PRIVACY POLICY

 

1.         INTRODUCTION

This privacy policy sets out the types of personal data Gary woodpecker Steel Doors may collect about you when you interact us and explains how we process your personal data. This privacy policy applies if you are a visitor to our website www.garywoodpecker.com (our Website) or social media pages (a Website User), if you visit one of our showrooms (a Visitor) and/or if you purchase any products from Gary Woodpecker Steel Doors (a Customer). This privacy policy also includes information about the cookies used on our Website.  

We are responsible for deciding how we hold and use personal data we collect or receive about you. We are committed to protecting and respecting your privacy. We will ensure your personal data is stored and used in accordance with this privacy policy.

We may collect, use, store and transfer different kinds of personal data about you when you visit our Website or one or our showrooms, when you register for an online account with us, when you contact us, when you subscribe to our newsletter, or when you purchase any of our products.

We want you to know that we don’t sell any of the personal data you share with us or that we collect.

Please read this privacy policy carefully. This Privacy Policy may change from time to time. We will regularly review this Privacy Policy and any updates we make will be posted on our site. We encourage you to frequently check this page for any changes to stay informed about how we are collecting and processing personal data about you.

This privacy policy was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of our collection and use of personal data. However, we would be happy to provide any additional information or explanation upon request. If you have any questions or concerns about any of your personal data or information contained within our privacy policy, please contact us using the details below.

Our Website is not intended for children and we do not knowingly collect data relating to children.

2.         HOW TO CONTACT US

Gary Woodpecker Arwid Kulesz trading as Gary Woodpecker Steel Doors is the “data controller” in respect of your personal data for the purposes of data protection legislation. Gary Woodpecker Arwid Kulesz is a company registered in Poland under company number 6040167577 Our registered office is at ul. Majkowskiego 9, Pruszcz Gdański, 83-000.

References in this privacy policy to “we”, “us” “our” and “Gary Woodpecker Steel Doors” are Gary Woodpecker Arwid Kulesz trading as Gary Woodpecker Steel Doors

Our Data Protection Officer is Joanna Ostaszewska and she can be contacted at biuro@garywoodpecker.com  

3.         WHAT DATA DO WE COLLECT?

Personal data is any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

Whenever we collect, store, use, disclose or delete your personal data, this is referred to as processing your personal data. As a Website User, Visitor or Customer, we will process different kinds of personal data about you. We have grouped these together in different categories below:

  • Identity data – data which identifies you including your name, title and username.

  • Contact data – your contact details such as your delivery address, billing address, telephone numbers and email address.

  • Purchase data – information concerning the products you have purchased from us, including how frequently you purchase from us, whether you have used any discount codes or other offers, which products you have purchased and how much you have spent with us.

  • Security data – for your security, we keep an encrypted record of your login password.

  • Customer Service data – information relating to your interactions with our customer service team via our online chat function, or by telephone, email or post, or at one of our showrooms. For example, information you provide when you make a general enquiry, ask us for product advice or in the unfortunate case that you need to complain to us.

  • Financial data – data we collect if you purchase a product from us, such as your bank account and payment card details.

  • Review data – information you provide to us when you review our products on our Website or provide feedback to our customer services team.

  • Marketing data – data which we capture when you sign up to receive our newsletter and other marketing communications, including your preferences regarding us contacting you in this way.

  • Usage data – information about how you use our Website, including how you navigate our Website, which pages you view, the advertisements you click on, any search terms you enter and if you encounter any problems. We also collect details of how you arrive at our Website (eg through Google).

  • Technical data – electronic information which is automatically logged/stored by processing equipment including details of the device(s) you use to access our services, internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our Website.

  • Social Media data – data we have access to through a social media platform when you connect with us or like or follow our social media accounts, including your social media handle, photograph, date of birth, location, occupation, interests and other information and content you make available via your social media accounts.

We may also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific feature of our site. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Policy.

We do not collect any special category or criminal data about you (such as information about your health, criminal record, race, political opinions, religious beliefs or your sexuality).

