For the purpose of data protection legislation, the data controller is The Orchard Fruit Company, Level 5, 9 Hatton Street, London, NW8 8PL.
Data protection principles
We comply with data protection law and principles, which means that your data will be:
- Used lawfully, fairly and in a transparent way.
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
- Relevant to the purposes we have told you about and limited only to those purposes.
- Accurate and kept up to date.
- Kept only as long as necessary for the purposes we have told you about.
- Kept securely.
What information do we collect from you?
We will collect and process the following data about you:
- Information you give us. This is information about you that you give us by filling in forms on our site or by corresponding with us by phone, email or otherwise. The information you give us may include your name, address, email address and phone number.
- Information we collect from your use of our site. With regard to each of your visits to our site we will automatically collect the following information:
- technical information, such as the Internet protocol (IP) address used to connect your device to the Internet, whereabouts you connected to our service, your internet service provider (ISP), and what type of device you are using to access our service;
- Information we collect throughout our relationship. This is information relating to products that you download.
- Information we collect when you call us. If you call us we will automatically collect the following information:
- the phone number used to call us
- a recording of all inbound and outbound calls.
- Information we receive from other sources. We are working closely with other organisations, including:
- Providing us with your details online. This is information you may choose to provide us with using the contact page on our site. It includes your name contact details. Please let us know if any of this information changes so we can keep our records up to date.
Why do we collect this information?
We use this information in the following ways:
- Information you give to us. We use this information:
- for the purpose of improving our service to you, to ensure that content from our site is presented in the most effective manner for you and for your device;
- to deal with any legal queries relating to your use of our service;
- to provide you with service communications so that you receive a full and functional service and so we can perform our obligations to you. These may be sent by email [or post or, if the circumstances require it, we may contact you by phone]. These will include notifications about changes to our service;
- in our [and third party’s] legitimate interest of [keeping customers up to date with good and services], [increase awareness of us and third parties within the market], [making promotional offers] and [generating new business], [building and maintaining loyalty or market share.]
- Information we collect from your use of the site. We will use this information for the following purposes:
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your device;
- as part of our efforts to keep our site safe and secure;
- to measure or understand the effectiveness of advertising we serve to you and others
- Information we collect throughout our relationship. We will use this information to help us provide you with our services.
- Information we receive from other sources. See the ‘Who might we share your information with?’ section below for details of how we use information in conjunction with our associated third parties.
How long do we keep hold of your information?
We will keep information about you for a maximum of 6 years after the end of our relationship with you unless obligations to our regulators require otherwise or we are required remove such data from our records.
Telephone records. We will keep these up to 6 months from the time the recording was made.
Who might we share your information with?
You agree that for the purposes set out in the ‘Why do we collect this information?’ section above, we have the right to share your personal information with:
- Selected associated third parties, some of whom we appoint to provide services, including:
- business partners, subsidiaries, affiliates, suppliers and sub-contractors for the performance of any contract we enter into with you;
- analytics and search engine providers that assist us in the improvement and optimisation of our site;
- Customer survey providers in order to receive feedback and improve our services.
- Any member of our group, which means our subsidiaries.
- Additionally, we will disclose your personal information to the relevant third party:
- In the event that we sell or buy any business or assets, in which case we will disclose your personal data to the prospective seller or buyer of such business or assets.
- If we are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
How is your data stored and kept secure?
At The Orchard Fruit Company; we take your safety and security very seriously and we are committed to protecting your personal and financial information. All information kept by us is stored on our secure servers. Where we have given you (or where you have chosen) a password that enables you to access certain systems, you are responsible for keeping this password confidential and changing it when prompted to do so. We ask you not to share a password with anyone; doing so could put personal and business data at risk and could lead to disciplinary action.
Paper copies containing person data will be kept in a locked filing cabinet and shredded/destroyed at the end of the appropriate retention period OR scanned in and immediately shredded/destroyed.
Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We may transfer your data outside the European Economic Area ("EEA"). We will only do so if adequate protection measures are in place in compliance with data protection legislation. We use the following protection measures:
- transferring to Commission approved countries;
- using Commission approved model contractual clauses;
- requiring companies we transfer data to, to be signed up to the relevant certification e.g. Privacy Shield for USA
What are your rights?
Where processing of your personal data is based on consent, you can withdraw that consent at any time.
- You have the following rights. You can exercise these rights at any time by contacting us at email@example.com or through the “Contact Us” section of our Sites. You have the right:
- to ask us not to process your personal data for marketing purposes. We will inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes;
- to ask us not to process your personal data where it is processed on the basis of legitimate interests provided that there are no compelling reasons for that processing;
- to ask us not to process your personal data for scientific or historical research purposes, where relevant, unless the processing is necessary in the public interest.
- to request from us access to personal information held about you;
- to ask for the information we hold about you to be rectified if it is inaccurate or incomplete;
- to ask for data to be erased provided that the personal data is no longer necessary for the purposes for which it was collected, you withdraw consent (if the legal basis for processing is consent), you exercise your right to object, set out below, and there are no overriding legitimate ground for processing, the data is unlawfully processed, the data needs to be erased to comply with a legal obligation or the data is children’s data and was collected in relation to an offer of information society services;
- to ask for the processing of that information to be restricted if the accuracy of that data is contested, the processing is unlawful, the personal data is no longer necessary for the purposes for which it was collected or you exercise your right to object (pending verification of whether there are legitimate grounds for processing);
- to ask for data portability if the processing is carried out by automated means and the legal basis for processing is consent or contract.
Should you have any issues, concerns or problems in relation to your data, or wish to notify us of data which is inaccurate, please let us know by contacting us using the contact details above. In the event that you are not satisfied with our processing of your personal data, you have the right to lodge a complaint with the relevant supervisory authority, which is the Information Commissioner’s Office (ICO) in the UK, at any time. The ICO’s contact details are available here: https://ico.org.uk/concerns/.