Pickering Book Tree
PRIVACY POLICY
Last updated: 16th July 2022
​
Purpose of Website and This Document
​
Pickering Book Tree is an independent book shop based in Pickering, North Yorkshire. This website (www.pickeringbooktree.co.uk) is run by the shop, and supplements the physical shop by selling products online, sharing book related content, and providing information relevant to the shop, including upcoming events.
​
This page outlines the Privacy Notice as per legal requirements.
​
The following sections are included in this document:
How We Store and Share Your Data
​
1. Introduction
We understand that your privacy is important and that you care about how your personal data is used and shared. We respect the privacy of everyone who visits our website, and are committed to protecting your personal data, and to being transparent about the data we collect from you and how we use it.
This Privacy Notice details the data that we collect from you, how we use your data, how we ensure your privacy is maintained, and your legal rights relating to your personal data.
​
2. Who We Are
​
2.1. Pickering Book Tree Ltd is a company registered in England and Wales. Our company number is 14067692. Our registered office address is 43a Market Place, Pickering, England, YO18 7AE.
​
2.2. You can contact us by:
-
Post - Pickering Book Tree, 43a Market Place, Pickering, England, YO18 7AE
​
3. Your Rights
​
3.1. Under the General Data Protection Regulation (GDPR) and The Data Protection Act 2018 (DPA) you have a number of rights regarding your personal data:
-
​Right to be informed - you have the right to be informed about the collection and use of your personal data. The information that we collect and use is detailed in this Privacy Notice.
-
Right of access - you have the right to request a copy of the information that we hold about you. You can do this by contacting us using the information given in Section 2: Who We Are.
-
Right of rectification - you have the right to correct data that we hold about you if it is inaccurate or incomplete.
-
Right to be forgotten - in certain circumstances you can ask for the information that we hold about you to be erased from our records. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
-
Right to restriction of processing - where certain conditions apply, you have the right to restrict the processing of your personal data.
-
Right of portability - you have the right to have the information we hold about you transferred to another organisation.
-
Right to object - you have the right to object to certain types of processing, for example, direct marketing.
3.2. If you have cause for complaint about our use of your data, or you would like to exercise any of your rights listed above, then please contact us using the details provided in Section 2: Who We Are.
​
3.3. If we are unable to help you, or you are not satisfied with our response, you also have the right to lodge a complaint with the UK's supervisory authority - The Information Commissioner's Office (ICO). The ICO can be contacted:
-
By post - The Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF
-
By telephone - 0303 123 1113
-
Via its website - www.ico.org.uk
​
4. The Data We Collect from You
4.1. All website users
We automatically collect some non-identifying information from all visitors when they interact with our website. This information is:
-
Your IP address, browser type and version, time zone setting, browser plug-in types, geological information about where you might be (country the website is being accessed from), and operating system and version.
-
Your URL click-streams (the pages you visit on our website and the path you take through these pages via links), products and pages viewed, page response times, download errors, how long you stay on each of our pages, and what you do on these pages and how often.
​
4.2. Customers
If you are a customer, we will collect additional information which you provide to us:
-
Contact details - your name, address, phone number, and email address.
-
Purchase and quote details - information about products you have purchased or enquired about.
-
Financial information - your bank or payment details when you purchase a product through our website.
-
You can choose to create an account on our website when you purchase something from us, in which case your chosen password will also be collected. You can choose to save your login information via cookies for quick login on future visits.
4.3. Newsletter Subscribers
If you subscribe to our email newsletter, this site will record:
-
Contact details - your name and email address.
When a subscriber clicks on a link within an email, or fills out a form, we also collect this information (see below for how this information is used).
​
Subscribers may unsubscribe at any time by following the link at the end of every email sent via this site’s mailing list. You can also visit the Unsubscribe or Manage Your Subscription pages to select which mailing lists you would like to be included or deleted from. You may ask for all of your data to be deleted at any time.
4.4. If You Enter a Giveaway or Competition
If you enter a giveaway or competition on www.pickeringbooktree.co.uk, we will collect:
-
Contact details - your name and email address.
Some giveaways may be entered via social media, in which case you will not need to submit your email address in order to enter, however you entry will be associated with your public profile on the social media platform. We will not collect or store data pertaining to our interactions with you on social media, however these interactions will be stored by the social media platform.
If you win a physical prize which must be sent by post, you will be asked to provide your postal address in order for us to send the prize. Alternatively, prizes can be collected from the shop.
​
The information required to enter, and in the result of winning, will be specified for each competition as relevant.
​
4.5. If You Contact Us by Email
If you email Pickering Book Tree through the form located on the Contact page, you will be required to input your email address as a minimum in order for a response to be sent. You will also be prompted to input your name (first name or full name as preferred), a subject, and a message.
​
Our reply will be sent from an email account under the domain of @pickeringbooktree.co.uk, and will be protected under the Privacy Policy of Zoho and your own email provider.
