GDPR & PRIVACY POLICY

General Johnson Bespoke Ltd uses your personal data:
– for legitimate business reasons to provide goods and services to you;
– to make a tailored website available to you;
– to verify your identity;
– for crime and fraud prevention, detection and related purposes;
– with your implicit agreement, to contact you electronically about promotional offers, courses, products and services which we think may interest you;
– for market research purposes – to better understand your needs;
– to enable Johnson Bespoke Ltd to manage customer service interactions with you – to manage any registered customer account(s) that you hold with us on our CRM system (Customer Relationship Management) and accounting software.

Johnson Bespoke Ltd Promotional communications
Johnson Bespoke Ltd uses your personal data for electronic marketing purposes (with your explicit consent) Johnson Bespoke Ltd aims to update you about products, courses and services which are of interest and relevance to you as an individual. You have the right to opt out of receiving promotional communications at any time, by:

1. making use of the simple “unsubscribe” link in emails

2. contacting Johnson Bespoke Ltd via the contact channels set out in this Policy.

Sharing data with third parties
Our service providers and suppliers In order to make certain services available to you, we may need to share your personal data with some of our service partners. These include IT, delivery and marketing service providers.

Johnson Bespoke Ltd only allows its service providers to handle your personal data when we have confirmed that they apply appropriate data protection and security controls. We also impose contractual obligations on service providers relating to data protection and security, which mean they can only use your data to provide services to Johnson Bespoke and to you, and for no other purposes.

Other third parties
Aside from our service providers, Johnson Bespoke Ltd will not disclose your personal data to any third party, except as set out below. We will never sell or rent our customer data to other organisations for marketing purposes.

We may share your data with:
– credit reference agencies where necessary for card payments;
– governmental bodies, regulators, law enforcement agencies, courts/tribunals and insurers where we are required to do so:
– to comply with our legal obligations;
– to exercise our legal rights (for example in court cases);
– for the prevention, detection, investigation of crime or prosecution of offenders; and –
for the protection of our employees and customers.

 

International transfers
To deliver products and services to you, it is sometimes necessary for Johnson Bespoke Ltd to share your data outside of the European Economic Area. This will typically occur when service providers are located outside the EEA or if you are based outside the EEA. These transfers are subject to special rules under data protection laws.

If this happens, we will ensure that the transfer will be compliant with data protection law and all personal data will be secure. Our standard practice is to use ‘standard data protection clauses’ which have been approved by the European Commission for such transfers.

How long do we keep your data?
We will not retain your data for longer than necessary for the purposes set out in this Policy. Different retention periods apply for different types of data, however the longest we will normally hold any personal data, once legitimate business has stopped, is 6 years.

Johnson Bespoke Ltd may collect the following information about you:
– your name and gender;
– your contact details: postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and e-mail address;
– purchases and orders made by you;
– your on-line browsing activities on the Johnson Bespoke Ltd website;
– your password(s);
– when you make a purchase or place an order with us, your payment card details;
– your communication and marketing preferences;
– your interests, preferences, feedback and survey responses;
– your location;
– your correspondence and communications with Johnson Bespoke Ltd and
– other publicly available personal data, including any which you have shared via a public platform (such as a Twitter feed or public Facebook page).

Our websites are not intended for children and we do not knowingly collect data relating to children.

This list is not exhaustive and, in specific instances, we may need to collect additional data for the purposes set out in this Policy. Some of the above personal data is collected directly, for example when you set up an on-line account on our website, or send an email to our customer services team. Other personal data is collected indirectly, for example your browsing or shopping activity. We may also collect personal data from third parties who have your consent to pass your details to us, or from publicly available sources.

Our controls
Johnson Bespoke Ltd is committed to keeping your personal data safe and secure.
Our security measures include:
– encryption of data;
– regular cyber security assessments of all service providers who may handle your personal data;
– regular scenario planning and crisis management exercises to ensure we are ready to respond to cyber security attacks and data security incidents;
– daily penetration testing of systems;
– security controls which protect the entire Johnson Bespoke Ltd IT infrastructure from external attack and unauthorised access; and
– internal policies setting out our data security approach and training for employees.

