Processing personal data
We rely on the following lawful bases for processing your data:
Consent – we ask your consent for marketing to you by email or post; by consenting to this request we can collect and process your data for this purpose.
Contract – we need to collect and process your personal data to fulfil a contract with you; for example if you place an order or ask for a quote.
Legal obligation – where necessary we are obliged to process personal data to comply with the law; for example if you place an order with us we must retain some personal data for at least six years to comply with HMRC and our obligations under legislation including the Sale of Goods Act 1982 and Consumer Rights Act of 2015.
Legitimate interests – we collect and process some personal data to pursue our legitimate interests in a way you that would reasonably be expected as part of running our business; for example to better understand our customers so as to provide products and services.
Personal data we collect
We may collect and process some or all of the following information:
Your name, address, phone number, email address, gender, date of birth and other contact information;
Details of payments that you make to us (payment card details and other transaction details are held by a trusted third-party payment provider);
Information about your order and payment history, and information we learn from the way you purchase from us;
Information about your credit history with other credit providers which we obtain from credit reference agencies;
Copies of proof of identification or proof of address provided to us;
The marketing preferences that you provide to us confirming whether you would like us to contact you with information and offers that may be of interest to you; and
Records of your activity on our website gathered by cookies on your computer, including your IP address.
Protecting personal data
We take the necessary security arrangements to protect your personal data that is in our possession to prevent unauthorised access, use, disclosure, or similar risks. We take reasonable and appropriate measures to maintain the confidentiality and integrity of your personal data and will only share your data with authorised persons for the exact purpose we specify.
The checkout process on our website is held on a secure server using SSL (secure socket layer) technology to transfer data, which is evidenced by a small padlock symbol next to the web address in your browser. You can verify the security certificate in place by clicking on the padlock symbol.
Sharing personal data
We may need to share your personal data with third parties. In such cases your data will only be shared with parties who adhere to GDPR, data will only be used for the exact purpose we specify, data will be transferred and stored securely and will be deleted or anonymised if we stop working with that third party.
The following list is indicative of third parties with whom we share data (but is non-exhaustive and may change from time-to-time):
Postal services and delivery couriers
Email marketing service providers
Event ticketing services
Retaining personal data
We keep your data for as long as it’s needed, after which time it will be deleted or anonymised such that any personal data is removed.
We retain customer data for 6 years for legal purposes, and to ensure that we are able to assist with any issue that might arise from a previous purchase. After 6 years we will remove your data unless you have consented to our marketing activity.
If we provide you with a quote and you don’t consent to marketing, we’ll keep your data for 12 months in case you wish to proceed.
If you provide us with proof of identity or proof of address we keep this data for 3 months, at which point it is permanently deleted.
Your rights over personal data
Please contact us if you would like to exercise your right to:
Access your personal data (no charge)
Correct any errors in your personal data
Erase your personal data (unless that would conflict with our legal obligations)
Withdraw consent for us to use your personal data
Object to us processing your personal data
Withdrawal from marketing
We try to provide you with only informative and relevant content, but you can withdraw consent for us to market to you:
by clicking the ‘unsubscribe’ link at the bottom of any marketing email we send
by contacting us and asking to opt out
Unhappy with our approach?
If you are unhappy with any aspect of our use of your personal data, please let us know.
You also have the right to lodge a complaint with the Information Commissioner’s Office (the supervisory authority), whose contact details can be found on their website.
What are cookies
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive.
We use the following cookies:
First-party (Coastal Cameras) cookies
This website will set some cookies that are essential for the website to operate correctly.
These are as follows:
Visitor ID – this cookie is a numeric value that identifies unique visitors and provides coherence and consistency to a site visit including location and site preferences
Customer – contains information about whether you are logged in or not
Session ID – this cookie identifies your website session
civicAllowCookies – this cookie states whether you allow optional cookies