Please be aware: we have recently seen cases of a fraudulent website and social account using our logo and images. Do not share your details with these sites, and always look for the blue tick on Instagram and Facebook. Visit our security page for more information.
Back to top

Privacy


Seasalt Limited ("Seasalt", "we", "us" or "our") is a company incorporated in England and Wales with company number 02259954. Our registered office is Unit 8, Falmouth Business Park, Bickland Water Road, Falmouth TR11 4SZ.

We collect personal data from you when you shop with us.   Keeping your data safe is a priority for us at Seasalt, and we respect your privacy.  We will only use your personal data lawfully and in accordance with applicable data protection and privacy laws.  

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, or that we obtain from other sources will be processed by us when you:

  • use our website: www.seasaltcornwall.com;
  • use our mobile applications;
  • visit our stores;
  • use our services;
  • purchase products from us, or one of our partners; and/or
  • use our online portal for distributors.

For the purpose of data protection laws, we are the controller and we are registered as a controller with the Information Commissioner's Office under number Z7017081.  

 

WHAT SORT OF DATA WILL WE COLLECT ABOUT YOU?

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data) and relates only to living individuals.

We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

  • Identity data includes your name, maiden name, last name, username or similar identifier, title, date of birth and gender.  
  • Contact data includes billing address, delivery address, email address and telephone numbers.
  •  Financial data includes bank account and payment card details.
  • Transaction data includes details about payments to and from you, returns and other details of products and services you have purchased from us.
  • Technical data includes internet protocol (IP) address, device number, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
  • Profile data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
  • Usage data includes information about how you use our website, products and services.
  • Marketing and communications data includes your preferences in receiving marketing from us and our third parties and your communication preferences.

We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated Data could be derived from your personal data but is not considered personal data as this data will not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.

We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

If you fail to provide personal data?

Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.


1. BASIS FOR PROCESSING PERSONAL DATA

The sections below explain how and why we process your personal data, as well as the legal basis on which we carry out this processing.   The law requires us to have a legal basis for collecting and using your personal data. We rely on one or more of the following legal bases:

  • Performance of our contract with you: Where we need to perform the contract we are about to enter into or have entered into with you.
  • Legitimate interests: We may use your personal data where it is necessary to conduct our business and pursue our legitimate interests, for example to prevent fraud and enable us to give you the best and most secure customer experience. We make sure we consider and balance any potential impact on you and your rights (both positive and negative) before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
  • Legal obligation: We may use your personal data where it is necessary for compliance with a legal obligation that we are subject to. We will identify the relevant legal obligation when we rely on this legal basis.
  • Consent: We rely on consent only where we have obtained your active agreement to use your personal data for a specified purpose, for example for email marketing or if you subscribe to an email newsletter.

 

1.1.   To enter contracts with you and facilitate returns:  

When you order products from us, we will process your personal data, including identity, contact, financial, and transaction data to register you as a customer and process your order so that we can deliver our products to you. We need your date of birth in order to make sure you are over 18 and legally entitled to contract with us.

This includes:

1.1.1.Sharing your personal data with our payment system provider to process your payment or refund in respect of a return. The lawful basis for processing:  Performance of our contract with you.

1.1.2.Sharing your personal data with delivery companies to deliver your purchases and keep you informed of their status, and to process any returns including (where applicable) collecting the item from you. The lawful basis for processing:  Performance of our contract with you.

1.1.3.Where you consent, our chosen payment processors may store your payment card details at your request to speed up your checkout in the future.  The lawful basis for processing:  Consent.

 

1.2.   To manage your Seasalt account:

We use your personal data to provide you with access to your account.  We store your personal data including identity, contact and profile data (including your password), to create, update and register that account.  We do this to manage and provide you with access to your account and provide you with the services you request.  

The lawful basis for processing: Performance of our contract with you.

