Updated and effective as of 6th September 2021
- About Us
- Contacting Us
- Personal information we collect
- What we do with your personal information
- Disclosure of your personal information to third parties
- International transfers
- Security of your personal information
- How long we keep your personal information
- Your rights
- Exercising your rights
- Cookies and other tracking technologies
The Site is owned and operated by Armit Wines, a company registered in England and Wales with company number 01609571 and having its registered office at 2nd Floor, The Triangle, 5-17 Hammersmith Grove, London W6 0LG.
Armit Wines is registered as a data controller with the Information Commissioner’s Office under data protection registration number Z6671034.
By post at:
2nd Floor, The Triangle
5-17 Hammersmith Grove
London W6 0LG
By email at: firstname.lastname@example.org
Information you give us
You may provide us with personal information, including when you:
- purchase goods or services on the Site;
- request additional information about our goods or services or ask us to contact you; and
- communicate with us (whether through the Site, by email or phone).
The categories of personal information you provide include:
- Contact details, such as name, email address, phone number and delivery and billing address;
- Payment details, such as debit or credit card details;
- Account details, such as username and password; and
- Marketing data, such as your marketing preferences.
We will indicate to you where the provision of certain personal information is required in order for us to provide you certain services. If you choose not to provide such personal information, we may not be able to provide the services you have requested.
Information we process automatically
We also collect, store, and use information about your use of the Site, and about your computer, tablet, mobile or other device through which you access the Site. This includes the following information:
- Technical Data: including the Internet protocol (IP) address, browser type, internet service provider, device identifier, your login information, time zone setting, browser plug-in types and versions, preferred language, activities, operating system and platform, and geographical location; and
- Usage Data: including the full Uniform Resource Locators (URL), clickstream to, through and from the Site, pages you viewed and searched for, page response times, length of visits to certain pages, referral source/exit pages, page interaction information (such as scrolling, clicks and mouse-overs), date and time pages are accessed, website navigation and search terms used, and whether you have opened our marketing newsletters,
We also automatically record the purchases you have made on the Site (“Transaction Data”) to obtain an understanding of your preferences so that we can provide you with more tailored marketing where appropriate.
Information we collect from third parties
We may obtain personal information about you from the following third parties:
- Credit Reference Agencies;
- Fraud Prevention Agencies;
- Event based Marketing Agencies.
We may also collect, use and share “Aggregated Data” such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal information but is anonymised and is not considered personal information as it will not directly or indirectly reveal your identity.
The Site is not intended for or directed at children under the age of 18 years, and we do not knowingly collect information relating to children under this age.
As data controller, we will only use your personal information if we have a legal basis for doing so. The purposes for which we use and process your information and the legal basis on which we carry out each type of processing are explained in the table below.
|Types of data||Purposes for which we will process the information||Legal Basis for the processing|
|Contact details and account details||To register you as a new customer.
To respond to complaints and provide you with information and materials that you request from us.
To send you information regarding changes to our policies, other terms, and other administrative information such as reminders, technical notices, updates, and security alerts.
|Performance of a contract.
It is in our legitimate interests to respond to your queries and provide any information and materials requested in order to maintain good customer relations.>br>
It is in our legitimate interests to ensure that any changes to our policies, terms and other such technical updates are communicated to you.
|Contact details, account details and payment details||To process and deliver your orders and/or provide you with the relevant services you have requested.
To process any refunds owed to you.
|Performance of a contract.
Compliance with a legal obligation.
|Contact details, marketing data, Technical and Usage Data and Transaction Data||To send you promotional materials, advertisements and other materials that may be of interest to you (including making suggestions and recommendations about wines that may be of interest to you and providing you with information about us, our services, events, or general promotions), and to monitor the effectiveness of our marketing.||Consent (if required under applicable law).
Where consent is not required (including in certain circumstances where you are an existing customer), such processing is necessary in our legitimate interests to grow and develop our business.
|Technical and Usage Data, account details and contact details||To administer the Site, including resolving technical issues, troubleshooting, data analysis, testing, research, statistical and survey purposes.||It is in our legitimate interests to continually monitor and improve our services and to ensure network security.|
|Technical and Usage Data||To improve our website to ensure that content is presented in the most effective manner for you and your computer, mobile device, or other item of hardware through which you access the website.||Consent.|
|Account details, payment details and Technical and Usage Data||To help create and maintain a trusted and safe environment on the Site by, among other things, detection and prevention of fraud and other harmful activity and verifying any identifications provided by you.||It is in our legitimate interests to carry out such checks to ensure prevention against fraud and other harmful activity and that the Site is safe and secure.|
We may share your personal information with the following (as required in accordance with the uses set out above):
- Service providers and advisors: we may share your personal information with third party vendors and other service providers that perform services for us or on our behalf, which may include providing email, advertising, web hosting, logistics or analytics services.
