Privacy and Security Policy

Privacy and Security - SSL Secure Connection and Data Protection Standards

Last Updated (Oct 14, 2019)

Your Privacy and Security are a top priority for us. We will never rent or sell any customer information to any other party. Our privacy policy is compliant with the current law and has been updated to include the requirements of the General Data Protection Regulation (GDPR).

This Privacy and Security Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from https://www.thelovingnature.co.uk (the “Site”).

Security

– Your personal information is protected. We take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.

– This Site is secured with an SSL Certificate. Transactions on our Site are protected with a 256-bit Secure Sockets Layer encryption (the most powerful SSL encryption available today). When you provide us with your credit card information, the information is encrypted using AES-256 encryption (Advanced Encryption Standard – considered uncrackable by itself). The connection is 100% secure.

Once you enter our secure Site, a closed padlock will show in your browser status bar. That means that your personal and card details are fully encrypted, and remain secure across the Internet and after they reach our order processing centre.

– We are PCI-DSS compliant (Payment Card Industry Data Security Standard). PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.

We adhere to the SCA authentication guidelines (the new European regulation from 14 September 2019) that mandates Strong Customer Authentication (SCA) for online card payments.

SCA is designed to reduce the risk of a fraudster pretending to be you to steal your money. The aim is to make sure your bank or payment services provider knows that the person requesting access to your account or trying to make a payment is either you or someone to whom you have given your consent. This process to establish that it is really you is called ‘authentication’. Your card issuer should be communicating with you with the detail of any planned changes. Do contact your issuer if you would like more details.

In the unlikely event that your personal data is compromised, we will notify you without delay. The competent UK Supervisory Authority (ICO – Information Commissioner’s Office) will also be notified within 72 hours by e-mail with all the information about the extent of the breach, affected data, any impact on the Service. Our action plan for measures to secure the data and limit any possible detrimental effect on the data subjects (after we establish the likelihood and severity of the resulting risk to people’s rights and freedoms) will also be sent to the Information Commissioner’s Office at the same time.

A “personal data breach” is a type of security breach that leads to the accidental or unlawful destruction, alteration, loss, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed in connection with the provision of the Service.

You can see and verify the SSL Security Report from Qualys SSL Labs -> Click Here (request a new scan if needed – last assessed on Mon, 14 Oct 2019 02:21:32 UTC). Please contact us if you can’t view the report properly or if you spot anything wrong. We are always here ready to help via Chat or Email.

How we use Cookies

See The Loving Nature’s Cookie Declaration at the end of this Policy for information on the cookies we use.

The personal information we collect

When you visit the Site, we automatically collect certain information about your device. That includes information about your web browser, IP address, time zone, and some of the cookies that are installed on your device.

Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”

We collect Device Information using the following technologies:

  • Cookies – data files that are placed on your device or computer and often include a unique anonymous identifier
  • Log files – track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps
  • Web beacons, tags, and pixels – electronic files used to record information about how you browse the Site

How we use your personal information

When you purchase something from our Site, as part of the buying and selling process, we collect the personal information you give us such as your name, address and e-mail address. We use the Order Information that we generally collect to fulfil any orders placed through the Site (including processing your payment information, arranging for shipping, and providing you with invoices and order confirmations).

Additionally, we use the Order Information to communicate with you or screen the orders for potential risk or fraud. When in line with the preferences you have shared with us, to also provide you with information or advertising relating to our products or services.

We use the Device Information to screen for potential risk and fraud (in particular, your IP address), and more generally to optimise and improve our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).

Your personal information and third-party services

We share your Personal Information with trusted third parties to help us use your information to better understand and serve your shopping needs. For example, we use WooCommerce to power our online store. You can read more about how WooCommerce uses your Personal Information here https://woocommerce.com/privacy-policy. Also, when you choose a direct payment gateway to complete your purchase, like PayPal, Amazon Pay or Pay by Card (via Stripe), some of your data will be passed to the respective third party (more in the ”Payment” section).

