Vape Delicatessen Limited (We) are dedicated to protecting and respecting your privacy.
This policy (together with our terms and conditions sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting www.vapedeli.co.uk you are accepting and consenting to the practices described in this policy.
For the purpose of the Data Protection Act 1998 (the Act), the data controller is Vape Delicatessen Limited, also referenced as Vape Deli of 238A Bournemouth Road, Chandlers Ford, Eastleigh, Hampshire. SO53 1ER.
AGE OF CONSENT
By using this site, you represent that you are at least 18 years old
INFORMATION WE MAY COLLECT FROM YOU
We may collect and process the following data about you:
- Information you give us. You don't have to have an account to purchase goods from Vape Delicatessen Ltd. When you add items to your cart, we store information about your purchases on our server which is uniquely linked to your browsing session and cannot be viewed by anyone else. You may give us information about you by filling in forms on our site www.vapedeli.co.uk (our site) or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use our site, search for a product, place an order on our site and when you report a problem with our site. The information you give us will include your name, address, date of birth, gender, e-mail address and phone number.
Information we collect about you. With regard to each of your visits to our site we may automatically collect the following information:
- Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, browser plug-in types and versions, operating system and platform;
- Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number; and
- Information from your account, including your email address will be retained if you create an account with us. This is so that our system can verify your registration and issue you with a personal password to allow you access to your member area. You can use your member account to store your personal data, for the purposes of making orders with Vape Deli. You can also use your account to sign up for email updates.
The 'remember me' feature is an automatic login process which creates a cookie containing a unique login ID, thereby avoiding the need to enter your login details upon subsequent visits to our site. Do not select this option if you share this computer with others since personal or member only information will be accessible by other users.
The cookies we use are "analytical" cookies. They allow us to recognise and count the number of visitors and to see how visitors move around the site when they are using it. This helps us to improve the way our website works, for example by ensuring that users are finding what they are looking for easily.
Here is a list of some of the cookies that we currently use. This is not necessarily a complete list of all cookies used. We’ve listed them here so you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
USES MADE OF THE INFORMATION
We use information held about you in the following ways:
Information you give to us will be used:
- To carry out our obligations arising from any contracts entered into between you and us and to provide you with the products that you order from us;
- To provide you with information about other goods we offer that are similar to those that you have already purchased or enquired about;
- To provide you with information about goods or services we feel may interest you. If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, and where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the registration form or the order form);
- To ensure that content from our site is presented in the most effective manner for you and for your computer.
Information we collect about you will be used:
- To administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- To improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- As part of our efforts to keep our site safe and secure;
- To make suggestions and recommendations to you and other users of our site about goods that may interest you or them.
DISCLOSURE OF YOUR INFORMATION
We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may share your information with selected third parties including:
- Business partners, suppliers and sub-contractors for the performance of any contract we enter into with you.
- Analytics and search engine providers that assist us in the improvement and optimisation of our site.
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If Vape Delicatessen Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions of supply or to protect the rights, property, or safety of Vape Delicatessen Limited, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
WHERE WE STORE YOUR PERSONAL DATA
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service here or Privacy Statement here.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at email@example.com.
Our site may, from time to time, contain links to and from the websites of third parties. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
ACCESS TO INFORMATION
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. Any access request may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you.