Blackwell’s recognises that the privacy and security of your personal information is of the utmost importance.
This notice sets out what we do with your information and how we ensure its security. It also explains where and how we collect your personal information, as well as your rights over any personal data we hold about you.
This policy applies to you if you use our products or services in our shops, over the phone, online or if you are interacting with us on social media.
What sort of personal data do we collect?
- Information that you provide to us by phone, online, email, post or social media such as your name, address, telephone number, email address, payment details such as bank accounts and methods of payment and feedback.
- Your account login details, including your user name and password.
- Books and products that you have ordered or services used
- Information about any device you have used to access our Services (such as your device’s make and model, browser or IP address)
We will only collect and process your data with your consent. An example of this would be when you tick a box to receive emails about events.
When collecting your personal data, we’ll always make clear to you which data is necessary in connection with a particular service.
In certain situations, we need your personal data to comply with our contractual obligations. This may be to contact you in regard to an order you have placed or to post an item to your home address if that is what you have requested.
There are occasions where the law requires that we may need to collect and process your data. For example where criminal activity relating to Blackwell’s occurs.
In specific situations, we may require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.
How do we use your personal data?
- To respond to any queries you have.
- To process your orders or requests.
- To process a payment from you or give you a refund.
- To offer you payment in the currency of the country you are located in.
- To prevent fraud.
- To conduct market research – either Blackwell’s or agreed third parties.
- For data analysis so that we can improve our service to you.
- To contact you about products and services.
How we protect your personal data?
We know how much data security matters to all our customers. With this in mind, we will treat your data with the utmost care and take all appropriate steps to protect it.
- We secure access to all transactional areas of our websites using ‘https’.
- Access to your personal data is password-protected.
- We hold no credit card numbers on our internal systems.
- We carry out software security scans to identify ways to improve security.
- We have internal systems and data security policy that is reviewed every year and all of our employees sign each year.
How long will we keep your personal data?
Whenever we collect or process your personal data we will always retain your personal information in accordance with law and regulation and never retain your information for longer than is necessary for the purpose for which it was collected.
At the end of that retention period, your data will either be deleted or anonymised.
Who do we share your personal data with?
We sometimes share your personal data with trusted third parties: examples are couriers, IT companies that provide internal business systems and event management companies.
We have agreements with these third parties to ensure that:
- They may only use your data for the exact purpose specified by us.
- We only give them the data they need for this specific purpose.
- They delete or make anonymous any personal data when they stop working with us.
We will only share data with third parties for their own purposes and only if you have given specific consent for us to do this. For example, if you entered a competition and you agree to accept marketing information from them.
We may share information about fraudulent or potentially fraudulent activity on our premises or systems. This may include sharing data about individuals with law enforcement bodies.
We currently use the following companies who could process your personal data as part of their contracts with us:
- Post Affiliate Pro
- Givex (Gift Card & Reward Card)
- Laser Surveys (Mapping)
- Eventbrite (event and ticket management)
- Royal Mail
- Customer Orb
- Mail Handling International
- Postal services throughout the world
- National Book Tokens
- Channel Reply
- Survey Monkey
- Digital Ocean
Links to other websites
We partner with Alibris, you can find their privacy notice here - https://www.alibris.co.uk/policies/privacy
Keeping you informed about products and services
If you consent to Blackwell’s sending you information about new books, products and services we would be delighted to do so.
We won't send you marketing messages if you tell us not to but we will still need to send you occasional service-related messages especially where it relates to orders you may have placed with us.
If you wish to amend your marketing preferences, you can do so by clicking the unsubscribe link on any marketing messages that you receive from us or by contacting email@example.com.
Where do we process your personal data?
If you wish for more information about these contracts please contact our Data Protection Officer at GDPR@Blackwell.co.uk
Do Blackwell's bookshops process child data?
Yes, but only with explicit consent from the parent or guardian of that child.
What are your rights with regard to your personal data?
You have the right to access the personal information that we hold about you and you also have a right to ask us to stop or limit the processing of your data in certain circumstances or to correct inaccurate data.
You can submit a Subject Access Request to Blackwell’s to our Data Protection Officer GDPR@Blackwell.co.uk or to our customer service team at help@Blackwell.co.uk if you wish us to provide you with the personal data we hold about you.
If you prefer to write please contact:
Blackwell’s Data Protection Officer, 50 Broad Street, Oxford, OX1 3BQ
If we agree that we are obliged to provide this personal information to you we will ask for proof of identity before passing on any information to ensure your confidentiality. We will process the Subject Access Request free of charge. If we do not agree that we are obliged to process the request we will explain our reasons for doing so.
You have the right to change your mind in regard to consent for direct marketing at any time and withdraw that consent. You can click the ‘unsubscribe’ link in any email communication that we send you. You can also email or write to Blackwell’s at the contacts given above.
How our providers use your personal data
When you apply for a product or service from one of our chosen providers, your data will be collected and used by them under the terms of their own separate privacy policies.
Contacting the Information Commissioner’s Office
If you are unhappy with the way we have handled your data or have not had a satisfactory response to your requests you have the right to contact the Information Commissioner’s Office. www.ico.org.uk/concerns
If you live outside the UK, you have the right to contact the relevant data protection regulator in your country of residence.
If you have any questions that haven’t been covered, please contact our Data Protection Officer at GDPR@Blackwell.co.uk for assistance.
This notice was updated on 9th of May 2018.