The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a new regulation which replaces the Data Protection Directive (Directive 95/46/EC). The General Data Protection Regulation builds on previous legislation but enhances privacy rights for individuals. The GDPR will apply in the UK from 25th May 2018.
Despite the UK’s intention to leave the European Union in March 2019 the GDPR will still apply in accordance with the Information Commissioner’s Office (ICO) guidance to continue a similar level of regulation post March 2019 together with a new Data Protection Act.
At Coco Lighting Ltd are committed to safeguarding the privacy of visitors to our website www.cocolighting.co.uk and users, in line with the regulations laid down by GDPR. (In this privacy notice, "we", "us" and "our" refer to Coco Lighting Ltd.)
This privacy notice provides you with details of how we collect and process your personal data through your use of our website and of our services.
Coco Lighting Ltd is the data controller with respect to the personal data of our website visitors and service users - in other words, where we determine the purposes and means of the processing of that personal data.
If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk).
We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you. Our contact details can be found at the end of this notice. It is very important that the information we hold about you is accurate and up to date. Please let us know if at any time your personal information changes by emailing us at firstname.lastname@example.org
What Data Do We Collect About You?
Personal data means any information capable of identifying an individual. It does not include anonymised data.
We may process certain types of personal data about you as follows:
• Identity Data may include your first name, maiden name, last name, username, marital status, title, date of birth and gender. This may also include photography and video featuring your image.
• Contact Data may include your billing address, personal and/or office address, email address and telephone numbers.
• Transaction Data may include details about payments between us and other details of purchases made by you.
• Profile Data may include your username and password, purchases or orders, your interests, preferences, feedback and survey responses. We will also record any other professional or personal information which is relevant to your situation and how we might help you.
• Service Data may include records of our telephone conversations and any reflection on notes that you submit as part of the quotation and ordering process.
• Usage Data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use.
• Marketing and Communications Data may include your preferences in receiving marketing communications from us and your communication preferences.
• Where we are required to collect personal data by law, or under the terms of the contract between us and you do not provide us with that data when requested, we may not be able to perform the contract (for example, to deliver our services to you). If you don’t provide us with the requested data, we may have to cancel a service you have ordered but if we do, we will notify you at the time.
How We Collect Your Personal Data
We collect data about you through a variety of different methods including:
Direct interactions: You may provide data by filling in forms on our site (or otherwise) or by communicating with us by post, phone, email or otherwise, including when you:
• Contract our services;
• Subscribe to our service or publications;
• Request resources or marketing be sent to you;
• Enter a competition, prize draw, promotion or survey; or give us feedback.
Cookies: Like most websites, our website www.cocolighting.com uses ‘cookies’, small packets of data that are stored in your web browser. Cookies help us to identify information such as how many people are using our site and what devices they’re using.
We also use Google Analytics and Tawk.to live chat to analyse data and aggregate patterns of use. This allows us to tailor our service to best meet the needs of the people using it. You can manage how your browser handles cookies, or refuse them altogether, by changing your settings. www.aboutcookies.org has useful information on how to manage cookies in your browser.
How We Use Your Personal Data
We will only use your personal data when legally permitted. The most common uses of your personal data are:
• In order that we can provide our services and communicate with you.
• Where we need to perform a contract between us, or take steps at your request to enter into such a contract.
• Where it is necessary for our legitimate interests (or those of a third party) namely the proper administration of our website and our business, and your interests and fundamental rights do not override those interests.
• Where we need to comply with a legal or regulatory obligation, or take steps to proper protection of our business from risk.
• Generally, we do not rely on consent as a legal ground for processing your personal data, other than in relation to sending marketing communications to you via email or text message. Exceptions are noted below.
You have the right to withdraw consent to marketing at any time by emailing us at email@example.com
Images and films
During group events, training or workshops we may photograph or film individuals; however this will always be with the express permission of those involved and is for the purpose of capturing and celebrating the work we do. We will never use images or footage of an individual in any of our marketing material or on our website without first having received written agreement to the usage of their image in this way.
Providing your personal data to others
We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
We may disclose service data, enquiry data and correspondence data to our subcontractors or associates insofar as reasonably necessary for the performance of a contract between you and us.
Financial transactions relating to our website and services may be handled from time to time by our payment services provider, HSBC Global Payments. We will share transaction data with payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds. You can find information about the payment services provider’s privacy policies and practices here.
In addition to the specific disclosures of personal data set out in this Section 3, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person
International transfers of your personal data
There are certain circumstances in which your personal data may be transferred to countries outside the European Economic Area (EEA).
Our supplier of email distribution services is situated in USA. The European Commission has made an "adequacy decision" with respect to the data protection laws of USA.
You acknowledge that personal data that you submit for publication through our website, such as contribution to our blog, may be available via the internet, around the world. We cannot prevent the use or misuse of such personal data by others.
Retaining and deleting personal data
Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
Account data and Transaction data will be retained for a minimum period of five years from the end of the last company financial year they relate to, or longer if they show a transaction that covers more than one of the company's accounting periods or if required to do so by the relevant tax authorities. In some cases it is not possible for us to specify in advance the periods for which your personal data will be retained. In such cases, we will determine the period of retention based on the need, use and application of the data, in accordance with Article 5(1)(e) of the 2018 General Data Protection Regulation (GDPR).
Not withstanding the other provisions of this Section 5, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
We may update this policy from time to time by publishing a new version on our website. You should check this page occasionally to ensure you are happy with any changes to this policy. We may notify you of changes to this policy by email.
You may instruct us to provide you with any personal information we hold about you by emailing us firstname.lastname@example.org. Please note there may be a delay of up to two weeks to cover the time needed to access our archives.
We may withhold personal information that you request to the extent permitted by law.
You may instruct us at any time not to process your personal information for marketing purposes. In practice, you will usually either expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt out of the use of your personal information for marketing purposes.
Queries and complaints
Any comments or queries on this policy should be directed to the Company via email@example.com
• Rembembering settings, so you don't have to keep re-entering them whenever you visit a new page.
• Rembembering information you have given so you don't need to keep entering it.
• Measuring how you use the website so we can make it sure it meets your needs.
To learn more about cookies and how to manage them, please visit the ICO web site.