Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By creating an account at www.starstock.co.uk you are accepting and consenting to the practices described in this policy.
For the purpose of the Data Protection Act 1998 (the Act), the data controller is StarStock Ltd of Mill House, 58 Guildford Street, Chertsey, Surrey, KT16 9BE.
INFORMATION WE MAY COLLECT ABOUT YOU
We may collect and process the following data about you:
Information you give us. You may give us information about you by filling in forms on our site www.starstock.co.uk (our site), corresponding with us by phone, e-mail or from general interactions with our website or marketing emails.
This includes information you provide when you register to use our site, subscribe to our service, search for a product, place an order on our site, participate in discussion boards or other social media functions or when you report a problem with our site.
The information you give us may include your name, address, e-mail address and phone number, financial and credit card information
Information we collect about you. With regards to each of your visits to our site we may automatically collect the following information:
- Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet and your login information.
- Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
- Marketing information and preferences like your account type / outlet style, the products you are interested in purchasing or hearing more information about
Information we receive from other sources. We may receive information about you if you use any of the other websites we operate or the other services we provide.
We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them if you have consented to them passing your data across to us.
HOW WE USE YOUR INFORMATION
We use the information you give to us in the following ways:
- to notify you about changes to our service
- to ensure that content from our site is presented in the most effective manner for you and for your computer.
- to carry out our obligations arising from any contracts entered into between you and the buyer or seller (as the case may be) and to provide you with the information, and services that you request from us.
- to provide you with information about other services we offer that are like those that you have already enquired about or are covered by your preference settings
- to provide you, or, based on your preferences, permit third parties to provide you, with information about goods or services to ensure that content from our site is presented in the most effective manner for you and for your computer.
- If you are an existing user, we will only contact you by electronic means (e-mail or SMS) with information aligned to the preferences you have set with us. If you are a new user, and where your data has been passed to selected third parties, we (or they) will contact you by electronic means only if you have consented to this.
You can update your contact preferences in the “My Account” section of our site or email us at email@example.com. Please note that StarStock is a platform through which Brandowners, Manufactures and suppliers sell direct. We are required to share your data with these sellers and as such, certain preference settings in the My account area stop our ability to trade with you as a customer
We use the information we collect about you;
- to notify you about changes to our service;
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to keep our site safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
- to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them.
Information we receive from other sources;
We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
DISCLOSURE OF YOUR INFORMATION
Based on your preferences, we may share your information with selected third parties including:
- Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them.
- Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others.
- Analytics and search engine providers that assist us in the improvement and optimisation of our site.
There are some circumstances where we may disclose your personal information to third parties regardless of your preferences:
- when processing is necessary for the performance of our contractual obligations to our customers
- in order to take steps to facilitate the set up of your customer account prior to you entering into a contract with StarStock
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If StarStock Ltd or substantially all its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data to comply with any legal obligation, or in order to enforce or apply our terms and conditions.
We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
How and where we store your personal data
All information you provide to us is stored on our secure servers. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
On our production servers (AWS) data is encrypted at the data storage level
Anonymised data will be stored and used in Staging, UAT and Dev (AWS)
The encryption used at the AWS RDS backup level is AES-256 (dictated by AWS) and at table column level is SHA-256 (dictated by Magento)
Outside of servers where data is stored locally. StarStock have policies in place to ensure the security of this data
How we transmit your data securely
All data automatically transferred between Starstock Systems and servers and between Starstock and its external partners systems and servers will be transferred using SSL
Where data is being passed between local systems and hardware, Starstock have policies in place to ensure the security of this data
RETENTION AND DELETION
We will retain all data we collect and store in a secure location for the duration of our trading relationship. If either party decides to end the trading relationship we will retain your data for a period of 3 years to facilitate re entry into a contract if required or the continuation of marketing activity in line with the preferences we hold for you. During this time we may continue to pass your data to our trusted partners unless you have revoked your consent for us to do so by contacting us at firstname.lastname@example.org
You may instruct us to provide you with any personal information we hold about you; provision of such information will be subject to:
(a)the payment of a fee (currently fixed at £10) and
(b)the supply of appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address).
We may withhold personal information that you request to the extent permitted by law.
You may instruct us at any time not to process your personal information for marketing purposes. by contacting us at email@example.com
In practice, you will usually either expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt out of the use of your personal information for marketing purposes.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
ACCESS TO INFORMATION
The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. Any access request may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you. Where we receive a valid access request from the data subject we will respond to this request within 4 weeks