Privacy policy.
Privacy and Cookies Policy
Summary
We are an e-commerce website and as such we track, store & process data arising from your interactions with the site/app primarily for the following reasons.
To fulfil orders placed by the user
To give users a better experience
To help us improve technical functionality
We treat the data we hold with the utmost respect. Rest assured we have dedicated people on our team working tirelessly to keep your data secure and in full compliance with all applicable Data Protection Law and consumer legislation.
The below document sets out in legal terms exactly how we approach this.
1. Introduction
This is the Privacy and Cookies Policy for www.baronshower.com (Website) and each of our web and mobile applications that we make available from time to time (Applications). The Website is operated by Square Space. For the purposes of European data protection legislation (Data Protection Law), we are the data controller in relation to the personal data processed in accordance with this policy.
We are dedicated to safeguarding and preserving your privacy when visiting the Website or communicating electronically with us. This Privacy and Cookies Policy explains how and why we process personal data and what happens to any personal data that you provide to us, or that we collect from you when you are on the Website or any Application.
By using the Website or any Application, you acknowledge that you have read the terms of this Privacy and Cookies Policy.
We will treat all your personal information as confidential (although we may disclose this information in the circumstances set out below). We will keep it on secure servers (as further detailed below) and we will fully comply with all applicable Data Protection Law and consumer legislation.
2. Whose personal data do we process?
We may process personal data relating to you if:
You are a user of the Website and Applications.
You are a customer.
You use our products or services.
You work for a customer, or for someone who uses our products or services.
You are someone (or you work for someone) to whom we want to advertise or market our goods or services.
3. Information we may collect from you
Through your use of the Website or any Application or Email, we may collect and process the following information about you:
Information about your visit to the Website or Application and the resources that you access including, but not limited to, traffic data, location data and communication data.
Information that you input by filling in forms, for example during the registration process or when making a purchase or product enquiry, or subscribing to our goods or services, such as but not limited to your name, email address, billing address, delivery address, telephone number, product selections, payment type and card expiry date.
Information relating to transactions with us involving details of goods or services that we have supplied to, or obtained from, you or the person you work for).
Information as whether the email sent to you was delivered and opened and whether links within the email were clicked.
Information provided to us when you communicate with us, for example by email or phone. This includes communications you send to us, for example to report a problem or to submit queries, concerns or comments regarding the Website or any Application or its content.
Information from surveys and competitions that we may, from time to time, run on the Website or any Application for marketing and research purposes, if you choose to respond to, or participate in them.
Internet pages you have visited immediately before coming to the Website or Application or pages you visit immediately after leaving the Website or Application.
You are under no obligation to provide any such information. However, if you should choose to withhold requested information (e.g. your address or payment details), we may not be able to provide you with certain services.
We may, from time to time, run referral programmes or similar initiatives, such as a "Tell a Friend" programme, enabling you to personally invite someone who is known to you, who may find our products or services to be of interest, to access our site based on your recommendation. We will provide you with a referral link to be forward to your contacts for the purpose of referring them to our site and promoting the "Tell a Friend" initiative.
4. Cookies
Cookies are essential in order to allow you to login to the Website or Application and for the Website experience.
What are Cookies?
Most websites you visit will use cookies to improve your user experience by enabling that website to remember you, either for the duration of your visit (using a 'session cookie') or for future visits (using a 'persistent cookie').
A cookie is a simple text file that is issued to your computer when you visit a website and which stores and sometimes tracks information about your use of a website. Each cookie is unique to your browser. It will contain some anonymous information such as a unique identifier, the website name and some digits and numbers. It allows a website to remember things like your preferences or what's in your shopping basket.
All cookies used by Vulpine are 'first party' cookies. This means that any cookie set on the Website or Application can only be read back from the Website or Application. No other website or application is able to read or access information from any cookie set by the Website or Application. Although they do identify a user's computer, cookies do not personally identify users, and passwords and credit card information are not stored in cookies.
Cookies are not programs and therefore cannot contain viruses or other malicious software.
