Privacy Policy

This privacy policy notice is for the website www.hannamac.com and governs the privacy of those who us the website. The reason for this policy is to explain how we (www.hannamac.com) control, process, protect and handle your personal information which we may obtain whilst you browse this website. The policy will include your right under current laws and regulations. If you have any disagreements with the policy, you should cease using, viewing and interacting with this website.

Key (for policy clarity) definitions:

  • “I” , “our” , “us” , or “we” refers to the business which is www.hannamac.com
  • “you” , “the user” , “the customer” refers to the person, or persons, using the website
  • ICO is an acronym for Information Commissioners Office
  • GDPR is short for General Data Protection Act
  • PECR is short for Privacy and Electronic Communications Regulation
  • Cookies are the small files that are stored on your device whilst browsing

Your individual rights

  • Your GDPR rights are as follows. You can read more about your rights here
  • You have the right to be informed
  • You have the right of access
  • You have the right to object
  • You have the right to erasure
  • You have the right to rectification
  • You have the right to data portability
  • You have the right to object to being subjected to automated decision-making which includes profiling.
  • If you have any complaints, you can complain to the ICO (www.ico.org.uk) if there any problems, or feelings with how you perceive us to be handling your data. We handle subject access requests in accordance to the GDPR

Internet Cookies

We use cookies on this website, and we use them to provide you with a better user experience whilst browsing. A cookie is a small text file which is stored into your computer, or browsing device, and this allows websites to track how you use them. A cookie can record or log whether you have seen a particular message that is displayed. A  cookie can also help to keep you logged into the website where applicable. A cookie can be used to help display relevant adverts or content. A  cookie can be used to refer you to a third party website. Some cookies are required for the user to be able to experience the full functionality of the website.

We use a cookie control system which allows you to accept cookies, this control is then saved to your browsing device. Some cookies are only saved for a certain of time, where as some cookies will last indefinitely. If you check your web browser you should be able to control, manage and delete cookies from your browsing device.

Processing of your personal data

Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you electronically using the following lawful bases.

  • Lawful basis:Consent
    The reason we use this basis: Processing of online sales
    We process your information in the following ways: Delivery of physical order, customer support
    Data retention period: We will continue to process your information under this basis until you withdraw consent or it is determined your consent no longer exists.
    Sharing your information: We do not share your information with third parties.
  • Lawful basis:Contract
    The reason we use this basis: #
    We process your information in the following ways: #
    Data retention period: We shall continue to process your information until the contract between us ends or is terminated under any contract terms.
    Sharing your information: We do not share your information with third parties.
  • Lawful basis:Legal obligation
    The reason we use this basis: Prevention of electronic fraud
    We process your information in the following ways: Storage of non sensitive payment information not limited to cardholder address, phone number, card type
    Data retention period: 180 days
    Sharing your information: We do not share your information with third parties.

 

Data security and protection

We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.

Transparent Privacy Explanations

We have provided some further explanations about user privacy and the way we use this website to help promote a transparent and honest user privacy methodology.

Email marketing messages & subscription

Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the “Processing of your personal date” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.

Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.

Any email marketing messages we send are in accordance with the GDPR and the PECR.

Resources & further information