Starling Wines Limited, Company Number 07505675, ICO notification number XXXXXX Registered office address: 96 Farringdon Rd, Farringdon, London EC1R 3EA
Starling Wines respects your privacy and seeks to protect your personal data. The following information describes how we gather and use data. The amount of information Starling Wines holds on you and how it uses it depends on your relationship with Starling Wines and on what service you use, so some of the sections below may not be relevant to you.
Why do we need information?
We use your data to help us provide the best experience of our products and services, which includes using data to improve (and, where possible, personalise) your experiences. We use your data to communicate with you, for example, informing you about new products or services, security and other types of updates. We also use data to fulfil contracts, to send you the goods you have bought, invoices and to collect payments.
What do we use information for?
We use data for the following purposes:
- To improve your experience of our products and services
- Product improvement and development
- Customer support
- Security, safety and dispute resolution
- Communications and marketing
- Fulfilling contracts and collecting payment
What personal information do we collect about you?
- We may collect your name, address, email address, phone number.
- We collect anonymous information sent by your browser when you visit our websites, including IP address, visited page / category, geographic location, referrer, operating system, duration, landing URL, search keyword and browser version.
- We may collect data that you have sent to us through online registration forms, contact us or career enquiries.
How do we use the information we collect about you?
We do not sell or rent your personal information to other companies or individuals.
- Marketing information – If you have requested information about our products or services or have participated in a Starling Wines marketing event, we may use your personal information to follow-up with important announcements and to keep you informed of any news, special offers or promotions that we believe might be of particular interest to you.
- General service provision – to communicate with you in the event that any products or services you have requested are unavailable or require delivery and general service provision.
- We do not store credit card details nor do we share financial details with any 3rd parties
- For internal sales analysis
Vendors that may collect anonymous data on our behalf if we request it are:
- Google Analytics:
We use Google Analytics to analyse the performance of our websites and follow up on the effectiveness of our marketing efforts. Google Analytics allow us to analyse data in aggregate, we do not collect or store any personal information in Google Analytics.
We may use a number of services, listed below, for advertising based on your web activity, or remarketing. We use this to show adverts to visitors that have been to our websites, on Google, Facebook, LinkedIn, and other participating websites. If you have an account with any of the vendors below, their privacy statement may allow them to connect the fact that you have been to our websites and the pages you have viewed with your profile. Your anonymous browsing behaviour may in turn be shared by the following partners as outlined in their privacy statements. We do not share any personal information with these vendors.
- Email Marketing & Direct Mail:
If you are a customer, partner, or prospect we may use your business contact information and business address to send you marketing communications such as email marketing and direct mail. We may also send you product or company news and service updates that are relevant to your use of our website, products and services. We will process this personal information for the legitimate business purposes stated above.
If you do not wish to receive email marketing content from us, you can email firstname.lastname@example.org
How long do we keep your information for?
We keep your business/personal information as long as it is warranted for us to fulfil our commitments to you, or to adhere to legal or regulatory requirements.
- If you are a customer, we keep information for the duration of the relationship. If you have requested to receive marketing communications, we will keep your personal information only as long as you interact with us, or until the data subject opts-out or asks to be forgotten.
- If you have transacted with us we will keep your information for at least 7 years for legal reasons.
- If you store wines with us we will keep your data for the whole duration until 7 years after you have removed the wines unless you have asked to be forgotten.
If you have asked to be forgotten, your data will be removed in accordance with the General Data Protection Regulation with effect from 25th May 2018.
Who do we share your information with?
We work with third parties in the provision of some of our services, for example research agencies to help us improve our customer service, or marketing service providers who help us contact our customers and logistics partners who help deliver products.
On request, and when relevant to a service you use, we can provide details of which third parties we work with. We will also discuss and agree on any specific security questions or requirements you may have during the provision of our services.
The third parties we work with – including those who provide email and storage solutions used in our day to day work – are monitored on how they meet the requirements of current UK data protection legislation and the requirements of GDPR. When we contract with third parties we enter into agreements that encourage GDPR compliance.
Where this includes storage or processing of information outside of the European Economic Area (EEA), we include checks to ensure that compliance with the appropriate frameworks for exchange of personal data (such as the EU-US Privacy Shield) is in place. As a UK-based company our lead data protection supervisory authority is the ICO and GDPR is the standard for our data protection in all territories where data is processed.
We do not share nor sell your personal data to anyone else.
Exemptions to the above are where we are asked to provide information as a result of a court order or to recover monies due.
How is information stored?
We are committed to protecting the security of your personal data. We store data in a number of places depending on our requirements to access and use it. We use a variety of security technologies and procedures to help protect your personal data from unauthorised access, use or disclosure. For example, we store the personal data you provide on cloud based or computer systems that have limited access and are in controlled facilities. When there is a need to transmit data over the internet, it is protected by encryption and or passwords. Where possible, we avoid storing paper records of personal data.
