Privacy Policy

This Privacy Policy describes how www.wildlone.com (the “Site” or “we”) collects, uses and discloses your personal data when you visit or make a purchase from the Site, in accordance with the UK’s Data Protection Act 2018 (“DPA”) and the General Data Protection Regulation (“GDPR”).

Collecting personal data

When you visit the Site, we collect certain information about your device, your interaction with the Site and information necessary to process your purchases. We may also collect additional information if you contact us for customer support. In this Privacy Policy, we refer to any information that can uniquely identify an individual (including the information below) as “Personal Data”. See the list below for more information about what Personal Data we collect and why. In contrast, information of a general nature that cannot be used to determine your identity is not Personal Data. This includes, for example, the number of users of a website.

We only collect and use Personal Data insofar as this is necessary to deliver a functional website and provide our products, content and services, including processing payments, fulfilling and shipping your order and keeping you up-to-date on new products, services and offers. 

Examples of Personal Data collected

Device information through log files

The Site collects a series of general data and information with each visit, and this data is temporarily stored in a log file.

Examples include:

    • browser type/browser version and operating system;
    • host name of the accessing end device;
    • IP address and device host name;
    • referral URL;
    • your interaction with the Site, e.g. products viewed and any search terms; and
    • cookie information (see our Cookie Policy).
Purpose of collection: to load and technically enable accurate delivery of the Site to your computer, and to perform analytics on Site usage to optimise our Site.
Source of collection: Collected automatically when you access our Site using cookies, log files, web beacons, tags or pixels.
Disclosure for a business purpose: shared with our processor, Shopify.
Order and customer support information
Examples include: name, billing address, shipping address, payment information (including credit card numbers), email address and phone number. 

Purpose of collection: 

    • to provide products or services to you to fulfil our contract;
    • to process your payment information, arrange for shipping, and provide you with invoices and/or order confirmations;
    • to communicate with you, screen our orders for potential risk or fraud, and when in line with the preferences you have shared with us;
    • to provide you with information or advertising relating to our products or services; and
    • Maintain our customer database, where relevant.
Source of collection: collected from you when you contact us via email, our contact form, telephone or social media, or place an order.
Disclosure for a business purpose: shared with our processor, Shopify.

 

Lawful basis

Pursuant to the DPA and GDPR, if you are a resident of the European Economic Area (“EEA”), we collect and process your Personal Data under the following lawful bases:

  • obtaining your consent;
  • the performance of the contract between you and the Site, fulfil our services and respond to enquiries;
  • compliance with our legal obligations;
  • to protect your vital interests; and
  • for our legitimate interests, which do not override your fundamental rights and freedoms. 

Data processing and transfer

Your Personal Data will be initially processed in Ireland and then will be transferred outside of Europe for storage and further processing, including to Canada and the United States. For more information on how data transfers comply with the GDPR, see Shopify’s GDPR Whitepaper: https://help.shopify.com/en/manual/your-account/privacy/GDPR.

Google Analytics

This Site uses Google Analytics to collect data for statistical and analytical purposes. We need this data to understand how you use the Site, in order to provide you with a user-friendly, optimised website and improve its design and functionality. This means that collected data is usually transmitted to a Google server in the USA, whereby IP addresses are anonymised (except in exceptional circumstances) and not merged with other Google data. Certain information is collected by default, for example, approximate geolocations and browser and device identifiers. 

For more information on how Google Analytics collects data, see How Google uses information from sites or apps that use our services and GA4 Data Collection. 

Google Analytics uses cookies to control and provide the service, please see our Cookie Policy for more information.

You can object to the collection and processing of this data by Google Analytics by setting an opt-out cookie that prevents the future collection of your data when you visit this website: http://tools.google.com/dlpage/gaoptout?hl=en.

Sharing Personal Data

We share your Personal Data with service providers that help us provide our products and services to you. These include: 

  • Shopify, which hosts our Site and online store. You can read more about how Shopify uses your Personal Data here: https://www.shopify.com/legal/privacy.
  • payment service providers (currently Shopify Payments, PayPal, Apple Pay and Google Pay). Please note: We do not collect or store any payment transaction information such as credit card numbers or bank details during the payment process. You provide this information directly to the respective payment service provider. 
  • postal and courier companies (currently Royal Mail, DHL or DPD). 

We may share your Personal Data to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

Retention

When you place an order through the Site, we will retain your Personal Data only for as long as necessary to fulfil the purposes for which we have collected it, or until you ask us to erase this information. For more information on your right of erasure, please see the ‘Your rights’ section below.

Automatic decision-making

If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.

We do not engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.

Our processor, Shopify, uses limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.

Services that include elements of automated decision-making include:

  • Temporary denylist of IP addresses associated with repeated failed transactions. This denylist persists for a small number of hours.
  • Temporary denylist of credit cards associated with denylisted IP addresses. This denylist persists for a small number of days.

Do Not Track

Please note that because there is no consistent industry understanding of how to respond to “Do Not Track” signals, we do not alter our data collection and usage practices when we detect such a signal from your browser.

Your rights

If you are a resident of the EEA, under the GDPR you have the right to access the Personal Data we hold about you, to port it to a new service and to ask that your Personal Data be corrected, updated or erased. If you would like to exercise these rights, please contact us through the contact information below. 

The Information Commissioner`s Office (ICO) is the relevant authority in the UK. The ICO is located at Wycliffe House, Water Ln, Wilmslow SK9 5AF, UK and their website can be found at www.ico.org.uk. We would, however, appreciate the chance to deal with your concerns before you approach the ICO or any other supervisory authority.

Updating your information

If you believe that the information we hold about you is inaccurate or that we are no longer entitled to use it and want to request its rectification, deletion or object to its processing, please contact us using the details provided. For your protection and the protection of all of our users, we may ask you to provide proof of identity before we can answer your request.

Keep in mind, we may reject requests for certain reasons, including if the request is unlawful or if it may infringe on trade secrets or intellectual property or the privacy of another user. Also, we may not be able to accommodate certain requests to object to the processing of Personal Data, notably where such requests would not allow us to provide our service to you anymore.

General

Minors

The Site is not intended for individuals under the age of 18. We do not intentionally collect Personal Data from children. If you are the parent or guardian and believe your child has provided us with Personal Data, please contact us at the address below to request deletion.

Links to other providers

If our website at any time contains clearly recognisable links to the websites of other providers, we have no influence on their contents. Therefore, no guarantee or liability can be assumed for these contents. The respective provider or operator of the pages is always responsible for the content of these pages.

Linked pages are checked for possible legal violations and recognisable infringements at the time of linking. Illegal contents were not recognisable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete indications of a legal violation. Such links will be removed immediately if infringements of the law become known.

Data breaches/notification

Databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised, and the notice will be accompanied by a description of action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.

Changes

We may update this Privacy Policy from time to time in order to reflect, for example, changes to our practices or for other operational, legal, or regulatory reasons and changes to the legal bases and relevant case law.

Data Controller and Contact

Wild Lone | The Ploughshare, Flowers Bottom Lane, Speen, Princes Risborough, Buckinghamshire, HP27 0PZ, United Kingdom | Email: info@wildlone.com | Web: www.wildlone.com

For more information about our privacy practices, if you have questions or wish to exercise your rights under applicable laws, please contact us by email or post.

Last updated: 07/08/2023