​
You can also choose to email Pickering Book Tree directly from your email account without using the form located on the website. If you send an email directly to enquiries@pickeringbooktree.co.uk, privacy will be governed by Zoho’s Privacy Policy, and that of the email provider you use to send the message.
​
4.6. If You Submit a Comment
When visitors leave a comment on one of our website pages, we collect:
-
Your name.
-
Your IP address and browser user agent string, in order to help spam detection.
-
You can optionally supply your email address, in order to be notified of replies to your comment.
​
If you submit a comment while logged in to your account, your comment will be linked to your profile. After approval of your comment, your profile picture (if selected under your account) is visible to the public alongside your comment.
​
4.7. Embedded Content From Other Websites
On occasion, articles on our website and newsletters sent to our email subscribers include embedded content from websites other than www.pickeringbooktree.co.uk (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
​
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website. We will only ever embed content from trusted providers, for example YouTube, however your interactions with this content will be under the conditions set out in the respective Privacy Notice of the embedded website.
​
5. How We Use Your Data
5.1. Data protection law means that we can only use your data for certain reasons and where we have a legal basis to do so. These are the reasons for which we process your data:​
-
Orders and quotes - we will use the details you provide us to process any purchases you make with us using our website, over the phone, or in the shop. We need to collect this information in order to process your order. Our legal basis for this is contractual obligation (see Section 6 below).
-
Running our website - we will use your purchase history to recommend content and other products which may interest you. We will use data collected on our site to provide and manage your access to our website and services, to personalise and optimise your experience. Our legal basis for this is legitimate interest (see Section 6 below).
-
Improving our website - we will use automatically collected non-identifying data to test our website features, manage lading pages, provide heat maps of our site, traffic optimisation, data analysis and research to improve our content based on interest. This includes profiling, feedback questionnaires, and the use of machine learning using third parties to process this data. Data on links clicked on our website and mailing list emails will help us to create content and emails that interest our visitors and subscribers. This data is anonymised and used to identify general trends of interest from subscribers. Our legal basis for this is legitimate interest (see Section 6 below).
-
Marketing - we will send newsletter subscribers emails about new content, events, news, product recommendations and offers. Newsletter subscriber emails will only be used for receiving communication from Pickering Book Tree. You will be able to unsubscribe from these emails at any time by following the link at the end of every email. Our legal basis for this is consent or legitimate interest (see Section 6 below).
-
Answering your queries and customer support - we will use the contact details you provide to us in order to reply to your request or query. Our legal basis for this is contractual obligation (see Section 6 below).
-
Giveaway entrants will be sent emails relating only to the competition they entered, unless they also signed up for the newsletter. Once the prize has been claimed, the contact details of unsuccessful entrants will be deleted from our records. Further communication with the winner will be required in order to fulfil our contractual obligation to them. Our legal basis for this is consent, legitimate interest, or contractual obligation (see Section 6 below).
-
Preventing fraud and crime - we use some data to protect our business and your account from fraud and other illegal activities. For example, we use CCTV in our shop to prevent crime, and we look out for irregular orders on our website. Our legal basis for this is legitimate interest (see Section 6 below).
​
6. Legal Basis
6.1. Section 5 indicates the legal basis for each instance where we process your data. This Section defines the meaning of each legal basis.
​
6.2. Legitimate Interest:
-
This legal basis applies where processing your data is necessary for our legitimate interests or the legitimate interests of a third party, provided those interests are not outweighed by your rights and interests. These legitimate interests are:
-
Gaining insights from your behaviour on our website​
-
Delivering, developing, and improving our service
-
Enabling us to enhance, customise, or modify our services
-
Enhancing data and physical security
-
Promoting our products, services and business
-
Responding to customer enquiries and contact requests
-
-
In every case, these legitimate interests are only valid if they are not outweighed by your rights and interests.​
-
You can always object to the processing of your data based on legitimate interest. If you do so and we have no other legal basis for processing your data, we will stop. If we do have another legal basis we will continue to do so, subject to your legal rights.
​
6.3. Consent:
-
This legal basis applies where you have given clear consent for us to process your personal data for a specific purpose.
-
You can withdraw your consent at any time. You can do this by clicking unsubscribe on any email sent to our mailing list, or by getting in touch via the contact details given in Section 2.
-
If you withdraw your consent and we have no other legal basis to process your data, we will stop. If we do have another legal basis we will continue to do so, subject to your legal rights.
​
6.4. Contractual Obligation:
-
This legal basis applies where processing your data is necessary for a contract you have with us, or because we have asked you to take specific steps before entering into that contract.
​
7. How We Store and Share Your Data
​
7.1. Data security is very important to us, and we take appropriate security measures to protect and secure personal data collected and processed via our website.
​
7.2. We endeavour to keep all of your personal information in the European Economic Area (EEA). The EEA includes all EU Member States plus Norway, Iceland and Liechtenstein.