How We Use Cookies
You can find a summary of the various types of cookies we use below. Our cookies are used for 3 types of purpose:
Strictly Necessary Cookies
These cookies are essential to enable you to move around the Website or Application and use their respective features. Without these cookies you cannot for example log into the Website or Application to access our sales. These cookies are passed under HTTPS in an encrypted format. This provides the most security when identifying you as a user.
Performance Cookies
These cookies let us monitor how the Website and Application are performing. These cookies do not let us identify users. We use this information to maintain, operate and continually improve the user experience for our users on the Website or Application.
For example, these cookies allow us to test different design ideas for particular pages and understand how well these pages work for our users.
We also use Google Analytics. Analytics systems are used by many websites to record information about who visits a website. Google set predominantly first party cookies with expiry dates ranging from 30 minutes to 2 years which do not contain any personally identifiable information. You can find out more about how Google use their cookies at http://www.google.com/intl/en/analytics/privacyoverview.html also see further information in the table below.
Functionality Cookies
These cookies allow us to:
record information about choices you've made and allow us to tailor the Website or Application to you, such as by customising elements of the promotional layout and/or content of the pages of the Website or Application;
remember that you have visited us before; this means we can identify the number of unique visitors we receive. This allows us to make sure we have enough capacity for the number of users that we get;
collect anonymous statistical information about how you use the Website or Application (including how long you spend on the Website or Application) and where you have come to the Website or Application from, so that we can improve the Website or Application and learn which parts and which functions of the Website and Application are most popular with users;
gather information about the pages on the Website that you visit or the functions of the Application you use, and also other information about other websites that you visit, so as to place you in a “market segment”.
Cookies on the Website and Application
Some of the cookies used by the Website and Application are set by us, and some are set by third parties who are delivering services on our behalf.
Cookie Name
Duration
Purpose
Crumb
Session
Prevents cross-site request forgery (CSRF). CSRF is an attack vector that tricks a browser into taking unwanted action in an application when someone’s logged in.
RecentRedirect
30 minutes
Prevents redirect loops if a site has custom URL redirects. Redirect loops are bad for SEO.
CART
2 weeks
Shows when a visitor adds a product to their cart
hasCart
2 weeks
Tells Squarespace that the visitor has a cart
Locked
Session
Prevents the password-protected screen from displaying if a visitor enters the correct site-wide password.
SiteUserInfo
3 years
Identifies a visitor who logs into a customer account
SiteUserSecureAuthToken
3 years
Authenticates a visitor who logs into a customer account
Commerce-checkout-state
Session
Stores state of checkout while the visitor is completing their order in PayPal
squarespace-popup-overlay
Persistent
Prevents the Promotional Pop-Up from displaying if a visitor dismisses it
squarespace-announcement-bar
Persistent
Prevents the Announcement Bar from displaying if a visitor dismisses it
Test
Session
Investigates if the browser supports cookies and prevents errors.
Analytics and Performance Cookies
We use Analytics and Performance cookies to collect information on your behalf about how visitors interact with your site. Storing these cookies is how we populate the data you find in Squarespace Analytics, such as traffic sources, unique visitors, and cart abandonment.
You can disable Squarespace Analytics and Performance cookies at any time.
Cookie Name
Duration
Purpose
ss_cid
2 years
Identifies unique visitors and tracks a visitor’s sessions on a site
ss_cvr
2 years
Identifies unique visitors and tracks a visitor’s sessions on a site
ss_cvisit
30 minutes
Identifies unique visitors and tracks a visitor’s sessions on a site
ss_cvt
30 minutes
Identifies unique visitors and tracks a visitor’s sessions on a site
ss_cpvisit
2 years
Identifies unique visitors and tracks a visitor’s sessions on a site
ss_cookieAllowed
30 days
Remembers if a visitor agreed to placing Analytics cookies on their browser if a site is restricting the placement of cookies
Controlling or Deleting Cookies
Most web and mobile device browsers automatically accept cookies but, if you prefer, you can change your browser to prevent that or to notify you each time a cookie is set. You can find instructions on how to control the use of cookies, or delete cookies from your computer at http://www.aboutcookies.org, which includes additional useful information on cookies and how to block cookies using different types of browser or mobile device.