 

1.3.   To detect and prevent fraudulent transactions:

We use your identity, contact, financial and transaction data for fraud prevention purposes, the prevention of other illegal activities and to verify who you are.  For example, by checking your delivery addresses to identify potentially fraudulent transactions by third parties (eg if someone were to use your bank card).

The lawful basis for processing: Our legitimate interest in keeping our systems and your account safe and protect our customers from fraud and theft.  

 

1.4.   To protect our customers, premises, assets and staff from crime:

We operate CCTV systems at our stores which record images for:

1.4.1.the prevention and detection of crime

1.4.2.ensuring operational efficiency

1.4.3.analytics purposes, and

1.4.4.the protection of our staff, customers and products. This includes for the investigation of accidents, criminal activities and policy breaches.

Images and footage captured by CCTV may include identity data if a person can be identified. If we discover any criminal activity or alleged criminal activity through our use of CCTV, fraud monitoring and suspicious transaction monitoring, we will process this data for the purposes of preventing or detecting unlawful acts.

The lawful basis for processing: Our legitimate business interest in identifying and preventing crime at our premises and stores and keeping our staff and customers safe.  

 

1.5.   To fulfil our legal obligations:

Sometimes we may need to use your personal data to ensure we comply with any requirements imposed on us by law or court order, including disclosure to law or tax enforcement agencies and authorities or pursuant to legal proceedings.

1.5.1.We use your identity, financial, transaction and profile data to assist in monitoring for fraudulent transactions or suspected money laundering.

1.5.2.We maintain a record of any health and safety incidents that occur in our stores or in our premises which may include identity data where they affect you. We will share such data with regulatory and other official bodies if they make formal requests.

1.5.3.We will maintain records which include financial and transaction data in order to meet regulatory and tax requirements.

1.5.4.We will use your contact data and/or profile data to contact you in connection with product recalls or other similar product quality issues.

1.5.5.We will use your contact data to inform you about product recall notices and to provide other legally required information relating to your purchase.

The lawful basis for processing: Legal obligation. 

1.6.   To provide customer services:

1.6.1.We use your identity, contact, financial and transaction data to respond to your queries, refund requests and occasional complaints. We occasionally live-monitor calls to our customer services team. We do not record calls. We also keep records of telephone calls, emails and postal correspondence from you.  We do this for training and monitoring reasons.   We may also keep a record of calls and other communications to inform any future communication with us, to demonstrate how we communicated with you throughout, for quality monitoring, for the defence of claims and to improve our products and services.

1.6.2.We may use automated machine learning systems to generate responses when you communicate with our customer services teams.  These systems help us to respond quickly to common issues and improve response times for customers.

1.6.3.When you leave a product review for us on our website, we may use your email address to verify your review.

1.6.4.In addition, we sometimes like to surprise our customers on their birthday – so if you like a nice surprise then do let us know what your date of birth is.  

1.6.5. Where you have  purchased products from us we may use identity, contact and marketing and communications data to contact you by email or text about similar products provided that you have not opted-out of receiving this information.  

Lawful basis for processing:  Our legitimate interest in marketing to you and to keep you updated with products we think may be of interest to you based on previous transactions.  The lawful basis for processing: Our legitimate interests in providing you with the best service and understanding how we can improve our service and products based on your experience.

 

1.7.   To personalise and improve your experience when you shop with us, in store and online:

1.7.1.We use your technical, usage and transaction data to record how you interact with our websites and any marketing you are exposed to in order to offer a tailored experience when you interact with our website.

1.7.2.We use technical, usage, transaction and profile data and third party data to create a profile about you, which helps us to tailor your shopping experience, to show you products and offers that we think you will be most interested in, and find ways to improve our stores and websites.  In addition, we may use financial data, namely the unique tokenised reference number for your payment card and use this to match it to your profile data to better inform the tailoring of the shopping experience. Note:  we do not process or store any card information.  This is only processed by your card company.

1.7.3.We use your profile data and technical data about the devices you use to access our website and your interactions with us to operate personalised features across our website and marketing communication directed to you.