Why do we need to store your data?
This is a legal obligation, because HMRC requires wine and spirit businesses such as ours to keep all business records concerning excise goods for at least six years. HMRC will occasionally carry out inspections of our business and the records we are required to keep for those purposes include, among other things, stock, purchases, sales and dispatches.
We may also store your information on our databases for reference and to record any preferences you have notified to us, for example in relation to your marketing communications contact permissions. The information may be retained and used by Starling Wines to answer queries or resolve problems, provide improved and new services, to respect your rights under GDPR, for analysis purposes and for any data retention requirements of the law. This means we may retain information after you cease to use our services or after you have ceased interacting with Starling Wines.
We store your information securely to prevent unauthorised use. See our Security section below.
In order to provide our products and services, we may need to pass information on to our agents and sub-contractors or appoint other organisations to carry out some of the processing activities on our behalf, such as logistics companies.
How is your personal information transferred outside of the EEA?
The data you pass to us may be processed outside the European Economic Area in order to provide you with the services you require (eg delivery outside of the EEA), although the data will always be held securely and in line with the requirements of UK data protection / GDPR legislation. By communicating electronically with us, you acknowledge and agree to our processing of personal data in this way.
Cookies are small text files which are stored on your computer, mobile phone or device. Cookies may be placed on your device when you visit a website or open a marketing email.
We also set third-parties cookies to allow you to easily link to third parties you may be subscribed to, such as Twitter and YouTube. We do not control these cookies, but we check how these cookies might use your information before allowing them to be set on our sites. Please visit the third-parties’ websites for more information on these cookies.
Our partners may also set cookies when they direct you to our site.
Contacting you via email alerts, notices and newsletters
Starling Wines only sends marketing information to those it believes it has a legitimate business interest to contact. For example, an existing customer or someone who has registered on our website. This means that, from time to time, we may send you email newsletters or other notifications in relation to products being promoted by us or on our website or new services being offered. If you wish to stop receiving some, or all, of our communications, you can unsubscribe by logging into your account, or follow the instructions included in our emails or contact email@example.com.
If you supply us with your postal address you may receive periodic mailings from us with information on new products and services or upcoming events. If you do not wish to receive such updates, you can unsubscribe by logging into your account, or please let us know by or emailing us at firstname.lastname@example.org.
If you supply us with your telephone number you may receive periodic calls from us to tell you about our products and services or upcoming events. If you do not wish to receive such calls, please let us know by or emailing us at email@example.com.
What if this privacy notice changes?
Interception of email
Starling Wines may intercept emails addressed to individuals within Starling Wines. The reasons we do this are related to the security of your data, to our security, to the security of our staff and others, for detection and prevention of crime and to identify correct recipients or to make sure mail is dealt with during staff absence. Starling Wines may reject, delay or remove content from emails which have a nature, content or attachments which may disrupt our systems or because they may pose security issues such as viruses.
We may also filter out emails which contain content which is considered offensive, unwanted or spam. In certain circumstances this may unfortunately result in “innocent” emails being affected. We do our best to reduce such occurrences.
Starling Wines has developed and implemented strict policies and processes governing information technology and data user behaviour. These cover areas such as access control, authentication, audit, monitoring, alarms, data storage and backup, transmission standards and environment integrity.
We use reasonable endeavours to install and have appropriate security measures in place in our systems and facilities to protect against the loss, misuse or alteration of information that we have collected from you.
We do not store any credit card details on our website. The card details are encrypted and securely held by WorldPay.
We minimise the personal data that is accessible to our colleagues, and where appropriate we anonymise that data for marketing purposes.
When we introduce new systems and policies that relate to personal data, we ensure that data protection and security is included in the design of those systems..
Your rights regarding our use of your personal data.
You can review, edit or ask us to delete your personal data we hold by contacting us directly at firstname.lastname@example.org.
You can alter how we use your information, for example how we communicate with you, by contacting Customer Services. You will always have the right to opt out of receiving promotional emails and other types of marketing or sales communication from us. If you opt out, you will also have the ability to opt back in at a later date.
If you specifically wish to stop receiving emails from us, please click on the “Unsubscribe” link included at the bottom of any of our emails. We respect your choice, and we will stop sending you promotional emails once you unsubscribe. It may take up to two weeks to process your request. Alternatively, you can email us at email@example.com or log in to your account and change your contact permissions. Unsubscribing from promotional emails will not affect our ability to email you for the fulfilment of a contract or service provision
We will respond to any request to access or delete your personal data as soon as possible, but certainly within 30 days.
Your ultimate point of contact for all data protection matters in the UK is the Information Commissioner’s Office. Please see the Contact Us page on the ICO website.