Please remember that if you delete or restrict cookies from the Website or Application you may not be able to use parts of or take full advantage of the Website or Application (as the case may be) and their respective features and services.
Tracking Gifs
In addition to cookies, tracking Gifs may be set by us or third parties in respect of your use of the Website or Application. Tracking Gifs are small image files within the content of the Website or Application or the body of our newsletters so we or third parties can understand parts of the Website are visited and which functions of the Application are used and whether particular content is of interest.
5. Uses made of your information
We use the information you provide only for the following purposes:
Information you give to us
We will use this information:
to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us;
to provide you, with information about goods or services we feel may interest you;
to notify you about changes to our service provided by the Website or Applications;
to ensure in our legitimate interests that content from our site is presented in the most effective manner for you and for your computer.
Information we collect about you
We will use this information:
to administer our Website or Applications and your account with us under our terms and for internal operations, including troubleshooting, and, in our legitimate interests, auditing the downloading of data, data analysis (demographic and sales data), testing, research, statistical and survey purposes;
to improve our Website, Applications or Emails to ensure that content is presented in the most effective manner for you and for your computer;
to identify visitors to the Website or Application;
to allow you to participate in interactive features of our Website or Application, when you choose to do so;
as part of our legitimate efforts to keep our Website and Applications safe and secure;
for our legitimate interest of measuring or understanding the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
to make suggestions and recommendations to you and other users of our Website or Application about goods or services that may interest you or them in our legitimate interests and subject to your stated preferences where relevant.
You can tell us not to contact you with information regarding our products and services by following the unsubscribe instructions on any communications sent to you. Alternatively, you can also exercise the right at any time by contacting us using the Contacting us details at the end of this Privacy and Cookies Policy.
6. Legal grounds for our processing of your personal data
The basis on which we process your personal data is as follows:
Where it is necessary to obtain your prior consent to the processing concerned in order for us to be allowed to do it, we will obtain and rely on your consent in relation to the processing concerned.
Otherwise, we will process your personal data only where the processing is necessary:
for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into such a contract;
for compliance with a legal obligation to which we are a subject; or
for the purposes of the legitimate interests pursued by us or another person, provided that this will only be in circumstances in which those legitimate interests are not overridden by your interests or fundamental rights and freedoms which require protection of personal data (most circumstances in which we process your personal data in relation to a relationship that we have with the person that you work for will fall into this category).
7. Information sharing
We may disclose aggregate statistics about visitors to the Website, users of the Applications, customers and sales in order to describe our services to prospective partners, advertisers, sponsors and other reputable third parties and for other lawful purposes, but these statistics will include no personally identifiable information.
We may disclose your personal information to any of group companies, affiliates, or to our agents or contractors who assist us in providing the services we offer through the Website or any Application, processing transactions, fulfilling requests for information, receiving and sending communications, updating marketing lists, analysing data, providing support services or in other tasks, from time to time. Our agents and contractors will only use your information to the extent necessary to perform their functions.
We may share your email address, in encrypted form, with Facebook in order to engage in look-a-like targeting. This enables us to reach new people who are likely to be interested in us because they are similar to other customers of ours.
In the event that we undergo re-organisation or are sold to a third party, you agree that any personal information we hold about you may be transferred to that re-organised entity or third party. We may also share any personal information we hold about you amongst our group companies.
You should be aware that we may be under a duty to disclose or share your personal information and/or user information in order to comply with any legal obligation. We may also disclose your personal information if we believe that such action is necessary to prevent fraud or cyber-crime or to protect the Website or any Application or the rights, property or personal safety of any person.
8. Public forums
The Website and Applications may, from time to time, make chat rooms, message boards, news groups and/or other public forums available to its users. Any information that is disclosed in these areas becomes public information and you should exercise caution when using these and never disclose your personal information.
9. External links
The Website and Applications may, from time to time, contain links to external sites. If you follow a link to any of these websites, please note that these websites have their own privacy policies and processes and that we do not accept any responsibility or liability for these policies and processes. Please check these policies before you submit any personal data to these websites.
