Data Protection Policy and Privacy Statement
Effective date: May 25, 2018
By using the SITE, you represent that you are at least the age of majority in your state, county or province of residence, or that you are the age of majority in your state, county or province of residence and you have given us your consent to allow any of your minor dependants to use this site.
365Astronomy Ltd, 10 Beaumont Road, Worthing BN14 8HG United Kingdom will be what’s known as the “Controller” of the personal data you provide to us.
You can reach our data protection officer by sending an e-mail to [email protected]
Information We Collect and Processing Purposes
If You choose to use our Products or Services, we would require You to provide contact and identity information, billing information, and other personal information as a part of registering an account with us. Once You register an account on the Site, You are no longer anonymous to us.
As part of your registration for Products or Services on the Site, You agree that You may receive certain administrative communications from us, such as administrative announcements and customer service messages regarding Products or Services and products during the period that we provide Products or Services to You. You may not opt out of receiving such administrative communications.
Our communications will usually include notices about your account (for example, confirmation e-mails about order status changes, dispatches of ordered goods, and other transactional information) and information concerning or related to the Products and/or Services. Sometimes we might have to contact you to confirm your address, phone number or other contact details for shipping purposes. These communications are part of your relationship with us.
The handling of your personal data within the scope of the registered account is carried out for the performance of the corresponding user contract as well as due to legal requirements, such as accounting rules.
We collect and store the following information:
- Information you give us to contact you, including, contact information, such as your name, company name, address, phone number, email address, and similar contact data;
- Automatic information, such as computer sign-on data, browser type, browser language, statistics on page views, traffic to and from our user interfaces and ad data. Like many websites, we use identifiers such as “cookies” (for more information see below).
The handling of your personal data for the provision of the Site, the Products and Services and for the communication with us is based on our legitimate interest. For the provision of the Site it is technically necessary that we process certain personal data (e.g. the IP address). For provision of the Products and Services and for the communication with us it is necessary that we handle the above-mentioned personal data.
We do not collect the following information normally:
- Credit card information, unless you place your order over the phone, but even in that case, your card details will be not usually recorded on paper or will be not held longer than it is necessary for the length of payment processing (usually few minutes), then your card details will be securely discarded. However, usually we will not write down your card details as it can be typed into the secure online system of the card processing organosation (currently PaymentSense). This also means that we do not store any card details at our premises or online. This data is only stored by the payment processing organisations, depending on which one use used, i.e. PaymentSense, Paypal, Amazon Payments etc.
Our Site may contain links to third-party websites. We are not responsible for the information practices or the content of such third-party websites. We encourage you to review the privacy policies of third-party websites to understand their information practices.
What Are Cookies?
Cookies are a feature of Web browser software that allows Web servers to recognize the computer used to access a Web site. Cookies are small text files that are stored by a user’s Web browser on the user’s hard drive. Cookies can remember what information a user accesses on one Web page to simplify subsequent interactions with that Web site by the same user or to use the information to streamline the user’s transactions on related Web pages. This makes it easier for a user to move from Web page to Web page and to complete commercial transactions over the Internet. Cookies should make your online experience easier and more personalized.
Here is a list of cookies that we use. We’ve listed them here so you can choose if you want to opt-out of cookies or not.
$XCART_SESSION_NAME (xid_...), Remembers the user's shopping cart contents. Remembers the user's personal account information (name, address, orders history, etc)
eucl_cookie_access EU Cookie Law module cookie; stores the user's cookie preferences
$XCART_SESSION_NAME . 'C_remember'
$XCART_SESSION_NAME . 'B_remember'
$XCART_SESSION_NAME . 'A_remember'
$XCART_SESSION_NAME . 'P_remember'
Allow to restore the user's context (store codes that allow X-Cart to know where to redirect the user after log-in, store some parameters for wishlist and special offers bonuses pages)
Remember the user's membership in an affiliate program (if any)
Stores MailChimp campaign ID and landing site
Allow collection of statistics on the user's purchases
GreetingCookie Remembers the user's name for the greeting message
store_language Remembers the user's language preferences
RefererCookie Stores the URL of the site from which the user came to the store
How Do We Use Information We Collect from Cookies?
We use Web site browser software tools such as cookies and Web server logs to gather information about our Web site users’ browsing activities, in order to constantly improve our Web site and better serve our customers. This information assists us to design and arrange our Web pages in the user-friendliest manner and to continually improve our Web site to better meet the needs of our customers and prospective customers.
Cookies help us collect important business and technical statistics. The information in the cookies lets us trace the paths followed by users to our Web site as they move from one page to another. Web server logs allow us to count how many people visit our Site and evaluate our Site’s visitor capacity. We do not use these technologies to capture your individual email address or any personally identifying information about you.
Data processing with your consent
General information on consents:
If you have given us your consent to process personal data for certain other purposes, other than buying products or services (e.g. sending you a newsletter), the data will be processed on the basis of this consent. We provide details on the contents when requesting the consent. Consents are always voluntary. If the processing of personal data is based on a consent given by you, you have the right to revoke this consent at any time. This also applies to consents given to us prior to the validity of the GDPR, i.e. before 25 May 2018. You can withdraw your consent by contacting us by sending an e-mail to [email protected]. Due to the large amount of emails that we handle, we would also require that you call us about such request in addition to your email.
The legality of data processing prior to withdrawal remains unaffected by your withdrawal.
The legal basis for data processing based on consent is Art. 6 Paragraph 1 a) GDPR.
Newsletter and Blog
Our newsletter is used as a general means of communication and may include updates to the Services or Products that we supply. It may also include information about events, special offers, product updates, new product launches, product reviews and similar information. You have the option to unsubscribe to our newsletter at anytime.
Our Disclosure of Your Information
We do not sell or rent Your personal information to third parties for their marketing purposes without Your explicit consent. We may disclose personal information to respond to legal requirements, enforce our policies, respond to claims that a content violates other’s rights, or protect anyone’s rights, property, or safety. We may also share personal information with:
- service providers who help with our business operations and assist in the delivery of Products or Services to our users. These service providers are under data protection agreements with us;
- law enforcement or other government officials in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, violations of law, or as otherwise required by law
Accessing, Reviewing and Changing Your Personal Information
If you are registered on our website to receive Products or Services, You can access, review and modify Your personal information at any time by logging into your Profile page.
You have the right to object at any time on grounds arising from your particular situation to the processing of personal data concerning you on the basis of Article 6(1)(e) GDPR and Article 6(1)(f) GDPR. If you object, we will no longer process your personal data unless we can prove compelling legitimate reasons for the processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.
Example: accounting rules would prevent us from deleting your personal data from our system for the legally required period of time, that is currently 6 years in the U.K. If you have registered on our website for an account, but never purchased from us, we will be able to delete your personal details on request, but if you made a purchase, we will be able to delete your details only once accounting rules would allow us to do so.
If you are of the opinion that the processing of your personal data violates legal requirements, you have the right of appeal to a data protection supervisory authority responsible for us.
We will delete personal information when we no longer need it for the purposes we described earlier. We may retain personal information as permitted by law to resolve disputes, enforce our policies, and prevent the recurrence of fraud or other illegal or improper activity.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
All the personal data we process is located on servers within the United Kingdom on a secure server behind a firewall. No 3rd parties have access to your personal data unless the law allows them to do so. I.e. X-cart who manages and hosts our webshop have access to the data, but they have strict rules and safety mesures to make sure that this data is not being shared with any unauthorised parties. We have also signed a GDPR-compatible data processing agreement with them.
We have a data protection regime in place to oversee the effective and secure processing of your personal data.
Notification of Changes