OCEANROCKS is committed to upholding principles of protecting people’s personal details.
This plan sets out how we will do that to meet requirements of General Data Protection Regulations (GDPR).
OCEANROCKS is a:
Data Controller – we determine the purpose and means of processing personal data
Data Processor – we process personal data
Uses third party processers – companies which process data on our behalf
OCEANROCKS will abide by the following GDPR principles to ensure your data is
-Processed lawfully, fairly and in a transparent manner
– Only collected for specific and lawful purposes
– Only collected when it is relevant
– Accurate and kept up to date
– Only kept for as long as is necessary
– Processed in a way that is secure
Following an audit and analysis of the data we collect and process, OCEANROCKS does not consider it controls or processes sensitive personal data or where there is high risk to data subjects.
OCEANROCKS does not need to appoint a statutory data protection officer. Contact email@example.com if you have any questions or concerns regarding our data protection policies.
OCEANROCKS controls and processes personal data in line with lawful reasons set out under GDRP. These are:
Consent – we collect and process your data in specific circumstances with your consent, for example when you tick a box or complete a form to receive eNewsletters.
Contractual – we need your data to fulfil the contractual obligation between us, for example when you order online from us we need your address to deliver your order.
Legal compliance – where the law requires us to share your data, for example in case of fraud or similar criminal investigation.
Legitimate interest – where we may require to use your data for a legitimately as reasonably expected as part of running a business, and which does not materially affect your rights, freedom or interests.
The GDPR provides the rights for individuals. Those applicable to our control and process of your data are:
You have the right to access your personal data. You can make a subject access request and we will respond within one month, without charge in most circumstances
We will correct your personal data if it’s incorrect or out of date.
We will respond to requests for the data we hold about you to be deleted within one month. In most cases erasure is possible but in some cases this may not be possible, e.g. the data subject to criminal investigation.
You may restrict the way we use your data, and/ or withdraw consent for us to use your data any time.
You can obtain personal data for your own purposes, for example your order history with us.
You can object to the processing of your personal data in certain circumstances – and have an absolute right to object for direct marketing.
By email: firstname.lastname@example.org
PO BOX 9120
Verbally: 01305 815925
This will ordinarily be processed in one month without charge. We will explain the reasons why if we cannot fulfil your request.
Our decisions will be made in accordance with Information Commissinor Office (ICO) Guidance.
To protect the confidentiality of the data we hold, we will ask you, or any third party applying on your behalf, to verify your identity before we proceed with your request.
Collection of personal data for marketing reasons will be on the basis of consent using an opt-in principle. We will be transparent and clear about what we are collecting and using your data for, e.g. eNewsletter sign up and adhere to individual rights under GDPR and the Privacy & Electronic Communications Regulations (PECR). You may withdraw consent of use of your data for marketing purposes at any time (see individual rights above).
OCEANROCKS has undertaken a data protection audit and analysis to identify what data it collects and how it uses that data lawfully under legal basis identified above.
When you sign up for an account on our website/ or other form you may submit your name, address, phone and email details.
When you buy from us from our website, face to face or via a third party we may collectyour name, address, phone, email details and order details, which may include garment size to fulfil the contract between us.
We may collect your name, address, phone, email and social media details when you sign up (opt-in consent) for marketing eNewsletters, promotions, enter a competition or similar on our website or at an event.
When you contact us, or we correspond, for any reason you may submit personal information for query, complaint other purpose, by phone, website contact form, face-to-face, via social media message or similar contact channel.
You may submit your personal details, when you engage with us on social media, e.g. leave a review, post a picture or like/ sign up to one of our accounts.
We collect and hold data of our staff, suppliers and business contacts and this is used for legitimate business purposes.
We work with third parties who legitimately process data on our behalf. OCEANROCKS has a duty to ensure these companies are GDPR compliant. We provide only the information necessary for them to perform their specific functions. Examples include:
-Delivery companies who deliver orders to you from us, e.g. Royal Mail
-Companies who support our website to host, back-up, maintain, protect and improve it
-I.T. or other companies who support our normal business system
-Payment processors companies who process card payment transactions securely on our behalf. OCEANROCKS does not store or have access to your payment card information but has a responsibility to ensure these companies are GDPR compliant
-Marketing companies – such as an eNewsletter company which stores emails and we use to create send email
-Legitimate organisations – we may be requested to disclose your details to the police or similar body, e.g. for a fraud investigation.
We will keep your data for as long as it was necessary for the purpose it was collected for. We will delete your data if it is no longer lawful for us to process in the future, e.g. future data protection regulation or you submit a right to erasure request.
Personal data security is of upmost importance to us, all our customers and contacts, and we treat it with great care and take measures to protect it.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect, store or process online or in any other location, e.g. I.T. systems.
Access to any personal data on our website or other systems is password protected. We secure our website with ‘https’ technology and it is secured and protected by SSL certificate encryption – shown by a padlock in the url website address. Our website is hosted on a secure server and is backed up, maintained and protected by our website company.
We do not process or store your payment card information. Transactional data is processed by our payment provider which is PCI DSS (Payment Card Industry Data Security Standard) compliant with appropriate encryption and processes to safeguard your data and transactions.
In the event of a data protection issue we will take action in accordance with our data security action plan, and act in accordance with the Information Commissioners Office (ICO) guidelines.
We hope that this privacy has been clear and helpful in explaining how we handle your personal data and your rights to control it. This policy is not exhaustive – we will continue to review it and reserve the right to amend or edit it in future. Please contact us using the details below if you have any questions about the policy.