10. Payment processing
Payment details you provide will be encrypted using secure technology before they are submitted to the applicable payment provider. Payments made on the Website or any Application are made either through our chosen third party payment providers or PayPal depending on your chosen method of payment. You will be providing credit or debit card information directly to the Payment Provider who operate a secure server to process payment details, encrypting your credit/debit card information and authorising payment. Information which you supply to the Payment Provider is not within our control and is subject to the Payment Provider's own privacy policy and terms and conditions.
11. Security
We place great importance on the security of all personally identifiable information associated with our users. We have security measures in place to attempt to protect against the loss, misuse and alteration of personal information under our control. For example, our security and privacy policies are periodically reviewed and enhanced as necessary and only authorised personnel have access to personal information. Whilst we cannot ensure or guarantee that loss, misuse or alteration of information will never occur, we use all reasonable efforts to prevent it.
You should bear in mind that submission of information over the internet is never entirely secure. Where sensitive financial information is provided to us, we use encryption software to attempt to prevent unauthorised access to this information being obtained. Other than as set out in Sections 5 and 10 above, we do not have access to or store any confidential information about the means of payment; only PayPal or Amazon, our payment services providers, have access to this information, and it cannot be accessed by any other third party.
We cannot guarantee the security of information you submit via the Website or any Application and any such submission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
It is advisable to close your browser when you have finished your user session to help ensure others do not access your personal information if you use a shared computer or a computer in a public place.
12. Data Retention
We process personal data only for so long as it is necessary for the purpose(s) for which it was originally collected, after which it will be deleted or archived except to the extent that it is necessary for us to continue to process it for the purpose of compliance with legal obligations to which we are subject or for another legitimate and lawful purpose.
13. Storage of your information
Information that you submit via the Website or any Application is sent to and stored on secure servers located in Ireland. This is necessary in order to process the information. Information submitted by you may be transferred by us to our other offices and/or to the third parties mentioned in the circumstances described above (see Information sharing), which may be situated outside the European Economic Area (EEA) and may be processed by staff operating outside the EEA who work for these third parties or for us or one of our suppliers. This includes staff engaged in, among other things, the fulfilment of orders, the processing of payment details and the provision of support services. The countries concerned may not have similar data protection laws to the EEA. Where we transfer your information we will take all reasonable steps to ensure that your data is subject to appropriate safeguards, such as relying on EU approved standard contractual clauses relevant to transfers of personal information and that it is treated securely and in accordance with this privacy policy.
14. Your rights
You have the following rights in relation to personal data relating to you that we process:
You may request access to the personal data concerned (please see the section on obtaining access to your personal data, below).
You may request that any incorrect personal data about you that we are processing be rectified.
In certain circumstances (normally where the personal data has been provided by you and it is no longer necessary for us to continue to process it), you may be entitled to request that we erase the personal data concerned.
Where we are processing personal data relating to you on the basis of your prior consent to that processing, you may withdraw your consent at any time, after which we shall stop the processing concerned. If you do withdraw your consent here, note that this may affect our ability to provide you with our goods or services.
If you have a complaint about any processing of your personal data being conducted by us, you can contact us or lodge a formal compliant with the Information Commissioner.
How to withdraw your consent to processing
You can withdraw your consent to any relevant processing of personal data:
By emailing us at thorntonbaronuk@gmail.com
By writing to us at the address below.
How to exercise your right of access to your personal data
You can exercise your right of access to your personal data:
By emailing us at hello@baronshower.com
By writing to us at the address below.
Please note that we may be required to ask you for further information in order to confirm your identity before we provide the information requested.
15. Contacting us
Please submit any questions, concerns or comments you have about this Privacy and Cookies Policy or any requests concerning your personal data by email at: hello@baronshower.com, or write to us at:
Thornton Baron Ltd
Unit 3
7 Armley Road
Leeds
LS12 2DR
United Kingdom
16. The Information Commissioner
The Information Commissioner is the supervisory authority in the UK and can provide further information about your rights and our obligations in relation to your personal data, as well as deal with any complaints that you have about our processing of your personal data.
17. Changes to this policy
Any changes we make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy and cookies policy.
18. Date of this policy
This policy was last updated on May 15th 2022