At Craig ‘n’ Dave we are committed to safeguarding and preserving the privacy of our visitors.
External Services We Use
We use certain external companies to process our data.
Our contact promise is a summary of how we look after your personal data.
We collect, use and store your personal data so that we can offer you the products and services you expect from us. We see your personal data as just that: it’s yours. So we will always be clear and upfront with you about what we do with your personal data, and (of course) you have control over it.
We collect your personal data for three main reasons:
- To process any orders you make and to deliver those orders to you
- With your permission, to send you special offers, often tailored to what you have told us you would like to hear about
- That you can control the personal data you provide us with and that we will always be transparent about how we collect and use it
- We will always tell you what personal data we are collecting from you, the means by which we will collect it and how we will use it. We will only use your personal data for the purposes we originally told you about.
- We will only send you marketing communications if you have agreed that we can do so and we will always offer you a clear and simple means of changing your preferences whenever you want to
Who we are
Craigndave LTD is a private company registered in England and Wales with company number 10442992. Our registered office is:
12 Tweenbrook Avenue
If you have any questions about how we look after your personal data, you can contact us:
- In writing, at the address above. Please mark your letter for the attention of the Data Protection Officer
- By email to this address: firstname.lastname@example.org
- By telephone on 01452 905131 (this is a voicemail service)
You can manage your marketing preferences by contacting us as above or via the newsletter link at the bottom of the email. We will update your preferences as soon as we can but it may take up to 2 weeks.
How do we collect your personal data?
We collect your personal data in two main ways:
(1) When you give it to us directly
When you communicate with us or purchase our products or services, you may choose to give us certain information. For example, when you give us your name and address or when clicking on active buttons such as ‘Place Order & Pay’.
(2) When our systems collect information or personal data as you use our website.
Whenever you use a website, app or other internet service, information gets recorded automatically by the IT systems used to operate that website, app or service. The most common type of information collected is in the form of cookies (small text files sent by your computer each time you visit our website) but can also include personal data transferred by the electronic device you use to access our website and its settings. The manufacturer of your device, or the provider of the operating system, will have details about what information your device shares with us.
What categories of personal data do we collect?
We may collect the following information about you:
• Your name and contact details
This can include your postal, billing and delivery addresses; your telephone number(s), including, if you provide it, your mobile number; and your email address
• Purchases and orders made by you
• When you set up an account with us, your password (which we encrypt)
• Your correspondence with us
Personal data we will process to fulfil your orders and to comply with the law
We will need to process some of your personal data to fulfil any orders you place and to comply with the law. For example:
- We will share your (or your recipient’s) name, address and, where applicable, telephone number with our carriers
- Occasionally with the police, for the purposes of preventing and investigating fraud
How and why do we use your personal data?
We use your personal data:
- To send you the products and services you have purchased
- To allow you to post links to our products on social media
- To manage any accounts you have registered with us so that (i) we can provide you with products and services; (ii) you can place orders; and (iii) we can fulfil those orders and communicate with you about them
- To verify your identity
- To detect and prevent fraud and other illegal activities (and to assist regulators, trade bodies and law enforcement agencies in relation to the same)
- To carry out research to better understand your views on our products and services
Our legitimate interests
When we send you news of our latest products and updates, we will do so on the basis that we have your permission (i.e. consent). However, to allow us to run our business we believe we have a legitimate interest to process your personal data so that we can:
- Improve our existing range, associated products and services, and develop new ones
- Provide you with a quality customer service experience
- Protect you, our employees and our business
- Understand your likes and dislikes, what products you want to hear about and how best to contact you to inform you about them
- Taking legal action against any party in breach of its obligations to Craigndave LTD, and handling any legal claims or regulatory enforcement actions taken against Craigndave LTD.
When do we share your personal data?
So that we can provide you with our products and services, we have to share some of your personal data with certain third parties.
When we share your personal data, we make sure that it remains secure:
- We will only send to third parties the personal data that is necessary for the purposes it is required for.
We share your data as follows:
With core service providers to enable our business to function
We rely on a set of external companies to provide us with services that enable our business to run properly. Our core service providers include the courier companies we use to deliver our products to you; banks and clearing houses to process your payments; IT services providers and companies to help us with our marketing.
With regulators and law enforcement agencies when required to do so by law
We are required to co-operate with regulators (like the Information Commissioner’s Office or HMRC) and law enforcement agencies (like the police or the Serious Fraud Office) in every country we operate in. Although it does not happen often, regulators and law enforcement agencies can require us to share information with them as part of an investigation; this may include your personal data. We would have to disclose your personal data where we believe that disclosure is reasonably necessary to comply with the regulator or crime enforcement agency’s demand.
