Sweetalicious will treat and handle your personal data confidentiality and will only use your personal information to provide the services you’ve requested. We may also use this information for auditing, research and analysis to operate and improve our technologies and services. Sweetalicious will never sell, pass, or share your details to any third parties.
We are fully committed to handling personal information in accordance with the General Data Protection Regulation (GDPR) which came into force on the 25th of May 2018.
This means your personal data will be:
- Processed lawfully, fairly and in a transparent manner.
- Collected for specified, explicit and legitimate purposes.
- Only collected as required for our lawful purposes.
- Reviewed regularly.
- Retained only for as long as necessary and in accordance with our retention policy.
- Processed securely and with integrity.
It is important that you are aware of our procedures and practices and understand your rights in relation to your personal data and this Privacy Notice is designed to be part of that information.
Why Do We Need your Personal Data?
We need your personal data throughout our relationship with you for updating you on our services, any issues, website updates and regulatory requirements.
What Personal Data Do We Collect?
“Personal data” or “personal information” is any information relating to or about an individual from which that person can be directly or indirectly identified. This does not include data where the identity has been removed (anonymous data).
How is the information collected by us?
We may collect this information directly from you (e.g. when you submit a form to us or enter into a contract for services with us)
What is Our Lawful Basis for Processing Your Personal Data?
We will only use your personal data when the law allows us to. Most commonly, we will use your personal information in the following circumstances:
- where we have obtained your prior consent;
- where we need to perform a contract we have entered into with you;
- where we need to comply with a legal obligation; or
- where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
We may also use your personal information where we need to protect your interests (or someone else’s interest) or where it is needed in the public interest.
Change of purpose.
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Do We Share with Third-Parties?
We may share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so.
We will take all reasonable steps to ensure all information sharing is carried out in a secure way and will ask our third-party associates to assure us they will handle your personal data securely by using contracts to make our requirements clear and within the legal requirements as set out in the GDPR.
Retention of Personal Data
The retention periods for personal data depend on the purpose for which the information was obtained and will differ for different uses.
Where do we store Personal Data?
Your data is stored on a secure client relationship management (CRM) database enforced by password protocols.
We do collect statistics on visits to our website and social media sites and whilst these are anonymous statistics, your IP address may be considered personal data under the legislation. Therefore, we may collect information about the computer or device which is used to access our website. We use this information to collect anonymous statistics to view traffic to the site and how the site is used. This collection does not identify individual users.
What are they?
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.
In the event of a “high risk” personal data breach the individual(s) will be notified immediately within 72 hours as well as the Information Commissioners Office (ICO). Our company and staff shall follow our security protocols in line with our “Data Breach” company policy as well as the ICO guidelines and take all necessary precautions in order to minimise the severity of the breach for the individual. All personal data breach shall be recorded in our data breach register.
Right to be informed.
You have the right to be informed about the processing of your personal data, and this Privacy Notice provides you with the information you need to reassure you that we handle your personal data securely and lawfully.
Right of access
You have the right to request access to your personal data and to request further information relating to your personal data such as the purposes of processing, the categories of organisations with whom we share your personal data, the retention period for such personal data and the existence of any automated decision-making relating to your personal data.
Right to rectification
You have the right to have any inaccuracies or factual errors corrected or incomplete data amended.
If this information has been disclosed to a third-party we will inform that party and request that they amend their records.
We want your information to be accurate, complete and up to date so you can ask us to make any rectifications necessary as your details or circumstances change.
Right to erasure (the right to be forgotten)
You can request to have your personal data deleted or removed if there is no compelling reason to keep it, as follows:
- if your personal data is no longer required for the purposes for which we obtained them;
- where the processing of your personal data is based on your consent and you withdraw such consent;
- where the processing of your personal data is based on our legitimate interests and you successfully object to such processing;
- where the personal data is processed unlawfully; or
- where the personal data has to be erased for compliance with a legal obligation.
If the personal data is held for statutory or regulatory requirements it cannot be erased.
Any request made will be discussed with you, unless deletion is an obvious step.
Following erasure we will not retain your information
Right to restrict processing
This relates to personal data where the accuracy is contested or where you have objected to our processing based on our legitimate interests or where we no longer require the personal data but you request us to keep. It is a complex area and whilst a decision is being made in consultation with you, we will store the data but not process it.
Right to data portability
You have the right to take and use your data for other services or purposes. Where the personal data provided by you is processed on the basis of your consent or a contract between us and you, we are required to make this information available to you in a readable easily transferred format.
Right to object.
Where the processing of your personal data is based on our legitimate interests, you have the right to object (based on your particular circumstances) to the way we handle, use or store your personal data. If you object to our processing of your personal data, we will restrict any further processing until we determine whether or not there are any compelling reasons why we should continue the processing.
We do not sell your personal data.
While filling out our Contact Form or registering with us, we may ask how you wish to be contacted:
- By telephone
- By email
You are free to consent to all or one or more of these, however, the law requires that if you permit us to use only one method, that is the only method we can use. Given your requirements and opportunities that can come up at short notice you may wish to consider more than one contact method.
We request that you discuss any complaints with us by using our Contact Form.