Effective Date: 1st September 2024
1. Introduction
Carrot Top Marketing Ltd. (“we,” “us,” or “our”) is committed to protecting the privacy and security of your personal data. This Privacy Policy outlines how we collect, use, store, and protect personal data in compliance with the UK General Data Protection Regulation (UK GDPR).
2. Data Controller
Carrot Top Marketing Ltd. is the data controller responsible for your personal data. If you have any questions about this Privacy Policy or our data protection practices, please contact us at:
Carrot Top Marketing Ltd.
5 Spinnaker Mews
Southsea
PO4 9FA
E: sam@carrottopmarketing.co.uk
3. Data We Collect
We may collect, use, store, and transfer different kinds of personal data about you:
3.1 Identity Data
– First name
– Last name
– Username or similar identifier
– Title
– Date of birth
– Gender
3.2 Contact Data
– Billing address
– Delivery address
– Email address
– Telephone numbers
3.3 Financial Data
– Bank account details
– Payment card details
3.4 Transaction Data
– Details about payments to and from you
– Details of services you have purchased from us
3.5 Technical Data
– Internet protocol (IP) address
– Browser type and version
– Time zone setting and location
– Browser plug-in types and versions
– Operating system and platform
– Other technology on the devices you use to access our website
3.6 Profile Data
– Your username and password
– Purchases or orders made by you
– Your interests, preferences, feedback, and survey responses
3.7 Usage Data
– Information about how you use our website, products, and services
3.8 Marketing and Communications Data
– Your preferences in receiving marketing from us and your communication preferences
3.9 Special Categories of Personal Data
We do not intentionally collect special categories of personal data (such as details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). If you provide us with such data, we will only process it with your explicit consent or where permitted by law.
4. How We Collect Your Personal Data
We use different methods to collect data from and about you, including through:
4.1 Direct Interactions
You may give us your identity, contact, and financial data by filling in forms or by corresponding with us by post, phone, email, or otherwise.
4.2 Automated Technologies or Interactions
As you interact with our website, we may automatically collect technical data about your equipment, browsing actions, and patterns. We collect this personal data by using cookies, server logs, and other similar technologies.
4.3 Third Parties or Publicly Available Sources
We may receive personal data about you from various third parties and public sources.
5. How We Use Your Personal Data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
Performance of Contract: Where we need to perform the contract we are about to enter into or have entered into with you.
Legitimate Interests: Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
Legal or Regulatory Obligation: Where we need to comply with a legal or regulatory obligation.
Consent: Where you have provided your consent.
5.1 Purposes for Which We Use Your Personal Data
We have set out below a description of all the ways we plan to use your personal data, and the legal bases we rely on to do so:
– To register you as a new customer (Performance of Contract)
– To process and deliver your order (Performance of Contract)
– To manage our relationship with you (Legitimate Interests, Performance of Contract, Legal Obligation)
– To administer and protect our business and this website (Legitimate Interests, Legal Obligation)
– To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you (Legitimate Interests, Consent)
– To use data analytics to improve our website, products/services, marketing, customer relationships, and experiences (Legitimate Interests)
– To make suggestions and recommendations to you about goods or services that may be of interest to you (Legitimate Interests, Consent)
6. Disclosure of Your Personal Data
We may share your personal data with:
Service Providers: External third parties who provide IT and system administration services.
Professional Advisers: Including lawyers, bankers, auditors, and insurers who provide consultancy, banking, legal, insurance, and accounting services.
HM Revenue & Customs, Regulators, and Other Authorities: Who require reporting of processing activities in certain circumstances.
Date: 1st September 2024
Date Next Revision: September 2025