When we think it is reasonably necessary to protect you or us
Occasionally businesses are subject to attempted criminal activities; this can affect both us and you. We will take all reasonable steps to protect you and our business but sometimes we may need to share your personal data where we think it is reasonably necessary to:
- Detect, monitor, investigate or prevent any suspected illegal activities, fraud or security issues
- Enforce our terms and conditions and to protect your and our rights and property
- Investigate and defend any third party claims or allegations
As part of a business sale or purchase, merger or reorganisation
From time to time we may look to purchase another business or sell or re-organise parts of our business to ensure that we remain in strong shape. Sometimes these types of corporate transactions involve the transfer of your personal data solely for the purposes of assessing the transaction. In the event that we sell or buy any business or assets, personal data which we hold about you may be one of the transferred assets.
In aggregated format
Strictly speaking this is not personal data, but on occasions we will use data from which you cannot be personally identified but which does include information that relates to you (such as a testimonial).
When do we send your personal data outside the European Economic Area and why does it matter?
From time to time we may use service providers outside the European Economic Area (“EEA“), in particular for the provision of IT services.
If we do share your personal data with service providers outside the EEA we will ensure reasonable safeguards are put in place to protect your personal data.
How long do we hold your personal data for?
We will not keep your personal data for longer than is necessary for the purposes described in this policy.
As a guide:
- we will keep personal data while your account is active
- we may keep certain categories of personal data after your account is closed in order to meet any legal or regulatory requirements, or to resolve a legal dispute
- and, because of this, we may keep different types of personal data for different lengths of time (for instance, we may need to keep certain personal data relating to your purchases in order to comply with HMRC’s VAT reporting requirements)
You have a number of rights under data protection laws; these are summarised below.
- the right to be informed
- the right of access
You can access the personal data we hold on you by contacting us on 01452 905131 or email@example.com. To process your request, we will ask you to send us two forms of proof of identity so that we can be sure we are releasing your personal data to the right person.
We will process your request within one month or, if the request is particularly complex, two months. We can provide you with a copy of your personal data in electronic format or hard copy.
If we consider the frequency of your requests is unreasonable, we may refuse to comply with your request. In those circumstances, we would notify you of your right to complain to the Information Commissioner’s Office.
- the right to rectification
We welcome feedback from you to ensure our records are as accurate and up-to-date as possible. If you think that the information we hold about you is inaccurate or incomplete please ask us to correct it by contacting us on 01452 905131 or firstname.lastname@example.org or by updating your details at any time through the My Account section in your online account. We will process your request as soon as we receive it or within one month of receipt at the latest.
- the right to erasure
You can ask us to delete your personal data; however, this is not an absolute right. We can refuse to erase personal data which we need to keep (i) to comply with a legal obligation (for instance, we are required by HMRC to keep certain personal data for up to 6 years for VAT reporting purposes); and (ii) in relation to the exercise or defence of any legal claims.
When you ask us to delete your personal data, we assume that you do not want to hear from us again. To ensure that we do not send you any special offers in the future, we will retain just enough of your personal data solely for suppression purposes.
Other than as described above, we will always comply with your request and do so promptly. We would also notify any third parties with whom we have shared your personal data (for instance, our carriers for the purposes of delivering your order to you) about your request so that they could also comply.
Some customers would still like to order our products but do not want to receive any marketing communications from us. This is not a problem as you can simply update your marketing preferences by contacting us on 01452 905131 or email@example.com.
- the right to transfer your personal data (known as data portability)
You have the right to move, copy or transfer your personal data from one organisation to another. We hold little information that would be much use to another wine merchant but if you do wish to transfer your personal data we would be happy to help.
If you ask for a data transfer, we will give you a copy of your personal data in a structured, commonly used and machine-readable form (for instance, in a CSV file format). We can provide the personal data to you directly or, if you request, to another organisation.
Please note that we are not required to adopt processing systems that are compatible with another organisation, so it may be that the recipient organisation cannot automatically use the personal data we provide.
When making a transfer request, it would be helpful if you can identify exactly what personal data you wish us to transfer.
We will comply with your request within one month or, if the request is complex or there are a number of requests from you, within two months.
- the right to object
If you would like us to stop processing your personal data for marketing purposes simply let us know by contacting us on 01452 905131 or firstname.lastname@example.org.
