Who we are
We are registered with the ICO under the Data Protection Register, our registration number is: ZA482340.
What personal data we collect and why we collect it
When signing up as a user on our site, you will initially be asked for your email address so that we can contact you about your account if needed. When you place an order, you will be asked for personal details such as your name, email address, phone number and address. This information is required so that we can keep you up to date with any subscription changes and order related information, and dispatch your order. From time to time we may need to contact you about your order and make amendments.
All users can see, edit, or delete their personal information at any time in their user profile (except they cannot change their username). Website administrators can also see and edit that information. Website administrators do not have access to password details.
All order data is processed within ecoUrbanites; additionally the website is administered by ecoUrbanites. Card payments are processed through the Stripe Checkout or PayPal, so we do not have access to your card details.
We will continue to process your information on this basis until you withdraw consent or it is determined your consent no longer exists. If you withdraw consent, we will retain your personal data for 6 months after your last order date for legal reasons.
When visitors leave comments/reviews on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you send us a message using the contact form on our website, you will be asked for your name and email address so that we can reply. You will be asked to consent to us storing your submitted details for this purpose. We will not add you to our mailing list or send you any other communication unless you request us to do so. We will retain your message for a period of 6 months.
If you choose to sign up to our mailing list on our website, you will be asked for your name and email address so that we can can add you. By signing up to our mailing list you are opting in to receive marketing communications from us. You can opt out at any time by emailing us at [email protected] or by clicking the link at the bottom of the email.
We use Mailchimp as our mailing list provider. This collects your name, email address, the date you subscribed and your interaction with our emails.
Back in Stock Notifier
If you subscribe to an out of stock product, you will be asked for your email address so that we can email you when the product comes back into stock. We will not add you to our mailing list or send you any other communication.
We use Google Analytics to collect usage data from our website. This data allows us to monitor our website and analyse the use of our website in order that we can keep improving it. We do not collect personal details such as IP address. You can opt out of Google Analytics as described here: https://tools.google.com/dlpage/gaoptout.
We use Google reCAPTCHA to protect our site from spam and abuse. It uses advanced risk analysis techniques to tell humans and bots apart.
We use Google Ads to advertise on Google. We get data about our ads’ performance to help us focus our advertising more effectively. From Google:
We give advertisers data about their ads’ performance, but we do so without revealing any of your personal information. At every point in the process of showing you ads, we keep your personal information protected and private.From: https://safety.google/privacy/ads-and-data/
We use WooCommerce for our online store. We collect information about you during the checkout process on our store. While you visit our site, we’ll track:
- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed.
- Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping.
- Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings
- Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for seven years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.
We will also store reviews, if you choose to leave them.
We use WooCommerce Subscriptions to process our recurring subscription payments.
For the purposes of processing recurring subscription payments, we store the customer’s name, billing address, shipping address, email address, phone number and card/payment details (processed via Stripe).
MailChimp for WooCommerce
When shopping, we keep a record of your email and the basket contents for up to 30 days on our server. This record is kept to repopulate the contents of your basket if you switch devices or need to come back another day.
WooCommerce Cart Abandonment Recovery
When shopping, your email and basket are saved, so we can send email reminders about your order.
Who we share your data with
We share information with third parties who help us provide our orders and store services to you, for example:
We accept payments through the Stripe Checkout. When processing payments, some of your data will be passed to Stripe, including information required to process or support the payment, such as the purchase total and billing information.
We accept payments through PayPal. When processing payments, some of your data will be passed to PayPal, including information required to process or support the payment, such as the purchase total and billing information.
We share your name, email address and billing address with AgeChecked.com in order to confirm your age prior to dispatching your order.
AgeChecked.com does not retain personally attributable personal data once age verification has taken place. Names, addresses and contact details are scrubbed from their system. They retain age attributes, but do not hold data to allow these to be attributed to individuals.
We share your name and address details with our couriers so that they can deliver your orders. We use APC Overnight for the majority of our deliveries. Other deliveries are made by ourselves.
How long we retain your data
We use and retain your data as outlined above, but in summary:
- We will keep your account and order details until you withdraw consent. If you withdraw consent, we will retain your personal data for 6 months after your last order date for legal reasons.
- Your email and basket contents are kept for up to 30 days.
- We will keep you on our mailing list until you withdraw consent.
- We will keep contact form enquiries for a period of 6 months.
What rights you have over your data
If you have an account on this site, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we have to keep for administrative, legal, or security purposes.
Where we send your data
Visitor comments/reviews may be checked through an automated spam detection service.
How we protect your data
We keep our website secure and up to date to protect user’s data. For example:
- We enforce the use of strong passwords and two-factor authentication for Website Administrators and Shop Managers.
- Connections to this site are secured using an SSL certificate – this is evidenced by the padlock in the address bar and our website starting with https://
- We have a firewall in place to block brute force attacks.
Our contact information
Please email us at [email protected] if you have any privacy concerns.
Last updated: June 2020