The purpose of this policy is to explain to you how we control, process, handle and protect your personal information while browsing or using this website, including your rights under current laws and regulations. If you do not agree to the following policy you may wish to cease viewing / using this website.
The policy is updated from time to time with the latest version available on this page.
Policy key definitions:
• "I", "our", "us", or "we" refer to the business Peter Beales Roses, London Road Attleborough, NR17 1AY.
• "you", "the user" refer to the person(s) using this website.
• GDPR means General Data Protection Act.
• PECR means Privacy & Electronic Communications Regulation.
• ICO means Information Commissioner's Office.
• Cookies mean small files stored on a user’s computer or device.
We are registered with the ICO under the Data Protection Register:
Our registration number is Z6429582
Processing of your personal data
Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you using the following lawful basis.
The Lawful basis’s for processing your data
The reason we use this basis is that you can opt in to our public emailing list from various sections of the website. We process your information by storing the email address only on our self-hosted email marketing software (Mailjet) and then email you offers, news and other items of interest. We will continue to process your information under this basis unless you withdraw consent or it is determined your consent no longer exists. This information is not shared with third-parties for marketing purposes however it is shared with third-parties we require to offer this service: Web Development Agency to be able to work on our website (Affinity Agency), Accountancy and Business Analysis Company (Kram Computers Ltd) to import into our stock control and order processing system, payment providers (Sage Pay Ltd), despatch/delivery firms for the purposes of sending our goods to you via the postal system/couriers, Internet Service Providers (AWS/Net Communications) who provide the actual transport for emails and Google who provide the website analytics service we use. Latest GDPR Policies can be found on the 3rd party websites.
The reason we use this basis is that you can place an order for goods or services on our website and as such have entered into a contract with us. We process your information on our website backend Administration Control Panel to measure the effectiveness of our ecommerce store by gathering various data for us to review our metrics and we look for patterns across our customers shopping trends. This information is not shared with third-parties for marketing purposes however it is shared with third-parties we require to offer this service: Web Development Agency to be able to work on our website (Affinity Agency), Accountancy and Business Analysis Company (Kram Computers Ltd) to import into our stock control and order processing system, payment providers (Sage Pay Ltd), despatch/delivery firms for the purposes of sending our goods to you via the postal system/couriers, Internet Service Providers (AWS/Net Communications) who provide the actual transport for emails and Google who provide the website analytics service we use. Latest GDPR Policies can be found on the 3rd party websites.
We shall continue to process your information until the contract between us ends or is terminated under any contract terms.
If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.
Your individual rights
Under the GDPR your rights are as follows.
• the right to be informed;
• the right of access;
• the right to rectification;
• the right to erasure;
• the right to restrict processing;
• the right to data portability;
• the right to object; and
• the right not to be subject to automated decision-making including profiling.
You also have the right to complain to the ICO via www.ico.org.uk if you feel there is a problem with the way we are handling your data.
We handle Subject Access Requests in accordance with the GDPR. Please contact firstname.lastname@example.org to request any of your rights be fulfilled.
Some cookies are required to enjoy and use the full functionality of this website.
Cookies that we use are;
__utma – Google Analytics Tracking Cookie.
This cookie keeps track of the number of times a visitor has been to the site pertaining to the cookie, when their first visit was, and when their last visit occurred. Google Analytics uses the information from this cookie to calculate things like Days and Visits to purchase.
__utmb and __utmc – Google Analytics Tracking Cookie
- The B and C cookies are brothers, working together to calculate how long a visit takes. __utmb takes a timestamp of the exact moment in time when a visitor enters a site, while __utmc takes a timestamp of the exact moment in time when a visitor leaves a site. __utmb expires at the end of the session. __utmc waits 30 minutes, and then it expires.
__utmt – Google Analytics Tracking Cookie
This is is used to throttle request rate in the event of too many accesses over a short period of time.
__utmz – Google Analytics Tracking Cookie
This keeps track of where the visitor came from, what search engine you used, what link was clicked on, what keyword was used, and where the user was in the world when you accessed the website.
frontend_cid –Created when you visit our website over the https
frontend – Created when you visit our website over http protocol
offer-modal-shown – A Peter Beales Roses specific cookie that keeps track of whether the popup “modal” offer has been shown to you or not.
CART - The association with your shopping cart.
CATEGORY_INFO - Stores the category info on the page, that allows to display pages more quickly.
COMPARE - The items that you have in the Compare Products list.
CURRENCY - Your preferred currency
CUSTOMER - An encrypted version of your customer id with the store.
CUSTOMER_AUTH - An indicator if you are currently logged into the store.
CUSTOMER_INFO - An encrypted version of the customer group you belong to.
CUSTOMER_SEGMENT_IDS - Stores the Customer Segment ID
EXTERNAL_NO_CACHE - A flag, which indicates whether caching is disabled or not.
FRONTEND – Your session ID on the server.
GUEST-VIEW - Allows guests to edit their orders.
LAST_CATEGORY - The last category you visited.
LAST_PRODUCT - The most recent product you have viewed.
NEWMESSAGE - Indicates whether a new message has been received.
NO_CACHE - Indicates whether it is allowed to use cache.
PERSISTENT_SHOPPING_CART - A link to information about your cart and viewing history if you have asked the site.
RECENTLYCOMPARED - The items that you have recently compared.
STORE - The store view or language you have selected.
VIEWED_PRODUCT_IDS - The products that you have recently viewed.
More information on the Google Analytics Cookies can be found here:
Magento is the shopping cart/eCommerce software our website is based on.
We share anonymous information for analysis with Google Analytics. We do not share Personally Identifiable Information.
Their Data Privacy can be found on this link: https://policies.google.com/privacy?hl=en
Data security, retention and protection
We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.
We will retain your personal information in line with our main GDPR Data Protection Policy.
You may request a copy of general our GDPR Data Protection Policy, as well as our specific Information Security Policy by contacting email@example.com to request this or visit our website and clicking on “Policies” in the footer.
Transparent Privacy Explanations
We have provided some further explanations about user privacy and the way we use this website to help promote a transparent and honest user privacy methodology.
Email marketing messages & subscription
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the "Processing of your personal data" above. Any email marketing messages we send are done so through self-hosted email platform and not a third-party EMS. The emails themselves are sent out via the Amazon Web Service SES Service.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe.
Within our self-hosted Email Marketing System we may hold the following information about you.
Firstname and Surname
Subscription time & date
-- End of Document