1.7.4.In our stores we use CCTV footage, which may include identity data, for market research purposes so that we can best arrange our stores and stock the ranges our customers will be most interested in.

1.7.5.We will use contact and transaction data to send you a receipt by email if you have requested this when you shop in one of our stores.

1.7.6.We may also use your technical and usage data to develop, test and improve the systems, services and products we provide to you by for example, recording your browser’s Session ID to help us understand your online feedback better if you are having any problems on the site.

The lawful basis for processing: Our legitimate interest in providing a personalised shopping experience and improving our systems and products.  Where the above purposes rely on cookies or similar technologies, the lawful basis will include any consent you provide for the use of such cookies or similar technologies.   

 

1.8.   To resolve issues with, develop, test and improve our website:

1.8.1.We use usage data about how you browse and engage with our website to improve our website.

1.8.2.We use technical data derived from cookies and other similar technologies to keep track of your preferences when using our website.  

1.8.3.We use technical data derived from cookies and similar technologies to help us understand how you use the website.  This allows us to optimise your shopping experience and continually improve our website.  

1.8.4.We'll use your technical data and usage data to identify and resolve any problems and protect the integrity of our websites.  

1.8.5.We’ll process your technical data and usage data (such as a browser's Session ID) to help us understand your issue when you leave us online feedback about any problems you're having.

1.8.6.We use your technical data for data analytics, logistics planning, demand forecasting, management information, dealing with errors on our website, and general research and development as it is necessary to keep the business running efficiently. To do this we may share your personal data with the third party analytics and search engine providers that assist us in the improvement and optimisation of our website.

1.8.7.We gather data about any devices you use to access our sites (for example your IP address and device type) to ensure the website is secure and works across multiple platforms.

The lawful basis for processing:  Our legitimate interest in ensuring our websites work effectively.  Where the above purposes rely on cookies or similar technologies, the lawful basis will include any consent you provide for the use of such cookies or similar technologies.  

 

1.9.   To develop and improve our products and services:

1.9.1.We share anonymised and aggregated transaction data with our manufacturers and the companies whose products we sell. This is necessary to help them better understand our customer demographic by identifying who is interested in and/or who buys our products.

1.9.2.We work with data providers that specialise in consumer profiling, such as Experian.  These organisations provide demographic or other data as it is necessary to help us better understand customers' demographics, lifestyles or shopping behaviours, usually linked to the areas where people live. This helps us to understand our customers better and provide products and services that people will want to purchase.

Lawful basis for processing: Our legitimate interest in understanding our customers’ needs and behaviours to provide the products we think they want and to provide a better shopping experience.

 

1.10.  To  enable you to partake in a prize draw or competition: 

1.10.1.   If you enter any of our prize draws or competitions we will need to use your identity and contact data to administer your entry, let you know if you have won, and to comply with the Committee of Advertising Practice’s (CAP) Code.  

The lawful basis for processing: Performance of our contract with you.

 

1.11.  To send you market research, survey and feedback requests:

1.11.1.   We may use your identity, contact and marketing and communications data to send you market research, survey and feedback requests. You will always have the choice about whether to take part in our market research or surveys or provide feedback.  This information helps make our products or services more relevant to you. These messages will not include any promotional content.   

The lawful basis for processing:  Consent for the purposes of sending marketing communications and our legitimate commercial interests to study how customers use our products/services and to help improve our products and services.

 

1.12.  To operate your Seasalt Friends membership:

For Seasalt Friends members, we will use your identity, contact, profile and marketing and communications data to register a new membership and then to provide you with relevant details about benefits of membership including offers and information.  We may also use your profile data together with transaction and technical data to use your shopping preferences to offer you tailored rewards available only to Seasalt Friends. If you don't want to continue receiving Seasalt Friends offers, you'll be unable to continue your Seasalt Friends membership.  

The lawful basis for processing:  Consent.