As you visit our Site, we are gathering information about your visit. We collect this information to improve our delivery of information and services to you. For that, we utilise technology from third-party companies like Google. We utilise Google Analytics to aid in website measurement. This software is employed to evaluate (anonymously and in aggregate) how people use The Loving Nature site. You can read more about how Google uses your Personal Information here https://www.google.com/intl/en/policies/privacy. Here you can opt-out of Google Analytics https://tools.google.com/dlpage/gaoptout.

This kind of software provides de information about your device (computer, tablet, smartphone), the type of browser (Chrome, Safari, Firefox) and operating system (Windows, Macintosh, Android, iOS). This information helps us optimise the website based on the technologies the people are using to access our Site. Once you leave our Site or are redirected to a third-party website or application, you are no longer governed by this Privacy and Security Policy or our Site’s Terms and Conditions.

How you can access, update or delete your data

You are entitled to access, correct or delete any personal information we have about you. Also, you have the right to lodge a complaint with a supervisory authority. You may request a copy of your data in an electronic format that you can take to other service providers. We will respond to your request within 30 days by providing a link to a location where the data can be downloaded or directly via e-mail.

To easily access, view, update, delete or port your data (where available) please sign in to your “Account” and visit your “Dashboard”.Please contact us for additional information and guidance for accessing, updating or deleting data.

If you request to delete your data and that data is necessary for the products or services you have purchased, the request will be honoured only to the extent it is no longer required for any services or products purchased. Same if it is required for our legitimate business purposes or legal or contractual record keeping requirements.

Data retention

We generally store information about you for as long as we need it for the purposes for which we collect and use this information, and we are not legally required to continue to keep it. We will also store comments or reviews if you choose to leave them.

When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.

Consent

How do you get my consent?

When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to us collecting it and using it for that specific reason only.

If we ask for your personal information for a secondary reason (e.g. marketing), we will ask directly for your consent. Also, we will provide you with an opportunity to say no.

How do I withdraw my consent?

If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting us at info@thelovingnature.co.uk

Disclosure

It is important to note that The Loving Nature does not sell, rent or lease any of your personal information.

Although, if required by law, we will release your personal information due to a search warrant, court order or other lawful requests, or to otherwise protect our rights.

Hosting company

SiteGround Hosting Ltd, host our Site. They provide us with an online platform that allows us to sell our products and services to you.

Your data is stored in SiteGround’s data storage and databases. They store your information on a secure server behind a firewall using the latest technologies available.

Payment

Payment can be made by any method specified on the checkout page.

If you choose a direct payment gateway to complete your purchase, like PayPal, Amazon Pay or Pay by Card (via Stripe), some of your data will be passed to the respective third party. That includes information required to process or support the payment, such as the purchase total and your billing information, Name, Email, Address, Phone, City/State/Postcode, Unique payment identifier, Payment provider identifier.

The data is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS) and is stored only as long as is necessary to complete your purchase transaction, to comply with the legal and regulatory obligations or for the purpose of fraud monitoring, detection and prevention. They might also retain data to comply with tax, accounting, and financial reporting obligations, and where data retention is mandated by the payment methods supported.

All our payment gateways adhere to the standards set by PCI-DSS (Payment Card Industry Data Security Standard) and the SCA rules (Strong Customer Authentication).

To better understand how our payment providers use and store the data shared with them, check their privacy and security policies directly:

Changes to this policy

We reserve the right to modify this Privacy and Security Policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the Site.

After making any material changes, you will be notified here that our Privacy and Security Policy has been updated (see the ‘Last Updated’ section at the top of the page). That way you are aware of what information we collect, how we use it, and under what circumstances if any, we use or disclose it.

If this Site is acquired or merged with another company, your information may get transferred to the new owners.

Questions and contact information

If you have any questions, concerns or complaints about our Privacy and Security Policy, our practices or our services, please contact us by e-mail at info@thelovingnature.co.uk or by post using the details provided below:

The Loving Nature –  10 Lime Grove, Hafan Fach, Tavernspite, Pembrokeshire, SA34 0NQ, United Kingdom

Cookie Declaration 

How to control cookies

You can manage or delete cookies as you wish. For details, see aboutcookies.org. You can delete all cookies that are already on your computer and can set most browsers to stop them from being placed. If you do this, however, some services and functionalities may not work.

Please also see our FAQs page https://www.thelovingnature.co.uk/faq.