Privacy Policy

We are committed to maintaining the trust and confidence of our visitors to our web site purethoughts.co.uk.

In this Privacy Policy, we’ve provided lots of detailed information on when and why we collect your personal data how we use it, the limited circumstances under which we may disclose it to others and how we keep it secure.

This Privacy Policy was last updated on 24 May 2021.

Pure Thoughts Ltd is the data controller and we are responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice).

If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).

We would be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.

It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at info{at}purethoughts.co.uk

Personal data means any information capable of identifying an individual. It does not include anonymised data.

We may process the following types of personal data about you:

• Customer data may include your name, username and title, billing address, delivery address, email address and telephone numbers. We process this data in order for us to complete your order, supply the goods and keep records of these transactions. Our lawful ground for processing this information is the performance of a contract between you and us.

• Communications Data may include any communication that you send to us via email, social media or mail. We process this information for the purposes of communication with you and our lawful ground for processing this information is to reply to communications sent to us and keep our records updated.

• Usage Data may include information about how you use our website, products and services. We process this information to operate our website, deliver relevant content to you, keep the site secure and for administration of the site. Our lawful ground for processing is our legitimate interest which in this case is to properly administer our website and business.

• Technical Data may include your login data, internet protocol(ip) addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform and other technology on the devices you use to access our site. The source of this data is from our analytics tracking system. We process this data to analyse your use of our website, to administer the business and website, to deliver relevant website content and advertisements to you and to understand the effectiveness of our on and offline advertising. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer our website and our business and to grow our business.

• Marketing Data may include your preferences in receiving marketing communications from us and our third parties and your communication preferences. We process this information in order for you to take place in prize draws and competitions, to deliver relevant website content and to measure the effectiveness of our marketing. Our lawful ground for this processing is our legitimate interests which in this case are to study how customers use our products, to develop them, to grow our business and to decide our marketing strategy.

• Financial and Transaction Data may include details about payments between us and other details of purchases made by the website and phone. We process this information in order to complete your order and supply the goods to you. Our lawful ground for processing this information is the performance of a contract between you and us. Please note during our checkout process we do not have access to your card information but this data is processed by a third-party payment processing company who securely process your payment information.

If you do not provide us with your personal data [IPD], we may not be able to perform the contract between us (for example we may be unable to deliver our products to you). We will notify you if we have insufficient data to complete our contract at the time.

We collect data about you through different methods including directly through the completion of forms on our website, sending us emails, creating accounts and entering competitions but we may also collect data automatically when you use our website by using cookies.

We may receive data from third parties like analytics providers such as Google, advertising networks such as Facebook, information providers such as Google, and providers of technical, payment and delivery services.

Marketing communications
Our lawful ground of processing your personal data to send you marketing communications is either your consent or our legitimate interests (namely to grow our business).

Under the Privacy and Electronic Communications Regulations, we may send you marketing communications from us if (i) you made a purchase or asked for information from us about our products or (ii) you agreed to receive marketing communications and in each case you have not opted out of receiving such communications.

We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.

You can stop receiving marketing messages from us at any time by clicking the unsubscribe button at the bottom of the email or emailing us at info{at}purethoughts.co.uk

We do not sell any of your personal data to any third party – including your name, address, email address or payment information. We work hard to earn and maintain your trust and we believe this is absolutely essential in order do that.

However, we may have to share your personal data with the parties set out below in order for us to provide products to you: • Service providers who provide IT, delivery and administration services.
 • Professional advisers including solicitors, financial authorities, auditors and insurance companies who provide consultancy, banking, legal, insurance and accounting services.
 • Government bodies such as HMRC who require reporting of accounting activities. All parties to whom we transfer your data are required to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.  

We have strict security measures to prevent your personal data from being lost, used or accessed in an unauthorised way.  Also, we limit access to your personal data to those who have a business need to know such data. They will only process personal data on our instructions and must keep any personal data confidential.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Some of our third party service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA, usually to the USA.

Whenever we transfer your personal data outside of the EEA, your data remains secure by ensuring at least one of the following procedures is implemented:

We will only transfer your personal data to countries that provide an adequate level of protection for personal data by the European Commission; or
 Where we use providers based in the United States, we may transfer data to them if they are part of the EU-US Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the USA.

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

For tax requirements, by law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers.

Under certain circumstances, you have rights under data protection laws[DIPS] which include the right to request access, correct or erase your personal data, object or restrict to further processing, to request transfer of your personal data, to withdraw consent.

You can see more about these rights at:
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/

If you wish to exercise any of the rights set out above, please email us at info{at}purethoughts.co.uk

This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

If you have any questions about this privacy notice, please contact us using the details set out below.

Our full details are:
Full name of legal entity: Pure Thoughts Ltd
Name or title of contact: Michael Houlden
Email address: info{at}purethoughts.co.uk
Postal address: Commerce House, 2 Victoria Way, Pride Park, Derby DE24 8AN