Johnson Bespoke Ltd sends invoices from info@johnsonbespoke.co.uk, accounts@johnsonbespoke.co.uk or messaging-service@post.xero.com If the email or invoice looks suspicious or you are unfamiliar please contact us on 01424 443282. Johnson Bespoke Ltd will never ask you to confirm any bank account or credit card details within an email. If you receive an email claiming to be from Johnson Bespoke Ltd asking you to do so, please ignore it and do not respond.

You have the following rights:

– the right to ask what personal data that we hold about you at any time, subject to a fee specified by law (currently £10);
– the right to ask us to update and correct any out-of-date or incorrect personal data that we hold about you free of charge; and
– (as set out above) the right to opt out of any marketing communications that we may send you. If you wish to exercise any of the above rights, please contact us using the contact details at the bottom of this page.

Legal basis for Johnson Bespoke processing customer personal data

Johnson Bespoke Ltd collects and uses customers’ personal data because is it necessary for:
– the pursuit of our legitimate interests (as set out below);
– the purposes of complying with our duties and exercising our rights under a contract for the sale of goods to a customer; or
– complying with our legal obligations.

In general, we only rely on consent as a legal basis for processing personal data in relation to sending direct marketing communications to customers via email. Customers have the right to withdraw consent at any time.  Where consent is the only legal basis for processing, we will cease to process data after consent is withdrawn.

Our legitimate interests

The normal legal basis for processing customer data, is that it is necessary for the legitimate interests of Johnson Bespoke Ltd, including:-
– selling and supplying goods, courses and services to our customers;
– protecting customers, employees and other individuals and maintaining their safety, health and welfare;
– promoting, marketing and advertising our products, courses and services;
– sending promotional communications which are relevant and tailored to individual customers, and explicitly consented to do so
– understanding our customers’ behaviour, activities, preferences, and needs;
– improving existing products and services and developing new products and services;
– complying with our legal and regulatory obligations;
– preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies;
– handling customer contacts, queries, complaints or disputes;
– managing insurance claims by customers;
– protecting Johnson Bespoke Ltd, its employees and customers, by taking appropriate legal action against third parties who have committed criminal acts or are in breach of legal obligations to Johnson Bespoke Ltd;
– effectively handling any legal claims or regulatory enforcement actions taken against Johnson Bespoke Ltd; and
– fulfilling our duties to our customers, colleagues, shareholders and other stakeholders.

How this site uses cookies

All of these web pages use “cookies”. A cookie is a small file of letters and numbers that we place on your computer or mobile device if you agree. These cookies allow it to distinguish you from other users of the website, which helps provide you with a good experience when you browse the website and provide Johnson Bespoke Ltd data about how the site is used, to improve its design and your experience.

Types of cookies used
The following types of cookies are used:
Strictly necessary cookies – these are essential in to enable you to move around the websites and use their features. Without these cookies the services you have asked for, such as leaving a comment clicking through a slideshow, cannot be provided.
Performance cookies – these cookies collect information about how visitors use a website, for instance, which pages visitors go to most often. This information is used to improve a website and to investigate any browsing problems raised by visitors. These cookies may collect information that identifies a visitor. Functionality cookies – these cookies allow the website to remember choices you make and provide more personal features. For instance, a functional cookie can be used to remember the volume level you prefer to use when watching videos on a website. These cookies cannot track your browsing activity on other websites.

Specific cookies used on this site Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies and see what cookies have been set for this website please read our cookie policy.

If you have any questions about how Johnson Bespoke Ltd uses your personal data that are not answered here, or if you want to exercise your rights regarding your personal data, please contact us by any of the following means:
– phone us on: 01424 443282
– e-mail us at: info@johnsonbespoke.co.uk
– write to us at: Johnson Bespoke Ltd, Burgess Road, Hastings, East Sussex, TN35 4NR

You have the right to lodge a complaint with the Information Commissioner’s Office. Further information, including contact details, is available at https://ico.org.uk.