4.         WHEN DO WE COLLECT YOUR DATA?

Direct interactions: Most of the personal data we hold about you is collected directly from you when you interact with us or correspond with us directly via our Website, by email, telephone, by post, on social media or at one of our showrooms. This includes personal data you provide when you:

  • visit our Website;

  • create an account on our Website;

  • visit one of our showrooms;

  • place an order for any of our products;

  • subscribe to receive our marketing communications;

  • engage with us on social media, such as by following us, liking our posts, commenting on our posts or sending direct messages;

  • enter a prize draw or competition with us;

  • contact us by any means including  filling out an enquiry form on our Website or by sending us an email or telephoning customer services;

  • giving us feedback;

  • comment on or review our products on our Website.

Automated technology: When you visit our Website, our systems will automatically collect information about your equipment, browsing actions and patterns. We collect this personal data (namely Technical and Usage data) by using cookies, tracking pixels, server logs and other similar technologies. Please see the section headed “Cookies” below.

Other third parties: We may also receive personal data about you from various third parties as set out below:

  • our ecommerce platform provider (currently etsy) who provides payment and other services to us to allow us to sell our products online and process electronic payments for products;

  • analytics providers, such as Google Analytics  who provide us with Technical and Usage data;

  • advertising networks, such as Google Adwords and Facebook who provide us with Technical and Usage data

  • operators of social media platforms, including [Facebook, Instagram, LinkedIn, Twitter, YouTube and Pinterest], 

  • Online postcode look-up services to autofill your delivery address, for example.

5.         HOW AND WHY WE USE YOUR PERSONAL DATA

We only process your personal data where we have a legal basis to do so. The legal basis will vary depending on the reason we are collecting your personal data. Sometimes we might rely on more than one legal basis when we process your personal data depending on why are using your data. Please contact us at any time if you need more information about how we are using your personal data and which legal basis we are relying on. We have summarised below the legal basis we rely on to use your personal data and examples of how this works in practice:

  • Where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract We will need to process your data when you purchase products from us in order to process and deliver your order including taking payment from you. We are likely to process your IdentityContactPurchaseCustomer Service and Financial data on this basis.

  • Where we have your consent to do so, subject to your right to withdraw consent (further details provided in the section headed What are your rights over your data” below) We may send you marketing communications by email if you have subscribed to receiving            these communications from us. We use HubSpot to monitor and improve the effectiveness of            our marketing communications, which includes monitoring or tracking responses and       engagement. HubSpot uses a pixel contained in our emails to track whether they are    opened and which features people click on. This information enables us to make our       marketing campaigns more effective and suitable to our customers. Further information on HubSpot can be found at http://www.hubspot.com. Please see the section headed “Marketing preferences” for information on how to stop direct marketing communications from us or to change your marketing preferences. We will also obtain your consent to collect certain Usage and Technical data when we ask you to consent to cookies. Please see the section headed “Cookies” below for more information. Where we process information on the basis of consent, if at any time you want us to stop processing this information, you can withdraw your consent.

  • Where it is necessary to comply with a legal or regulatory obligation that we are subject to We are subject to legal and regulatory obligations that require us to process your personal data, for example, anti-money laundering obligations and consumer contracts legislation. We are likely to process your IdentityContactPurchaseSecurityFinancialTechnical  in connection with this purpose.

  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests Our legitimate interests in processing your personal data for our own business purposes include the following:

    • To manage our relationship with you and notify you of changes to our terms and conditions or this Privacy Policy (which may include processing IdentityContactPurchaseSecurityCustomer ServiceReviewMarketingUsageTechnical and Social Media data);

    • To promote our products and our business, including online, via email and via social media  (which may include processing IdentityContactPurchaseCustomer ServiceReviewMarketingUsageTechnical and Social Media data);

    • To personalise our marketing to you to provide you with a better and more engaging experience  (which may include processing IdentityContactPurchaseCustomer ServiceReviewMarketingUsageTechnical and Social Media data);

    • To correspond with you concerning your online account and purchases and to respond to your queries, refund requests and complaints (which may include processing IdentityContactPurchaseCustomer ServiceMarketingUsage and Social Media data);

