Chama Scents Limited
Privacy Notice – produced 28th September 2020
We have provided this Privacy Notice to meet the requirements of the General Data Protection Regulation (GDPR), ahead of the company commencing trading. GDPR came into force on 25th May 2018 and includes provisions on Privacy Notices in Articles 12, 13 and 14.
Chama Scents Limited is a newly formed company that has an online presence selling household products, primarily scents and candles.
What is a Privacy Notice?
A Privacy Notice is a statement by the company to its customers, regulators, the public and staff. It describes how we collect, use, retain and disclose the personal information that we hold.
Why issue a Privacy Notice?
Chama Scents Limited recognises the importance of protecting personal and confidential information in all that we do and takes care to meet its legal and regulatory obligations.
This Notice is one of the ways that we can demonstrate our commitment to the values of being transparent and open. It explains what rights you have to control how we use your information.
Legal basis for processing your information
We will only process your information if we have a lawful reason to do so. We make sure that you know how we use your information and to tell you about your rights.
We rely on the following specific conditions in Articles 6 and 9 of the GDPR to process your information:
6(1) (f) Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests.
What information do we collect from you, and why?
We may ask for or hold personal information about you that will be used to help us to process your orders and deliver an acceptable service. We will collect only the minimum necessary for the provision of our service.
This information may include:
- Basic details, such as name, date of birth, address, phone number, mobile number and email address (where you have provided it to us)
- Financial information where a transaction is required.
Most of your records are electronic and are held on a computer system and secure IT network.
How we use your information
- To enable us to provide our services
- To process financial transactions where required.
- To comply with any associated regulatory requirements
It helps you because:
- Accurate and up-to-date information enables us to provide you with the best possible service.
Where possible, when using information to inform future services and provision, non-identifiable information will be used.
How we keep your information safe and confidential
Chama Scents Limited is committed to keeping your information secure. Information is retained in secure electronic and paper records and access is restricted to those who need it. Security and access controls, operational policies and procedures are in place to protect your information.
The GDPR regulates the processing of personal information. Strict principles govern our use of information and our duty to ensure it is kept safe and secure.
Chama Scents Limited is registered with the Information Commissioners Office (ICO).
Everyone working for the company is subject to the Common Law Duty of Confidentiality, as well as the GDPR. Information provided in confidence will only be used for the purposes for which have consented, unless there are other circumstances covered by the law.
All of our staff are required to protect your information, inform you of how it will be used and to allow you to decide if and how this may be shared. This will be noted in your records.
Who we share your information with
We do not share your information with any other Third Parties, other than approved financial services companies that are processing your financial payments. This is undertaken solely for the purpose of the processing of financial transactions for goods and services procured.
Contacting us about your information
We have a senior person responsible for protecting the confidentiality of your information..
If you have any questions or concerns about the information we hold on you, the use of your information or would like to discuss further, please contact as below
How can I access the information you hold about me, and what are my rights?
Under the GDPR a person may request access to information (with some exemptions) that is held about them by an organisation. This is called a Subject Access Request. There is no fee for this unless a request is unfounded or excessive, particularly if it is repetitive. In that case, a reasonable fee may be charged.
To submit a Subject Access Request, please email to email@example.com
Your Rights under the GDPR Subject are:
1. Right to be informed
2. Right to access
3. Right of rectification
4. Right to erasure
5. Right to restriction of processing
6. Right to data portability
7. Right to object
8. Automated individual decision-making, including profiling
We will comply with your rights and our responsibilities as stated above
Data breaches under GDPR
Under the GDPR we have a duty to report certain types of breach to the Information Commissioner’s Office (ICO). If the breach creates a risk to your rights and freedoms, we will notify you without undue delay and the ICO within 72 hours of becoming aware of the breach, where possible.
If the breach is likely to bring a high risk of adversely affecting your rights and freedoms, we will also inform you without undue delay.
Contacting us if you have a complaint or concern
We try to meet the highest standards when collecting and using personal information. We encourage people to bring concerns to our attention and we take any complaints we receive very seriously. You can submit a complaint through to us at:
Following your complaint, if you are still dissatisfied with our decision you may wish to contact:
Information Commissioner’s Office
You can find more information on their website at www.ico.org.uk The Information Commissioner will not normally consider an appeal until you have exhausted your rights of redress and complaint to the Trust.