 

1.13.  To engage with you on social media:

1.13.1.   We use identity, usage, technical and marketing and communications data to engage with you on social media.

1.13.2.   We place targeted advertising in social media. You may receive advertising based on technical data about you that we have provided to a social media platform or allowed it to collect using cookies or similar technologies on our website or code in our applications (or a combination of the two). For some of our marketing campaigns, we may use this data to exclude you from receiving advertising, if we believe it will not be relevant to you.

1.13.3.   You may also receive advertising because, at our request, the social media platform has identified you as falling within a group whose attributes we have selected or a group that has similar attributes to the individuals whose details it has received from us (or a combination of the two).

1.13.4.   If you interact with us on social media, we use this your social media username or identifier to help us respond to your comments, questions or feedback.

1.13.5.   If you upload your photographs to social media using the hashtag #WearingSeasalt, your photographs may be published on our website along with your name.

1.13.6.   We view statistical data and reports regarding your interactions with the pages and accounts we administer on social media platforms.

1.13.7.   To find out more, please refer to the information provided in the help pages of the platforms on which you receive advertising from us.

The lawful basis for processing:  Our legitimate interest to engage with you via social media and to advertise our products.  Where the above purposes rely on cookies or similar technologies, the lawful basis will include any consent you provide for the use of such cookies or similar technologies.

 

1.14.  To provide products to others:

1.14.1.   Where you have provided identity and contact data about another person (for example, where you order goods as a gift to be delivered to someone else), we need to process such personal data in order to provide these products to the other person or people. This will include sharing their personal data with delivery companies. We need to process their personal data in this way to be able to provide them with the products you have ordered for them from us.

The lawful basis for processing:   Our legitimate interest to provide the person you have identified and requested with the products you have ordered.

 

1.15. Direct marketing:

1.15.1.   Seasalt will use your identity, contact, usage and marketing and communications data, for text, electronic or postal marketing purposes (depending on your preferences) and may send you our catalogues or special offers.

The lawful basis for processing:  Our legitimate interest in marketing to you and to keep you updated with products we think may be of interest to you.

1.15.2.   If you have expressly opted in to receive marketing communications from us, we will process your personal data to provide you with marketing communications in line with the preferences you have provided.  

The lawful basis for processing:  Consent. 

1.15.3.   If you have expressly opted in via our site to receive marketing communications from a third party, we will process your personal data by transferring it to the relevant third party.  The lawful basis for processing:  Consent. 

1.15.4.   If you have provided us with your name and address, we may send you information about our products and offers through the post.

Lawful basis for processing:  Our legitimate interest in marketing to you and to keep you updated with products we think may be of interest to you.

 

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.

 

You are not under any obligation to provide us with your personal data for marketing purposes, and you can opt out or withdraw your consent to marketing at any time by contacting us (please see section 12) or, where relevant, by following the unsubscribe link in electronic marketing communications you receive from us or, in the case of texts, by texting STOP. If you do choose to withdraw your consent, this will not mean that our processing of your personal data before you withdrew your consent was unlawful. If you opt out of receiving marketing communications, you will still receive product-related communications that are essential for administrative or customer service purposes for example relating to order confirmations for a product.

 

1.16.  Influencers

1.16.1.   If you work with us as an influencer, we may collect your identity and contact data. This includes images of you (and, if you work with us through paid partnerships and your children are included in your images, we’ll collect their images too), and clothing size. We use your identity and contact data to engage with you and to administer events. We may use your address to send presents to you, and we may post your images on our own social media pages and Seasalt websites.

Lawful basis for processing:  Our contract with you.

 

1.17.  Finally…

1.17.1.   We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us (see section 12).

1.17.2.   If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.  

1.17.3.   Please note that we may process your personal data without your knowledge or consent, in compliance with the relevant legislation, where this is required or permitted by law.