    • To conduct our business and operate as retailer of furniture products, to further our business interests and operate profitably (which may include processing IdentityContactPurchaseCustomer ServiceReviewMarketingUsageTechnical and Social Media data);

    • To develop and grow our business, improve our products and offerings, our Web Site and our customer service (which may include processing IdentityContactPurchaseCustomer ServiceReview, MarketingUsageTechnical and Social Media data);

    • To process orders for products including managing payments and collecting and recovering money owed to us (which may include processing IdentityContactPurchase, Financial, Customer ServiceReview, MarketingUsage and Social Media data);

    • To send you survey and feedback requests to help us improve our products and services (which may include processing IdentityContactPurchaseCustomer ServiceReviewMarketingUsage and Social Media data). You may opt out of receiving these requests from us at any time by updating your marketing preferences. Please see the section headed “Marketing preferences” for more information;

    • To administer and protect our business, our site and online store (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) ((which may include processing IdentityContactPurchaseCustomer ServiceReviewUsage and Technical data);

    • To create and maintain accurate business records  (which may include processing IdentityContactPurchaseCustomer ServiceReviewMarketingUsageTechnical and Social Media data);

    • To protect our business and financial interests and for the purpose of establishing, exercising or defending legal claims (which may include processing IdentityContactPurchaseSecurityCustomer ServiceFinancialReviewMarketingUsageTechnical and Social Media data);

    • To ensure our site and online store are being used in compliance with relevant terms and conditions (which may include processing IdentityContactPurchase[Security,] Customer ServiceFinancialReviewMarketingUsageTechnical and Social Media data); and

    • For fraud prevention, anti-money laundering, and for the prevention or detection of crime (which may include processing IdentityContactSecurityFinancialUsage and Technical data).

 

6.        CHANGE OF PURPOSE

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we wish to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

We may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

7.         IF YOU FAIL TO PROVIDE PERSONAL DATA

Where we need to collect personal data from you in order to comply with our legal obligations or to perform a contract we have with you and you fail to provide that data when requested, we may not be able to perform the relevant contract (for example, to deliver your products or process your payment). In this case, we may have to cancel the relevant contract.

8.         SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Your personal data is only available to authorised personnel of Gary Woodpecker Steel Doors who need access to the information in order to fulfil their duties. All Gary Woodpecker Steel Doors personnel who have access to your personal data will only process your personal data on our instructions and they shall be subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Unfortunately, however, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Once we no longer require your personal data, we will take reasonable steps to destroy it in a secure manner.

9.         HOW LONG WILL WE KEEP YOUR DATA?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In relation to marketing consents, we may ask for your updated consent from time to time if we have not heard from you in a while to check that you still want to receive our emails. If you decide to opt-out we will keep a record of this alongside your email address or other contact details to ensure that we do not send you marketing communications going forward.

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) in order to develop our business methods and strategy or for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

We shall not have any liability whatsoever to you for the deletion of personal data in accordance with our data retention policy.

10.       WHO DO WE SHARE YOUR DATA WITH?

We may share your personal data with the following third parties in order to perform a contract with you, comply with a legal or regulatory obligation, in our legitimate interests of conducting our business or where you have consented:

  • IT companies who support our Website and provide other business systems, such as our ecommerce provider Etsy

  • Payment providers, such as PayU, who provide payment services to us to allow us to process electronic payments for products;

  • Operational companies such as delivery couriers;

  • Third party ‘shop now, pay later’ finance providers, such as PayL8r

  • Data analytics companies such as Google Analytics and ResponseTap.

  • Direct marketing companies such as HubSpot.

  • Social media platforms and online search engines, such as Facebook, Instagram, LinkedIn, Twitter and Pinterest, to show you products that might interest you while you’re browsing the internet and using social media platforms.

  • Third parties to whom we may choose to sell, transfer or merge parts of our business or assets. Alternatively, we may seek to acquire other businesses or merge with them.

  • Other companies and organisations for the purposes of fraud protection and credit risk reduction, HM Revenue & Customs, the police, regulators and other authorities and public bodies.