PO BOX 9120
Updated 11 May 2018
We are committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, you can be assured that it will only be used in accordance with this privacy statement.
We may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This version updated 11 May 2018.
We may collect the following personal information lawfully – with your explicit consent (you sign up for eNewsletters, sign up for an account), contractually (you purchase from this website).
– Contact information including email address
– Demographic information such as postcode, preferences and interests
– Other information relevant to customer surveys and/or offers
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
– Fulfill a contract between us (you have bought something from the website)
– Internal record keeping.
– We may use the information to improve our products and services.
– We may send promotional emails/ eNewsletters about new products, special offers or other information which we think you may find interesting using the email address which you have provided.
– From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, fax or mail. We may use the information to customise the website according to your interests.
Your rights under General Data Protection regulations include:
You can withdraw consent at any time should you no longer wish to receive information from us
Right to erasure
Subject access request
Right to be informed
There are eight key rights for individuals – visit https://ico.org.uk/ for more information.
We will not sell, distribute or lease your personal information to third parties unless we are required to do so by law.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
We do not process or store your payment card information. Transactional data is processed by our payment provider PayPal, which is PCI DSS (Payment Card Industry Data Security Standard) compliant to safeguard your data and transactions. The website www.oceanrocks.co.uk is also protected by SSL certificate which means the website is secure and protected.
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
You may choose to restrict the collection or use of your personal information in the following ways:
Do not consent to receive information – do not enter your name or other details into a eNews sign-up form, enquiry form or other form.
Do not set up an OCEANROCKS account – do not enter your personal details
Do not purchase from OCEANROCKS – do not enter any personal details
Amend your browser settings to manage cookies
We retain and manage all information submitted through this website, in accordance with our data protection policy and only hold it for as long as necessary.
You may request details of personal information which we hold about you under the General Data Protection Regulations 2018. If you would like a copy of the information held on you please contact us at email@example.com
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect. If you are dissatisfied with the way with have handled your personal data, and we are unable to resolve the issue for you, you may take the matter to the information commissioner’s office at www.ico.org.uk
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
If you see any social media features on this site, e.g. Twitter, Facebook and Instagram, they may also set or retrieve cookies on your device/ machine.
The purpose of this information is to help us improve the site for future visitors
|COOKIE||WHAT WE USE THEM FOR|
|_UTMZ||THIS COOKIE STORES WHERE A VISITOR (YOU) CAME FROM. E.G. SEARCH ENGINE, SEARCH KEYWORD, LINK, ETC.|
|_UTMA||THIS COOKIE STORES EACH USER’S AMOUNT OF VISITS, AND THE TIME OF THE FIRST VISIT, THE PREVIOUS VISIT, AND THE CURRENT VISIT.|
|_UTMC, _UTMB||THESE ARE USED TO CHECK APPROXIMATELY HOW LONG A USER (YOU) STAY ON OUR SITE: WHEN A VISIT STARTS, AND APPROXIMATELY ENDS.|
|IS_RETURNING||THIS COOKIE IS USED TO COLLECT INFORMATION ABOUT HOW VISITORS (YOU) USE OUR SITE, ALL INFORMATION IS COLLECTED ANONYMOUSLY AND HELPS US INPROVE OUR SITE.|
|_ATUVC||THIS COOKIE LETS US INTEGRATE OUR SITE WITH SOCIAL NETWORKS, ALLOWING OUR USERS TO SHARE CONTENT OVER SOCIAL NETWORKS|
Our cookies do not store financial information, or information which is capable of directly identifying you (such as your name or address). Cookies simply allow our website to retrieve this information in order to personalise and improve your experience of our website.
However, if you wish to restrict, block or delete cookies provided by our site – or any other website – you can use your browser to do this. Each browser is different so check the ‘Help’ menu of your particular browser to learn how to change your cookie preferences, or use the following on your particular browser.
– Click the orange Firefox button at the top of the window (Tools menu in Windows XP) and then click Options
– Select the Privacy panel
– From the history drop down select “Use custom settings for history”
– Un-check “Accept cookies from sites”
– Click OK
– Click on the wrench icon, within Chrome
– Select “Settings”
– Select “Under the Hood”
– Click “Content Settings” in the “Privacy” section
– Under the “Cookies” section select “Block sites from setting any data”
– Click the gear-wheel icon in the top right corner of the browser
– Click Internet Options
– Navigate to the Privacy Tab
– Set the slider to “High” or above
– Click OK to confirm
– Click the gear-wheel icon in the top right corner of the browser
– Click the “Privacy” icon
– Choose “Block cookies” as “Always”
– Close window
Please bear in mind that if you do this, certain personalised features of this website and others cannot be provided to you.
|THIRD-PARTY COOKIES||WHAT THEIR COOKIES ARE USED FOR|
|WE USE GOOGLE MAPS TO SHOW OUR LOCATION.
|SOCIAL TOOLS||WE TAKE ADVANTAGE OF SOCIAL NETWORKS AND LIKE TO SHARE OUR CONTENT WITH FRIENDS ACROSS THESE NETWORKS, SUCH AS TWITTER, YOU MAY RECEIVE COOKIES FROM THESE WEBSITES. WE ARE NOT IN CONTROL OF THESE THIRD-PARTY COOKIES, IF YOU’D LIKE TO LEARN MORE ABOUT THEM – VISIT THEIR WEBSITES.
If you wish to learn more about cookies in general and how to manage them, visit www.aboutcookies.org.
www.oceanrocks.co.uk is operated by OCEANROCKS LTD
Read our Terms and conditions