This policy adheres to the Data Protection Act 1998 and GDPR (EU Directive) 2018. For the purposes of this policy WP Fiddly Bits is the data controller.
WP Fiddly Bits: Bank House 6 – 8 Church Street, Adlington, Chorley, Lancashire, PR7 4EX
COLLECTION OF PERSONAL INFORMATION
WP Fiddly Bits may collect and use the following kinds of personal information:
- Information about how you use this website
- Information that you provide to us for the purpose of registering via this website
- Any other information that you send to WP FIDDLY BITS such as via a website form including:
- Email Address
- Telephone number
USE OF PERSONAL INFORMATION
By using this site, you consent to us processing and collecting the aforementioned data, on the terms and for the reasons which are explained below.
- Ensure that content from our site is presented in the most effective manner for you and for your computer.
- Provide you with information, products or services that you request from us where you have consented to be contacted for such purposes.
- Carry out our obligations arising from any contracts entered into between you and us.
- Allow you to participate in interactive features of our service, when you choose to do so.
- Send you our newsletters from time to time that you have positively consented to receive.
- Send you marketing communications that you have positively consented to receive.
- Internal record keeping
SECURING YOUR DATA
WP Fiddly Bits will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
WP Fiddly Bits will store all the personal information you provide securely and in accordance with UK data protection laws, but please be aware that any data which you send to our site is sent at your own risk.
Any payment transactions made to WP Fiddly Bits will be encrypted using SSL technology
The data that we collect from you will be transferred to, processed and/ or stored on secure servers located in the U.S. on the cloud based accounting software Xero. Servers have SSL Certificates issued by leading certificate authorities Entrust & GTE Cybertrust, with all data transferred between WP Fiddly Bits and the Service encrypted. Xero’s servers are located within enterprise-grade hosting facilities that employ robust physical security controls to prevent physical access to the servers they house, including: 24/7/365 monitoring and surveillance, on-site security staff and regular ongoing security audits. For more information on Xero’s adherence to GDPR click here.
WP Fiddly Bits uses GoCardless to process your payments using 256-bit SSL encryption. GoCardless adheres to the Data Protection Act 1988, is authorised by the Financial Conduct Authority under the Payment Services Regulations 2009 and has received ISO 27001 certification. Data collected by GoCardless may be transferred to, and stored at, a destination outside the European Economic Area. It may also be processed by staff operating outside the EEA who work for GoCardless or their suppliers. For more on how GoCardless complies with GDPR click here.
WP Fiddly Bits uses Stripe to process your payments, which has been audited by a PCI-certified auditor and is certified to PCI Service Provided Level-1. Stripe forces HTTPS for all service using TLS (SSL). For more on Stripe’s security click here. Stripe is certified under the EU-U.S. and the Swiss-U.S. Privacy Shield Framework, for more see Stripe’s Privacy Shield Policy. For more on how Stripe is GDPR compliant click here.
In the unlikely event that our systems are breached, we will inform the ICO immediately and adhere to their guidelines.
DISCLOSURE OF YOUR INFORMATION
We will never pass on your details to third parties without receiving your positive consent to do so.
We may disclose your personal information to any of our group companies (which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 736 of the UK Companies Act 1985) and also to third parties in the following circumstances:
- To any prospective seller or buyer of all (or part of) our business or assets
- If we are required to do so by law, any applicable regulation or to protect the rights, property, or safety of ourselves or others. This may include disclosing to other companies and organisations in connection with fraud protection and credit risk reduction.
ACCESS TO YOUR INFORMATION
Your data will be retained for up to 36 months, within which time WP Fiddly Bits will seek your consent to continue to hold such information.
If you no longer wish to be contacted in relation to information, products or services that you have previously requested from us, please contact us directly by emailing [email protected].
You have the right under the Data Protection Act to access the information which we hold about you. You have the right to have your information amended or deleted upon request. If you wish to exercise this right, please send your request to [email protected].
Following GDPR guidelines WP Fiddly Bits will answer and action all requests within 28 days of receipt.
UPDATES TO THIS POLICY
This agreement will be governed by and interpreted according to the law of England and Wales. All disputes arising under the Agreement will be subject to the exclusive jurisdiction of the English and Welsh courts.