  • Professional advisers, including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accountancy services.

We require all our data processors to respect the security of your personal data and to treat it in accordance with the law. We do not allow our data processors to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

In some instances where we share data with third parties, those third parties will also be controllers of your personal data. We shall not be responsible or liable for the way in which other data controllers hold or process your personal data. Please contact those third parties for further information regarding how they will use your data. We shall only share your personal data with third parties in accordance with this privacy policy.

From time to time, we may enter into agreements with third party brands to cross-advertise our products to our respective customers. This means you may receive third party advertising material with your delivery of products. However, we do not share your personal data with these third parties.

11.       INTERNATIONAL TRANSFERS

If we need to transfer your data outside of the EU, we ensure your data receives the same protection as if it were being processed inside the EU by ensuring at least one of the following safeguards is implemented:

  • We will transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by EU adequacy regulations.  For further details, see https

  • In some instances, we may use specific contracts approved by the European Commission which give personal data the same protection it has in the EEA.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data outside of the  EU.  

12.       WHAT ARE YOUR RIGHTS OVER YOUR DATA?

You have certain rights in respect of the personal data that we process about you (where we are the data controller because we determine the purpose and means for which that personal data shall be processed):

  • the right to request access to your personal data that we hold and to receive certain information relating to that data;

  • the right to ask us to rectify inaccurate data or to complete incomplete data;

  • the right to receive or ask for your personal data to be transferred to a third party in a structured, commonly used and machine-readable format (note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you);

  • the right to request the erasure of personal data if it is no longer necessary in relation to the purposes for which it was collected or processed or if you have successfully objected to processing (note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request);

  • the right to object to to how we process your personal data in certain circumstances, including the right to ask us not to process your personal data for marketing purposes;

  • the right to restrict processing of your personal data, for example if you want us to establish the accuracy of the data or you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it; and

  • where we are processing personal data relating to you on the basis that we have your consent to do so, you may withdraw your consent at any time (this will not affect the lawfulness of any processing carried out before you withdraw your consent). If you withdraw your consent, we may not be able to provide certain products or services to you.

If you wish to exercise any of the other rights set out above, please contact us by email at biuro@garywoodpecker.com 

We may ask you to verify your identity if you make a request to us to exercise any of the rights set out above. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.

We will try to respond to all legitimate requests within one month. Occasionally, it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

13.       MARKETING PREFERENCES

There are several ways you can stop direct marketing communications from us:

  • You can click the ‘unsubscribe’ link in any email communication that we send you.

  • If you have an account, you can log in and change your preferences.

  • You can contact us by email at biuro@garywoodpecker.com

Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.

14.       COOKIES

Our Website uses cookies to distinguish you from other users of our Website. This helps us to provide you with a good experience when you browse our Website and to improve our Website, products and services. You can find out more about the way cookies work on www.cookiecentral.com and www.allaboutcookies.org.

For more information about the cookies we use and the reasons why we use them, please see our Cookies Policy.

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies (and the above websites tell you how to do this). If you disable or refuse cookies, please note that some parts of our Website may become inaccessible or not function properly.

15.       LINKS TO OTHER WEBSITES

Our Website may contain links to other websites of interest. We do not control the content of these third party websites. We encourage you to read the privacy policies for these third party websites before submitting personal information to them. Where these third parties are collecting data on our behalf, your personal data will be transferred to us and used in accordance with this Privacy Policy. Alternatively, if the third party has not been authorised to collect information on our behalf, your personal data will be controlled by that third party subject to their privacy policy.

16.       HOW TO COMPLAIN

Please let us know if you are unhappy with how we have used your personal data. You can contact us by email at biuro@garywoodpecker.com

You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please do contact us in the first instance and we shall endeavour to resolve your complaint.

17.       CHANGES TO YOUR DATA

It is important that the personal data we hold about you is accurate and current. Please let us know if change your contact details change during your relationship with us. You have the right to question any information we hold about you that you think is wrong or incomplete. Please contact us if you want to do this.

This Privacy Policy was last updated in March 2024.