 

1.18.  Further information.

For more information about the purpose and scope of data collection and processing in connection with social sharing features or your use of the social media platforms, please visit the privacy policies of the respective entities at the following links:

1.18.1.   Facebook and Instagram - https://en-gb.facebook.com/policy.php

1.18.2.   X (formerly Twitter) - https://twitter.com/en/privacy

1.18.3.   YouTube - https://policies.google.com/privacy?hl=en

1.18.4.   TikTok - https://www.tiktok.com/en/privacy-policy

1.18.5.   Pinterest- https://policy.pinterest.com/en/privacy-policy

1.18.6.   LinkedIn - https://www.linkedin.com/legal/privacy-policy


2  THIRD PARTIES WITH WHOM WE SHARE DATA AND FROM WHOM WE RECEIVE DATA 

We may share your personal data about you the third parties set out below for the purposes set out in section 1 above.  

We share personal data with, and may have received your data from, the following parties:

2.1  analytics providers such as Google;

2.1.1       We may share your personal details to allow research and analytics companies and feedback providers to contact you directly on our behalf in order to capture your opinions on our products, services, websites and apps.

2.1.2       We may ask these research companies to analyse the results so that we can better understand your online experience, which will help us to improve our services. We only provide them with the data they need to perform their function. This may take the form of a survey, where you may be asked to review a product or service you’ve bought or provide general feedback on our products and services. You will always have the choice about whether to take part in our market research or surveys.

We may also share data with specialist companies to analyse customer data to help us better understand how you use our services and to tailor products, services and offers that may be relevant for you. We utilise companies that help us track and record the way you navigate our website, so that we can understand your online experience and use it to improve our services and offer a more personalised experience.

2.2  advertising companies who help us manage our electronic communications to you and assist us in deciding on the advertising you are most likely to be interested in, marketing companies who help with the management of our email communications, and services that deploy advertising on the internet and social media platforms, such as Meta and Google, as well as providing us with analysis of the effectiveness of those campaigns;

2.3 IT companies who support us in maintaining our website and other business systems including our phone lines, data storage facilities and Cloud based infrastructure.

2.4 We share Contact, Financial and Transaction Data from providers of technical, payment and delivery services such as Royal Mail, DHL and DPD.  The delivery companies we share data with are:

2.4.1       DPD - https://www.dpd.co.uk/privacy_policy.jsp

2.4.2       Royal Mail - https://www.royalmailgroup.com/en/site/privacy-notice/

2.5 We share data with Consumer profiling organisations who provide demographic and other data to help us understand our customers’ demographics, lifestyles and shopping habits.  

2.6  We share Identity and Contact Data from and with aggregators such as Experian.  Experian who manages prospect pools on behalf of UK retailers. Their details are as follows:

Experian

Visit www.experian.co.uk/cip

Email customerservices@uk.experian.com

Phone 0115 828 6738

Experian also analyse information about what our customers buy in order to help us understand your buying patterns. This helps us plan what we send you, based on what you like to buy. They also help us to ensure that you don’t hear from us if you don’t want to therefore if you’ve told us that you don’t want to receive another catalogue from us, we’ll share your information with them to ensure you’re added to a suppression list. In addition, they analyse what sort of products might interest you and pass your name and address to companies whose products are likely to appeal to you.

 

2.7  We may share your personal data with other third parties to serve ads on our behalf across the internet. They may collect anonymous information about your visits to seasaltcornwall.com, and your interaction with our products and services. They may also use information about your visits to this and other websites to target advertisements for goods and services. This anonymous information is collected through the use of a pixel tag. A pixel tag is industry standard technology used by most major websites.

 

2.8  If you enter a competition that Seasalt is hosting with a partner, we may need to share your identity and contact data with them to fulfil your prize.  

 

2.9  If you work with us as an influencer, we may have received your information from an influencer agency.

 

2.10  We may also share data with third parties such as fraud detection agencies when we transact with you, so we can verify that you are actually you, and not an imposter.  These organisations will report to us on industry fraud indicators and if they have reason to believe an identity is fraudulent.  If we have reason to suspect fraud or other criminal offences, we will pass your personal data to fraud prevention agencies or the police for the detection, investigation and prevention of crime.  If we think there is a risk of fraud, we may suspend activity on your account or refuse or cancel your order.  

