Seedlip takes your privacy very seriously. We appreciate and respect just how important it is to care for your personal data. Under applicable laws, for all of our services, Seedlip Ltd. is a Data Controller. You can contact us at any time with regards to your personal data via email@example.com. If you are a California resident, please see the California Consumer Privacy Statement for more information regarding our privacy practices and your rights.
This policy relates to your use of this website; the data you supply to us; and our use of that data.
Section 1: About Seedlip Ltd
Seedlip Limited ("Seedlip", "our", "we", or "us"), is located at 71-75 Shelton Street, London, WC2H 9JQ, United Kingdom (Company Registered Number: 09026119).
Section 2: What information do we collect & what do we with it?
YOUR PERSONAL INFORMATION
When you purchase something from our online store, as part of the buying and selling process, we collect the personal information that you give us: such as your name, address and email address. We use this information to process orders, arrange delivery and verify payments.
YOUR PAYMENT INFORMATION
We process payment information (such as your credit card information and billing address) that you provide to us but we do not store credit or debit card information. These details are simply passed securely to be authorized by your bank. We use internet security technology and standard encryption technology that scrambles your personal data when you give it to us. This process is known as Secure Sockets Layer (SSL) and helps protect your transaction.
YOUR USER INFORMATION
When you browse our website, we also receive information about where you have come from on the internet and how you are accessing our website – including for example part of your IP address, geographical location, the pages you visit and your browser type. We use this information to learn about shopper behavior and to improve our website and services so that you have a better shopping experience. We may also use this information to create lookalike audiences so that we can advertise via third party platforms and reach new potential customers that we think may like our product.
INFORMATION FOR MARKETING EMAILS
Basic personal details, including your name and email address, are also requested when you sign up in order to receive our email newsletters. Your email is used to send you editorial emails about the natural world and people doing amazing things, as well as news about Seedlip, special offers, first look at new products and other updates. Marketing and promotions may also be sent to you based on your shopping history; such as relevant cocktail recipes that you can make based on the products that you have bought.
From time to time, we may also advertise on Facebook or Instagram. The adverts we create on these platforms are shown to groups of people according to interests, shopping behaviors or on-Facebook activity. These data sets are made up of 1000+ individuals with shared characteristics. You can update your social media privacy settings within those social platforms in order to further limit any marketing you may be seeing.
The information about our customers that we use for marketing purposes is stored securely. You can easily change your preferences or execute your data rights at any time. If you would like to amend or remove your data from our server, please contact firstname.lastname@example.org who can put you in contact with our nominated DPO.
Section 3: Legal Basis for the Processing of Personal Information
Performance of a contract with you: This will apply where we need to take steps prior to entering into a contract with you. For example, where you have purchased a product from us and we need to use your contact details and payment information to complete a transaction, verify your credit card, place an order or arrange for a delivery of the product to you.
Compliance with law: This will apply where we are subject to a legal obligation and need to use your personal information in order to comply with that obligation.
For example, you will receive Service Emails with important information relating to your order. In certain jurisdictions, we are bound by legal obligations related to fraud, and contractual necessity under distance selling regulations, to send this information to you.
If you started, but did not complete the checkout process, we may also send you emails about items that are in your basket. Unless permitted by applicable law, this does not mean you will be sent further marketing emails that you have not consented to receive.
Consent: This will apply, for example, where you have provided your consent to receive certain marketing from us. Where required by applicable law, we will ask you directly for your expressed consent should you want to opt in to receive Seedlip marketing emails via a tick box or sign up form.
You may withdraw your consent at any time via the ‘unsubscribe’ link in any of our emails or by contacting us at email@example.com with the subject line UNSUBSCRIBE. Please note it may take 2 working days to stop receiving marketing emails.
Our legitimate business interests: This will apply where it is necessary for us to understand our customers, promote our services and operate effectively, provided in each case that this is done in a legitimate way which does not unduly affect your privacy and other rights. For example, we will rely on this legal basis when we conduct certain market analysis to understand our consumers in sufficient detail so we can create new products and improve the profile of our brands.
