our legitimate interests at any time by emailing email@example.com ;
See also “Your Rights – The right to object”.
4. How we share your personal information
In addition to what is specified above, we may share your personal information with:
- third party provider(s) who provide the following types of services to us: warehousing and logistics, software, and customer relationship management;
- third party providers in order for us to process payments that are due to us, in doing so we provide bank card details to such providers;
- licensed credit reference agencies, debt collection agencies and lawyers when we carry out credit checks, to report on your payment performance and/or or seek to recover debts due to us;
- our accountants, auditors, lawyers or similar advisers when we ask them to provide us with professional advice;
- emergency services in the event that we need to report accidents or incidents or request emergency assistance;
- any Government Department, public body or other third party where we believe in good faith that the law requires this; in the interests of public health and safety; or in order to protect the rights, property, or safety of Stellison, its employees or others;
- any other third parties, if authorised by you to do so.
We ensure that, where your personal information is transferred to any country outside the European Economic Area this is done using “model clauses” (standard contractual clauses which have been approved by the European Commission as providing adequate safeguards to enable personal data to be transferred outside the European Economic Area) or other specific legally-approved safeguards.
5. How long we keep your personal information
We retain your personal information for no longer than is necessary for the purposes for which the personal information is collected. When determining the relevant retention periods, we will take into account factors including:
- legal obligation(s) under applicable law to retain data for a certain period of time;
- statute of limitations under applicable law(s);
- (potential) disputes, and;
- guidelines issued by relevant data protection authorities.
Otherwise, we securely erase your information once this is no longer needed.
7. Links to third party websites
Our Websites contain links to other Internet websites. Unless otherwise explicitly stated, we are not responsible for the privacy practices or the content of such websites, including such sites‘use of any personal information.
We use reasonable security methods to protect the personal information that we process, including Internet standard encryption technology (“SSL“or “Secure Socket Layer“ technology) to encode personal information that you send to us through our Websites. SSL works by using a private key to encrypt data that ‘s transferred over the SSL connection. To check that you are in a secure area of the Website before sending personal information to us, please look at the bottom right of your website browser and check that it displays an image of a closed padlock or an unbroken key.
However, please note that whilst we take appropriate technical and organisational measures to safeguard the personal information that you provide to us, no transmission over the Internet can be guaranteed to be secure. Consequently, please note that we cannot guarantee the security of any personal information that you transfer to us over the Internet.
9. Your rights
The following section explains your rights. The various rights are not absolute and each is subject to certain exceptions or qualifications.
We will grant your request only to the extent that it follows from our assessment of your request that we are allowed and required to do so under data protection laws. Nothing in this Privacy Statement is intended to provide you with rights beyond or in addition to your rights as a data subject under data protection laws.
1. The right to be informed
You have the right to be provided with clear, transparent and easily understandable information about how we use your personal information and your rights. This is why we’re providing you with the information in this Privacy Statement.
2. The right of access
You have the right to obtain a copy of your personal information (if we’re processing it), and other certain information (similar to that provided in this Privacy Statement) about how it is used.
This is so you’re aware and can check that we’re using your personal information in accordance with data protection law.
We can refuse to provide information where to do so may reveal personal information about another person or would otherwise negatively impact another person ‘s rights.
3. The right to rectification
You can ask us to take reasonable measures to correct your personal information if it’s inaccurate or incomplete. E.g. if we have the wrong date of birth or name for you.
4. The right to erasure
This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your personal information where there’s no compelling reason for us to keep using it or its use is unlawful. This is not a general right to erasure; there are exceptions, e.g. where we need to use the information in defence of a legal claim.
5. The right to restrict processing
You have rights to ‘block’ or suppress further use of your personal information when we are assessing a request for rectification or as an alternative to erasure. When processing is restricted, we can still store your personal information, but may not use it further. We keep lists of people who have asked for further use of their personal information to be ‘blocked’ to make sure the restriction is respected in future.
6. The right to data portability
You have rights to obtain and reuse certain personal information for your own purposes across different organisations. This enables you to move, copy or transfer your personal information easily between our IT systems and theirs (or directly to yourself) safely and securely, without affecting its usability. This only applies to your personal information that you have provided to us that we are processing with your consent or to perform a contract which you are a party to (such as pay and compensation services), which is being processed by automated means.
7. The right to object
You have the right to object to certain types of processing, on grounds relating to your particular situation, at any time insofar as that processing takes place for the purposes of legitimate interests pursued by BOC or by a third party. We will be allowed to continue to process the personal information if we can demonstrate “compelling legitimate grounds for the processing which override [your] interests, rights and freedoms” or we need this for the establishment, exercise or defence of legal claims.
8. Rights in relation to automated decision making and profiling
You have the right not to be subject to a decision based solely on automated processing (including profiling), which significantly affects you, subject to some exceptions. Where this is the case, you have the right to obtain human intervention, voice your concerns and to have the decision reviewed.
10. Updating this statement
We review our privacy practices from time to time. We ask that you bookmark and periodically review this page for updates to our Privacy Statement. We reserve the right to modify this policy effective seven (7) days after the posting of the revised Privacy Statement.
11. Contact us
For further information regarding these rights, about this Privacy Statement generally or to make a complaint please contact firstname.lastname@example.org Please provide as much information as possible to help us identify the information you are requesting, the action you are wanting us to take and why you believe this action should be taken.
Before assessing your request, we may request additional information in order to identify you. If you do not provide the requested information and, as a result we are not in a position to identify you, we may refuse to action your request.
We will generally respond to your request within one month of receipt of your request. We can extend this period by an additional two months if this is necessary taking into account the complexity and number of requests that you have submitted.
We will not charge you for such communications or actions we take, unless:
- you request additional copies of your personal data undergoing processing, in which case we may charge for our reasonable administrative costs, or
- you submit manifestly unfounded or excessive requests, in particular because of their repetitive character, in which case we may either: (a) charge for our reasonable administrative costs; or (b) refuse to act on the request.