 

2.11 To improve your customer experience and understand where our customers find us, Seasalt use marketing tools from IBM

 

2.12  We partner with Forter to prevent online fraud and provide secure online payment services.  For more information see https://www.forter.com/services-privacy-policy/

 

2.13  We have partnered with Global-e, a third party who we have appointed to sell our products around the world via this site. If you are visiting our site from outside the UK, Global-e is the seller-on-record and you can make your purchases in your local currency and ship your Seasalt order worldwide. When you buy your Seasalt products from Global-e, you will see that your payment method is charged by Global-e//Seasalt, and the purchase is subject to Global-e’s Terms and Conditions and Privacy Policy (which will be clearly presented in checkout before you place the order). Global-e's Terms and Conditions set out all your rights and remedies as regards the sale of our products, delivery, cancellations and returns when dealing with Global-e. Global-e is responsible directly to you for the processing of your personal data in connection with such sales and details of their processing are set out in their privacy policy. Click here for Global-e’s terms and conditions of sale and their privacy policy.

 

2.14  We may share your personal data where necessary with third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy policy.

 

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.


3  COOKIES

Our website uses cookies (a small file of letters and numbers that we store on your browser or computer) and other similar technologies such as web beacons and pixel tags ("cookies") to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our website. By continuing to browse the website, users are agreeing to our use of cookies.

We only use (and store) non-essential cookies on your computer's browser or hard drive if you provide your consent.

Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website.

Please refer to our Cookie Policy for more information on Cookies.


4 UK AND EU USERS: INTERNATIONAL TRANSFERS OF YOUR PERSONAL DATA

Our main operations are based in the UK and your personal data is generally processed, stored and used within the UK. If you place an order with us and you are outside of the UK, we will transfer the personal data that we hold on you to the UK to facilitate your order and may also transfer your personal data to third parties located in your country of residence to enable us to supply products you order from us. If and when this is the case, we take steps to ensure there is an appropriate level of security, so your personal data is protected in the same way as if it was being used within the UK.

Third parties with whom we share your data may be based outside the UK and EEA and their processing of your personal data may involve a transfer of data outside the UK and EEA. For more information, please refer to the privacy policy links for such third parties in this privacy policy and/or in our consent management platform..

Whenever we transfer personal data out of the UK and the EEA, if the recipient country has not been determined by the UK government and European Commission as providing an equivalent adequate level of protection , we will ensure that we perform a risk assessment and ensure that at least one of the following safeguards is implemented:

4.1  The use of European Commission approved standard contractual clauses in contracts for the transfer of personal data to third countries; and/or

4.2  The UK's International Data Transfer Agreement or Addendum for the transfer of personal data to third countries.

4.3  If further information on the specific mechanism used by us when transferring your personal data out of the UK and/or EEA is required, please contact us directly (please see section 12).


5 DATA SECURITY

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.

 

All information you provide to us is stored on secure servers. All information you provide to us is transmitted using TLS encryption and is stored on our secure servers behind firewalls. We limit access to our servers to ensure that your information is not viewable by any unauthorised parties. Your personal data will only be processed by those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

 

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. Any payment transactions will be encrypted using PCI -DSS compliant technology. Although we will do our best to protect your personal data, Seasalt cannot guarantee the security of data transmitted via the internet. Any transmission is at your own risk.


6  PERIOD OF STORAGE

 

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

 

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

 

Where you order goods and/or services from us, we will retain your data for a period of six (6) years after the goods were delivered and/or the services performed, to ensure that we are able to assist you should you have any questions or feedback in relation to our goods and/or services or to protect, or defend our legal rights.

Where we have processed your personal data to provide you with marketing communications with consent, we may contact you at least every twelve (12) months to ensure you are happy to continue receiving such communications. If you tell us that you no longer wish to receive such communications, your personal data will be removed from our lists.