7.3. In limited and necessary circumstances your information may be transferred outside of the EEA. This will only happen when it can not be avoided. Where this does happen, we will only move data to countries or organisations:
-
Where the EU Commission has deemed their data protection measures to be adequate,
-
Or under a contract which enforces the EU Commission approved "standard data protection clauses" which can be viewed here.
​
7.4. We will never sell your data to a third party.
7.5. Subscriber information is never disclosed to any third party, except where necessary to provide an essential service. These essential services in no way distribute the email addresses, or sign subscribers up to any other services.
-
Where necessary we contract trusted service providers to provide required services on our behalf. These services include payment processing, delivery of goods, search engine facilities, advertising, marketing, and IT systems. This will sometimes require the transfer to or handling of your personal data through these trusted service providers.
-
The contact form used to email Pickering Book Tree via our website is managed by Wix. Our mailing list subscription form is also managed by Wix. Their Privacy Policy can be found here.
-
Our website uses EmailOctopus to securely store email addresses of our newsletter subscribers. Through this service emails are sent to the mailing list, and subscribers can manage their preferences. The EmailOctopus Privacy Policy can be found here.
-
Our website also used Zapier to connect Wix to EmailOctopus. Their Privacy Policy can be found here.
-
Visitor comments may be checked through an automated spam detection service.
-
Member accounts, including customer purchases, card details, addresses, and contact details are collected and managed by Wix (see their Privacy Policy). This data is stored securely and only used as required to fulfil the purchase.
-
Customers may choose to pay for their purchase through PayPal, in which case no payment details are processed through Pickering Book Tree, and PayPal are responsible for ensuring the funds reach us. See PayPal's Privacy Policy.
-
All website information is saved by Wix (the website host), and only the website administrator (Cathy Charlton of Pickering Book Tree) has admin access to the account. Information necessary to complete an online purchase is automatically emailed to shop@pickeringbooktree.co.uk, and consists of the ordered items, dispatch address, and contact details (where relevant). Emails to this account are end-to-end encrypted, and only staff at Pickering Book Tree have access to the email account. This service is provided by Wix (Privacy Policy) and Zoho (Privacy Policy).
-
Where we transfer your data to our trusted service providers we will have confirmed that they will apply data protection and security measures to protect your data.
​
7.6. In certain limited circumstances we may be legally required to share your personal data - for example where we are involved in legal proceedings, complying with a court order, regulatory requirement, or government department with legal authority to compel us to do so.
​
8. How Long We Keep Your Data
8.1. We do not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected and for our obligation under other laws.
8.2. We may need to keep your information to establish, bring, or defend legal claims. We'll therefore always keep your personal data for 7 years after the date it is no longer necessary to hold it. At the end of this period, your data will either be deleted or anonymised.
7.3. Exceptions to the above are:
-
Where you have exercised your right to have the information we hold on you.
-
Where the law requires us to keep your data for longer or delete it sooner.
-
Where a legal claim is in progress, in which case we will keep your data until the claim is concluded.
7.4. If you leave a comment on our website, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
​
7.5. If you provide your email address in order to subscribe to the mailing list, your email address will be stored for as long as you are subscribed to the mailing list. Once you unsubscribe, your data will be deleted.
​
7.6. If you contact Pickering Book Tree via direct email to any subdomain email account of @pickeringbooktree.co.uk, or use the contact form on this website, a record of the communication will be stored in Pickering Book Tree's Zoho Workplace account.
​
7.7. If you create an account and store account information such as card details, contact details or addresses, this will be retained until you either delete a specific piece of information, or delete your account entirely. We keep a record of past purchases through automatic order email notifications.
​
9. Cookies
9.1. This website uses cookies to enhance visitor experience. Cookies are small pieces of information sent by an organisation to your computer or device to allow a website to recognise you when you visit. We use cookies for record-keeping purposes and to compile statistical data about browsing actions and patterns.
​
9.2. Cookies do not contain any personal information, other than the cookie itself which is defined as personal data under GDPR.
​
9.3. All cookies on our website are used in accordance with the current cookie law.
​
9.4. Cookies will not be placed on your computer or device until after you have consented to their use via the banner displayed at the bottom of the screen when you browse our website. You can choose to reject their use, however certain parts of our website may not function properly. Visitors may also choose to set their web browser to refuse cookies, or to send an alert when cookies are being sent.
​
9.5. If you leave a comment on this site, or create an account, you may opt-in to saving your name and email address in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
​
9.6. You can find out more about the different types of cookies and how this website uses them on the Cookie Policy page.
​
10. Changes to Our Privacy Notice
10.1. Pickering Book Tree may update this Privacy Notice, for example following a change in privacy law. The date of the most recent change will be stated at the top of this page.
​
10.2. This Privacy Notice was last updated in July 2022.
​
​
​