- Credit Reference Agencies (“CRAs”) and Fraud Prevention Agencies (“FPAs”): we may share your personal information with CRAs or FPAs in certain circumstances if necessary to assess your suitability to use our services.
- Business partners: we may share your personal information (such as contact details) with our business partners, such as insurers, trade associations and wine producers, where this is necessary in the normal course of our business.
- Purchasers and third parties in connection with a business transaction: your personal information may be disclosed to third parties in connection with a transaction, such as a merger, sale of assets or shares, reorganisation, financing, change of control or acquisition of all or a portion of our business.
- Law enforcement, regulators and other parties for legal reasons: we may share your personal information with third parties as required by law or if we reasonably believe that such action is necessary to (i) comply with the law and the reasonable requests of law enforcement; (ii) detect and investigate illegal activities and breaches of agreements; and/or (iii) exercise or protect the rights, property, or personal safety of Armit Wines, its users or others.
- Other members of the Armit Wines group: we may share your personal information with our affiliates (for example, where they provide services on our behalf) or where such sharing is otherwise necessary in accordance with the uses set out above.
As detailed above, we may share your data with our service providers and some of these may be based outside of the United Kingdom (“UK”) and European Economic Area (“EEA”). This involves transferring your personal data internationally outside the UK and the EEA.
Where personal information is transferred to and stored in a country not determined by the UK or European Commission as providing adequate levels of protection for personal information, we take steps to provide appropriate safeguards to protect your personal information, including entering into standard contractual clauses approved by the UK or the European Commission, obliging recipients to protect your personal information.
If you would like further information on the specific mechanism used by us when transferring your personal information outside of the UK or the EEA, please contact us using the details set out in the Contacting Us section above.
We use appropriate technical and organisational security measures (including encryption) to protect personal information both online and offline from unauthorised use, loss, alteration, or destruction. Where data processing is carried out on our behalf by a third party, we take steps to ensure that appropriate security measures are in place to prevent unauthorised disclosure of personal information.
Despite these precautions, however, we cannot guarantee the security of information transmitted over the Internet or that unauthorised persons will not obtain access to personal information.
We will only retain your personal information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information, whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements.
In accordance with applicable privacy law, you have the following rights in respect of your personal information that we hold:
- Right of access. You have the right to obtain access to your personal information.
- Right of portability. You have the right, in certain circumstances, to receive a copy of the personal information you have provided to us in a structured, commonly used, machine-readable format that supports re-use, or to request the transfer of your personal data to another person.
- Right to rectification. You have the right to obtain rectification of any inaccurate or incomplete personal information we hold about you without undue delay.
- Right to erasure. You have the right, in some circumstances, to require us to erase your personal information without undue delay if the continued processing of that personal information is not justified.
- Right to restriction. You have the right, in some circumstances, to require us to limit the purposes for which we process your personal information if the continued processing of the personal information in this way is not justified, such as where the accuracy of the personal information is contested by you.
- Right to object. You have a right to object to any processing based on our legitimate interests in certain circumstances. You can also object to our direct marketing activities for any reason by clicking the “unsubscribe” link set out in any marketing communication you receive, updating your marketing preferences or contacting us using the details set out above.
- Right to withdraw consent. If you have provided consent to any processing of your personal information, you have a right to withdraw that consent but without affecting the lawfulness of processing based on consent before its withdrawal.
Please note that not all of the above rights are absolute, and we may be entitled to refuse requests, wholly or partly, where exceptions under the applicable law apply.
For example, we may refuse a request for erasure of personal information where the processing is necessary to comply with a legal obligation or necessary for the establishment, exercise, or defence of legal claims. We may refuse to comply with a request for restriction if the request is manifestly unfounded or excessive.
Where we have reasonable doubts concerning the identity of the person making the request, we may request additional information necessary to confirm your identity.
The Site may, from time to time, contain links to and from the websites of our business partners, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.