Where we have processed your data for any other reason (such as where you have contacted us with a question in connection with our goods and/or services), subject to section 7.2, we will retain your data for twelve (12) months.

In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.


7  YOUR RIGHT TO OBJECT UNDER DATA PROTECTION LAWS

7.1  You have the right to object to us processing your personal data where we are processing personal data:

7.1.1       based on our legitimate interests (as set out at section 1 above). If you ask us to stop processing your personal data on this basis, we will stop processing your personal data unless we can demonstrate compelling grounds as to why the processing should continue in accordance with data protection laws; and

7.1.2       for direct marking purposes. If you ask us to stop processing your personal data on this basis, we will stop.

7.2  In each case please do so by using the unsubscribe functions in any marketing communication or by making contact with us directly (please see section 12).


8  YOUR OTHER RIGHTS UNDER DATA PROTECTION LAWS

 

8.1  Right of access

You have the right to receive confirmation as to whether your personal data is being processed by us, as well as various other information relating to our use of your personal data. You also have the right to access your personal data which we are processing. You can exercise this right by making contact with us directly (please see section 12). We will deal with your access request for free, however we are entitled to refuse to process your request, or to charge for a request to meet our costs in providing you with details of the information we hold about you, if we feel the request is manifestly unfounded or excessive.

 

8.2  Right to rectification

You have the right to require us to rectify any inaccurate personal data we hold about you.  You also have the right to have incomplete personal data we hold about you completed, by providing a supplementary statement to us.  If you request a correction of your personal information we will take reasonable steps to check its accuracy and correct it.

8.3  Right to restriction

You have the right to restrict our processing of your personal data where:

8.3.1       the accuracy of the personal data is being contested by you;

8.3.2       the processing by us of your personal data is unlawful, but you do not want the relevant personal data erased;

8.3.3        we no longer need to process your personal data for the agreed purposes, but you want to preserve your personal data for the establishment, exercise or defence of legal claims; or

8.3.4       we are processing your data on the basis of our legitimate interest (as set out at section 1 above) and you:

8.3.4.1.1        object to our processing on the basis of our legitimate interest under section 9.1.1 above; and

8.3.4.1.2        want processing of the relevant personal data to be restricted until it can be determined whether our legitimate interest overrides their legitimate interest.

8.3.5       Where any exercise by you of your right to restriction determines that our processing of particular personal data are to be restricted, we will then only process the relevant personal data in accordance with your consent and, in addition, for storage purposes and for the purpose of legal claims.

8.4         Right to data portability

You have the right to receive your personal data in structured, standard machine-readable format and the right to transmit such personal data to another controller.

8.5         Right to erasure

You have the right to require we erase your personal data which we are processing where one of the following grounds applies:

8.5.1     the processing is no longer necessary in relation to the purposes for which your personal data was collected or otherwise processed;

8.5.2     our processing of your personal data is based on your consent, you have subsequently withdrawn your consent and there is no other legal ground we can use to process your personal data;

8.5.3     you object to the processing of your personal data as set out in section 9.1.1 above and we have no overriding legitimate interest for our processing;

8.5.4     the personal data have been unlawfully processed; and

8.5.5     the erasure is required for compliance with a law to which we are subject.

On verification of your request for erasure, please note that we will endeavour to erase the relevant data as quickly as possible. We will try to comply with your request within one month, however please note that our catalogues are ordered in advance and that you may receive another catalogue after you make your request.

You have the right to lodge a complaint with the UK's Information Commissioner's Office or, if you are a data subject in the EU, Ireland's Information Commissioner.

Exercising your rights: You can exercise your rights by contacting us directly (please see section 12).

 

 


9  LINKS ON OUR WEBSITE

Our website may, from time to time, contain links to and from the websites of our partner networks and affiliates. Our service connects you to different websites. If you follow a link to any of these websites or use our service, please note that you have left our website and these websites have their own privacy policies. We do not accept any responsibility or liability for these policies or websites. Please check these policies before submitting any personal data to these websites.

