BREXIT UPDATE FROM THE ICO.
The UK government has incorporated it into UK law (the UK GDPR) alongside the Data Protection Act 2018.
If you are a UK business or organisation that already complies with the GDPR and you have no contacts in the EEA who send you data, and no customers in the EEA, you do not need to do much to comply now that the Brexit transition period has ended.
Modernist Fragrance Ltd. confirms it is in compliance with this advice to the best of its knowledge and the processes outlined below continue as before.
The EU General Data Protection Regulation (GDPR) is effective 25th May 2018 and applies to companies that process data about individuals in the context of selling goods or services to citizens in other EU countries.
At its simplest, the regulation gives new rights for people to access the information companies hold about them and creates obligations for the management of that data by businesses.
For Modernist Fragrance Limited (“MFL”), please note the following:
- We aim to be fully compliant with GDPR especially as it relates to, though not limited to, the way we gain your consent to include you in our email marketing campaigns and that we handle any of your personal data in a professional, safe, secure and compliant manner.
- Prior to the effective date of GDPR, MFL removed the “accepts marketing” flag from all users in its database. Customer information obtained prior to GDPR was retained for the purposes of operating customer accounts only
- MFL acquires and uses your data for the purposes of operating your account and fulfilling orders made and we retain your information for this purpose and only use it where there is legitimate interest
- MFL does not require that accounts are set up to purchase from the website and the "accepts marketing" box is unchecked and requires your informed consent to opt in
- Where a customer opts in to receive marketing information, this is by email only. We do not market via phone or post
- We do not, and will never unless required by law or if you violate our terms of service, pass your information on to any other third parties except as required to operate your account and fulfill orders to you
- Our e-commerce provider, Shopify, has implemented processes to ensure customers of modernist fragrance can in accordance with GDPR request to see the information held about them and its originating source and also to request removal of this data. Any questions or requests regarding your personal information can be directed via the contact form or sent to email@example.com
- You can review our terms of service and privacy statement
- We use certain third parties as part of our e-commerce solution who handle your personal data. These are: Shopify, Mailchimp, ShopSync LLC, Apple Pay, Google Pay, Shopify Pay, PayPal, Talon Commerce, Royal Mail, DPD
- To the best of our knowledge, these organisations have implemented GDPR and comply with it.
- With regards to PayPal, Apple Pay, Google Pay and Shopify Pay, Modernist Fragrance Limited. has no access to your payment details – these are held by the payment processor in accordance with its own standards which we reviewed when signing up with them
- Modernist Fragrance uses Google G Suite to host its email used with customers and suppliers
- In designing and implementing its e-commerce solution, MFL chose industry standard suppliers and used its best efforts and professional due diligence to satisfy itself that the solution was compliant in terms of data security and their handling of third party data in as far as it specifically relates to the provision of our solution. You are encouraged to familiarise yourself with these standards as available on the websites of each of our solutions providers
- Modernist Fragrance Limited uses strong, unique passwords on all applications that process or hold customer data based on guidance issued by the UK Government department NSCC and uses two factor authentication for login where available
- Devices used by Modernist Fragrance Limited are security protected by strong passwords and / or bio-security access requirements
- As a small business, Modernist Fragrance Limited is not required to have a Data Protection Officer. Any questions or requests regarding your personal information can be directed via the contact form or sent to firstname.lastname@example.org
- Please note that other than as specified in law or by governmental regulations, MFL accepts no liability in connection with the use of our services, website, products or third party providers used to facilitate them. Your use of our website is taken to be your informed and express consent to use your data in accordance with law, regulation and our terms of service and privacy statement
For full information see the EU GDPR Website