Section 4: Disclosure to third parties
We value your personal data and only share it with reputable third parties. From time to time we may disclose personal data to:
our service providers and subcontractors, including our affiliates, and/or third party websites (such as social media platforms or search engines) retained to perform functions on our behalf, or to provide services to us (such as warehousing and delivery) marketing and advertising (including by delivering online interest-based advertising on third party websites and social media platforms); credit card and data processing; age verification; software development; website hosting and management; information technology and office services; legal, accounting, audit and other professional service providers; and other services related to our business), provided such service providers and subcontractors have entered into written agreements with us and do not collect, use, or disclose the personal data for any purpose other than to perform such functions on our behalf, to provide services to us, or as otherwise required or permitted by law;
a person or entity, including our affiliates, in the event of a sale, merger, consolidation, change in control, transfer of substantial assets, financing, reorganisation, or liquidation whereby we transfer, sell, or assign to such third party information concerning your relationship with us, including without limitation, personal data that you provide and other information concerning your relationship with us;
law enforcement, governmental or regulatory agencies, or other third parties in order to comply with applicable law, or where we believe such action is necessary in order to comply with applicable law, or to detect, protect, or defend us and/or other third parties against error, negligence, breach of contract, theft, fraud, or other illegal or harmful activity, to comply with our audit and security requirements, or to audit compliance with our corporate policies, procedures, legal, or contractual obligations;
third parties where you have provided your consent. For example, we will obtain your permission before we allow a third party that is not an affiliate to send you any marketing and promotional information relating to that third party’s products or services; and
We may also share aggregate, non-specific information with selected third parties, or information that is reflective of your use of our website. This includes analytics and search engine providers that assist us in the improvement and optimization of our website.
If you have any concerns about our use of your data, please get in touch at firstname.lastname@example.org.
Section 5: Third party data processors
We work closely with two third-party data processers to help keep your data safe and ensure it is lawfully collected, processed and stored.
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you. Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall. All payment data is encrypted in accordance with the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
For more insight, you may also want to read Shopify’s Terms of Service and/or Privacy Statement at https://www.shopify.com.
Our marketing emails are sent using the Ometria platform. This acts as our customer database and also helps ensure that we have a secure system that allows us to date stamp when your personal data was collected, whether you consent to marketing, and allows us to amend or fully remove your data upon request.
Section 6: International transfers or personal data
The website may be hosted on servers located in countries outside of your own country. The laws applicable to the protection of personal data in such countries may be different from those applicable in your home country.
Whenever we transfer your information as described in the paragraph above, we will take steps which are reasonably necessary to ensure that adequate safeguards are in place to protect your personal data and to make sure it is treated securely. In particular, if you are located within the European Union or United Kingdom, we rely on approved data transfer mechanisms (for example, the EU “Standard Contractual Clauses” or the EU-US “Privacy Shield” or Adequacy Decision made by the European Commission) to ensure your information is subject to adequate safeguards in the recipient country. If you are located in the European Economic Area or United Kingdom, you may contact us using the contact details below for a copy of the safeguards which we have put in place to protect your personal data and privacy rights in these circumstances.
Section 7: Retention and your data rights
We are committed to safeguarding your privacy. We will not store your personal data for longer than we need to use it unless a longer retention period is required or permitted by law. After this period, it will be deleted or in some cases anonymised.
For example, where you have made a purchase with us, we will keep a record of your purchase for the period necessary for invoicing, tax and warranty purposes. We may also keep a record of correspondence with you (for example if you have made a complaint) for as long as is appropriate to protect us in the event of a legal claim.
Where we have collected the personal information based on your consent and we have no other lawful basis to continue with that processing, if you subsequently withdraw your consent then we will delete your personal information. However, please note that where you unsubscribe from our marketing communications, we will keep a record of your contact details to ensure we do not send you further marketing communications in future.
We review our marketing database every 18 months. If you have opted in to marketing, and not opened an email in 18 months, we will remove you from our marketing database unless you re-consent. We review our customer database annually. If you have not consented to marketing but have made a purchase via our website, we will keep your data for approximately 5 years after you have made a purchase from us.
YOUR PRIVACY RIGHTS
You may have certain rights that gives you full control over your personal data, which may include:
The right to access and obtain data we hold about you or in certain cases receive a machine-readable copy of your personal data. Proof of identity will always be required before any data can be released.