10  CUSTOMERS IN CALIFORNIA AND VIRGINIA

The California Consumer Privacy Act (“CCPA”) and the Virginia Consumer Data Protection Act (CDPA) provide customers who are California or Virginia residents with certain rights relating to their personal information, including the right to:

·       know what personal information we collect, use, or disclose about you, including the categories of third parties who receive your data;

·       obtain a copy of personal information collected about you;

·       instruct us not to sell your data;

·       not be discriminated against as a result of exercising your CCPA rights.

You can rest assured that Seasalt will never sell your personal data to any third party.

10.5    Your Rights

You have the right to know what personal information we collect or disclose about you, including the categories of third parties who received your data, including disclosure relating to:

·       the categories of personal information we have collected about you during the preceding 12 months;

·       the categories of sources from which we collect personal information;

·       the specific pieces of personal information we collect;

·       the business or commercial purpose for collecting personal information;

·       the categories of third parties with whom we share personal information;

You have the right to request the deletion of, and we will direct our third-party service providers to delete, any personal information collected about you, after receipt of a verified request from you, unless an exception applies.

We may deny your verified deletion request where we or our third party service providers need to retain your personal information in order to:

·       complete the transaction for which we collected the personal information, fulfil the terms of a written warranty or product recall conducted under federal law, provide a good or service requested by you or is reasonably anticipated within our ongoing business relationship with you, or is otherwise required in performing our contract with you;

·       detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute the individuals responsible for that activity;

·       debug to identify and repair errors that impair existing intended functionality;

·       exercise a legal right, including exercising or ensuring free speech;

·       comply with the California Electronic Communications Privacy Act;

·       enable internal uses reasonably aligned with your expectations based on your relationship with us;

·       comply with a legal obligation; or

·       otherwise use your personal information internally in a lawful manner that is compatible with the context in which you provided the information.

Virginia: Right to Appeal. You can appeal our decision about your request to exercise your rights, if you disagree.

10.6    How to Submit a Verifiable Request

If you want to submit a disclosure or deletion request, please contact privacy@seasaltcornwall.com or via any of the methods listed in the “Contact Details” section (section 12) below

In order to respond to your request, we must perform some verification. You will be required to submit your:

·       name,

·       address,

·       email,

·       telephone number and

·       marketing preferences.

We will use this information to search our systems and determine the information we have about you.

We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm that the personal information relates to you. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify your identity or authority to make the request.

You may make a verifiable consumer request up to two (2) times within a twelve (12) month period, free of charge, unless the request is manifestly unfounded or excessive.

We will respond to verifiable requests within 45 days after receipt, potentially extendable once for up to 90 days provided you are notified within 45 days of the extension and its reasons. Any disclosures we provide will only cover the twelve-month period preceding receipt. The response we provide will also explain any reasons we cannot comply with a request, if applicable.

You will receive our response by email to the email address you provided at the time you submitted your request.

10.7    Opting-Out of Sale of Personal Information

Seasalt does not sell personal information to third parties.

 

10.8    Non-Discrimination

We will not discriminate against you for exercising any of your rights. Unless permitted by the relevant legislation, we will not:

·       Deny you goods or services.

·       Charge you different prices or rates for goods or services, including through discounts or other benefits, or by imposing penalties.

·       Provide you a different level or quality of goods or services.

·       Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services.


11  CHANGES TO OUR PRIVACY POLICY

Any changes we make to our privacy policy in the future will be posted on this webpage and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.


12  CONTACT

Questions, comments and requests regarding this privacy policy are welcomed.

You can contact us by telephoning our Customer Services team on +44 01326 640075 or by writing to us at Privacy, Seasalt Limited, Unit 8 Falmouth Business Park, Bickland Water Road, Falmouth TR11 4SZ.

Our Data Protection Officer can be contacted by email at privacy@seasaltcornwall.com

This Privacy Policy was last updated on 27 March 2024.