We may update this policy from time to time to take account of any new business activity or to reflect any changes in law or best practice in relation to data protection. We will notify you if we do so.
This policy was last updated on 03 February 2018.
To order products on shop.craigndave.org, you need to have cookies enabled. If you don’t wish to enable cookies, you’ll still be able to browse the site and use it for research purposes.
Please note that cookies can’t harm your computer. We don’t store personally identifiable information such as credit card details in cookies we create, but we do use encrypted information gathered from them to help improve your experience of the site. For example, they help us to identify and resolve errors, or to determine relevant related products to show you when you’re browsing.
We’re giving you this information as part of our initiative to comply with recent legislation, and to make sure we’re honest and clear about your privacy when using our website. We know you’d expect nothing less from us, and please be assured that we’re working on a number of other privacy and cookie-related improvements to the website.
Types of Cookies
Strictly necessary cookies – These cookies enable you to navigate our site and gain full access to its features and secure areas. Without these cookies essential services you have asked for like ‘Your Basket’ cannot be provided.
Performance cookies – These cookies remember information about how you and other customers use our website. This gives us vital information such as which pages are visited most often and if customers are receiving error messages from certain pages. The role of these cookies is to allow us to analyse and improve the performance of our website ensuring you receive a consistent look, feel and shopping experience. Performance cookies (often known as web analytic cookies) don’t collect any information that identifies the customer and all information collected is aggregated and therefore anonymous.
Functionality cookies – These cookies remember choices you made on previous visits to our site such as your username, language or region so we can provide enhanced, more personal features. They can also be used to remember changes you’ve made to text size, fonts and other parts of web pages you can customise. Functionality cookies can also be used to provide services you have previously asked for such as watching videos or commenting on a blog. The information collected by these cookies may be anonymised and they cannot track your browsing activity on other sites.
Targeting or advertising cookies – These cookies are used to deliver adverts more relevant to your personal interests. Alongside this they limit the amount of times you see an advert and measure the effectiveness of adverts. This means you won’t keep seeing irrelevant adverts or the same adverts over and over. These cookies are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and the information is shared with other organisations such as advertisers. Quite often targeting or advertising cookies will be linked to site functionality provided by the other organisations that generate the advert. When one of these adverts is presented to you on a site there will be a quick and easy way to click in and opt out of receiving further adverts.
Cookies we use
PHPSESSID – To store a simple message when a form is submitted that can be displayed on a different page. For example, if an enquiry form is completed incorrectly, a message will be stored and presented to the user to indicate the errors in the submission. When an enquiry form is submitted successfully, a message is stored and presented to the user thanking them for their enquiry. No personal information is stored in this cookie.
__stripe_mid – This is used for our online checkout system provided for by Stripe Inc. No personal data is stored.
gadwp_wg_default_dimension, gadwp_wg_default_metric, gadwp_wg_default_swmetric
swpm – This is used to run our membership system.
WordPress – This is used to run the whole site.
In addition to the cookies we set when you visit our websites, third parties may also set cookies when you visit our sites. In some cases, that is because we have hired the third party to provide services on our behalf, such as site analytics. In other cases, it is because our web pages contain content from third parties. Because your browser connects to those third parties’ web servers to retrieve that content, those third parties are able to set or read their own cookies on your device and may collect information about your online activities across websites or online services.
How to Control Cookies
Most web browsers automatically accept cookies but provide controls that allow you to block or delete them. Most browsers allow you to refuse to accept cookies, however, blocking cookies will have a negative impact upon the usability of some websites.
Certain features of our websites depend upon cookies. Please be aware that if you choose to block cookies, you may not be able to sign in or use those features, and preferences that are dependent on cookies may be lost. If you choose to delete cookies, the settings and preferences controlled by those cookies will be deleted and may need to be recreated.
Refund / Cancellation policy
In the unlikely event that you require a refund we will need a written request by you or your organizations finance department. Refunds will be processed back onto the original payment card/ method only, we will not accept any other cards/ methods. We will process your refund within 7 business days.
Should you wish to cancel your subscription we require a written letter. If your account has yet to expire, it will run until the subscription expires. No partial refunds shall be given, except in exceptional circumstances.
We accept credit/debit card payments via our online store (stripe). If you are unable to use Stripe we also accept BACS and Cheque payments and purchase orders from your organisation.
We do not process or store your card details on our site, this is solely done via Stripe from their plugin.
Third Party Links