The right to rectify, restrict processing or remove any personal data (unless we have a legal right or obligation that requires retention of this data).
The right to unsubscribe from any of our marketing communications at any time or to amend your personal data marketing preferences. You can change your mind regarding any marketing communications by selecting update preferences or unsubscribe in email communication, or by contacting us email@example.com
The right to withdraw your consent to any processing of your personal information (where you had provided consent).
The right to object to the processing of your information for certain purposes.
The right to limit any automated decision making – such as emails we send you with relevant recipes related to purchase. Please see above.
These rights are subject to applicable law and do not extend to include non-personal, ‘unidentifiable’ personal data.
If you wish to exercise any of these rights, you may contact us at firstname.lastname@example.org or by writing to c/o The DPO, Seedlip Ltd, 71-75 Shelton Street, London, WC2H 9JQ. We will handle any request to exercise your rights in accordance with applicable law and any relevant legal exemptions
HOW TO MAKE A COMPLIANT
You have the right to complain to a data protection authority if you think we have processed your personal information in a manner which is unlawful or infringes your rights.
However, if you have such concerns, we suggest that you initially contact us (using the contact details above or in the “Further questions and contact information” section) so that we can investigate, and hopefully resolve, your concerns.
Section 8: Cookies
A cookie is a text-only string of information that a website transfers to the cookie file of the browser on your device’s hard disk. A cookie will typically contain the name of the domain from which the cookie has come, the "lifetime" of the cookie, and a value, usually a randomly generated unique number.
Cookies are useful because they allow a website to recognise a user’s device. You can find more information about cookies at: www.allaboutcookies.org.
We use four main types of cookies when you visit our website. Please find listed the types of cookies we use, and why:
Strictly Functional Cookies - these necessary cookies are essential if you want to use our website. Without these cookies, services such as “Add to Cart” may not work correctly and you won't be able to make a purchase.
Personalisation Cookies – these preference cookies allow us to remember certain information that may change the way the website behaves and looks. For example your preferred language, country and currency. Whilst you can use parts of the website without functionality cookies they make your experience of the website more relevant to you.
Statistical Cookies – these cookies help us to understand how users interact with our website and provide anonymised, statistical analysis & information. The information collected is used to help improve site experience and functionality as part of aggregated customer data, rather than being a cookie specific to your identity and your individual site usage. For example these cookies allow us to see which areas are most popular, identify when error messages occur and also allow us to test different features to see which works best.
Marketing cookies – these targeting and advertising cookies are used to deliver ads relevant to you, for example based on the products you look at. And they also help make sure that we don’t advertise products you don’t want to see! They help us to limit the number of times that you may see an online advert, and also help us measure the effectiveness of some of our digital marketing campaigns so we can improve how we advertise in the future.
By using our site, you agree to us placing these sorts of cookies on your device and accessing them when you visit the site. You can manage or delete cookies at any time.
You can enable or disable cookies by changing your website browser settings to accept or reject cookies as required. There are a few ways in which you can do this and it will depend on the web browser you use. Please visit www.allaboutcookies.org, or the “help” section in your browser should also give you easy to follow instructions on how to look at your cookie storage and history, and the action you can take.
If you do choose to delete or disable cookies, your activities will be restricted to browsing only and you will not be able to add products to your shopping bag and buy them. As with all data we collect, we will never abuse the information that these cookies track, and will only ever use that information in line with the above usage statements.
Section 9: Age restrictions
The website is not intended for children under 13 years of age, and we do not knowingly collect personal information from children under 13. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from, or about, a child under 13, please contact us at email@example.com.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you. We will let you know in advance should this scenario arise.
Section 11. Further questions and contact information
If you are a California resident, please see the California Consumer Privacy Statement for more information about our privacy practices and your rights.
If you would like to: access, correct, amend or delete any personal information we have about you or exercise any other rights you may have by law, register a complaint, or simply want more information, please contact our Data Protection Officer at firstname.lastname@example.org or by mail at Seedlip Ltd, 71-75 Shelton Street, London GB WC2H 9JQ.