Privacy Policy
Privacy Policy
Your use of the Santoro website signifies your consent to the collection, processing and use of personal information by us for the purpose of dealing with your order, processing payment, credit reference checking, fraud detection and market research.
At Santoro, we are committed to safeguarding your privacy. We use the information that we collect on this site to make shopping at santoro-london.com possible and to enhance your overall experience. We promise to keep your details confidential and we will not sell, trade or rent your personal information to others.
Our site uses secure server software to protect your information whenever you place an order or access your account information. This software encrypts all information you input before it is sent to us to minimise the risk of the data being intercepted.
Any changes to our security and privacy policy will be posted on this site, so you are fully aware of your rights and can notify of us of any changes.
Should you need to contact us please write to: Santoro Ltd, Farfield Park, Manvers, Rotherham, South Yorkshire S63 5DB. or via DataProtection@Santoro-London.com quoting Security and Privacy Enquiry.
This privacy notice was last updated on 16th May, 2018.
Internal Security at SANTORO
Access to customer data is limited to only those personnel who require this information to process your order. All employees are required to sign a security clause as part of their terms of employment with the company.
What information do we collect when you register and why?
When you buy goods from us, you are entering into a contract with us. You will need to set up a SANTORO account before ordering from us, and so we can set this up we ask you to provide some personal information such as;
- full name
- address (and previous addresses)
- date of birth
- contact numbers, and
- email address.
In order to undertake website personalisation, we may also gather information about the devices you use to access our sites (desktop and mobile), and this may include IP address. For further information on our use of cookies and tracking please see our Cookie Notice.
How do we use your information?
Data Protection indicates that we are allowed to use and share your personal data only where we have a proper reason to do so. The law says we must have one or more of these reasons and these are:
- Contract - your personal information is processed in order to fulfil a contractual arrangement e.g. in order to send you your SANTORO order.
- Consent – where you agree to us using your information in this way e.g. supplying payment details to pay for your order.
- Legitimate Interests - this means the interests of SANTORO in managing our business to allow us to provide you with the best products and service in the most secure and appropriate way e.g. to transfer your data to certain Third Party’s such as delivery partners.
- Legal Obligation – where there is statutory or other legal requirement to share the information e.g. when we have to share your information for law enforcement purposes.
Here is a list of the ways that we may use your personal information, and which of the reasons described above we rely on to do so. Where we list legitimate interests as a reason, we also describe below what we believe these legitimate interests are. This is not an exhaustive list.
What we use your personal information for |
Our reasons (legal basis) |
Our explanation of SANTORO’s legitimate interests |
Set up your SANTORO account |
• Legitimate interest |
To ensure efficiencies for future transactions. |
Process your orders |
• Fulfilling a contract |
N/A |
Notify you of your order status. |
• Legitimate interests |
Clear communication to ensure the customer order arrives swiftly and to the right place and at the right time. |
Manage your account/ provide customer services to you. |
• Legal obligation/ Legitimate interests (depending on nature of services) |
Keep records up to date, and handle our customer contact efficiently and effectively. |
To detect, investigate and report financial crime (e.g. Fraud) |
• Legal obligation/ Legitimate interests |
Develop and improve how we deal with financial crime. Comply with any legal obligations placed on us and that apply to us. Ensure efficiency in dealing with such activity, and to make service and process improvements. |
Undertake website personalisation and administration. |
• Legitimate interests |
Ensure that the customer’s visit to our website is the best experience possible, saving time, and not promoting irrelevant products or offers. |
Marketing communications to inform you of special offers, promotions, new lines and sales. |
• Legitimate interests |
Provide our customers with news and details to ensure they are always aware of the latest products and offers. |
Notifying you about enhancements to our services, such as changes to the website and new services that may be of interest to you. |
• Legitimate interests |
To ensure priority updates are received by customers and ensure they are the first to know about new developments. |
Contact you to undertake customer satisfaction surveys, invite you to provide product reviews or for market research. |
• Legitimate interests |
To develop products, services, applications and designs that attract and retain customers, and to improve customer interaction with our sites. |
Maintaining network and data security |
• Legitimate interests |
To maintain the security of our network this in turns helps us to maintain the safety and confidentiality of your information. |
Logistics planning, demand forecasting, management information and research |
• Legitimate interests |
We use information about shopping habits, products bought and volumes, to help us to respond to demand, ensure the right products get to the right areas and to help us plan our collections. |
Who we share your information with and why
SANTORO works with a number of trusted suppliers, agencies and businesses in order to provide you the high-quality goods and services you expect from us such as delivery companies, credit reference agencies, fraud prevention agencies, and IT service providers amongst others. Some examples of the categories of third parties with whom we share your data are:
Your Rights Your personal data is protected by legal rights, which include your rights to object to our processing of your personal data; request that your personal data is erased or corrected; request access to your personal data.
Transfers to third countries
Some of the information you provide to us may be transferred outside the European Economic Area to countries such as the US. This is a transfer to a “third country”. For example, SANTORO has a business relationship with MailChimp who we use to email our newsletters, but we have verified that they participate in the EU-US Privacy Shield and have had their compliance certified and as such their handling of data is considered secure on their servers as per GDPR requirements. SANTORO also works with suppliers and partners who may make use of cloud and/or hosted technologies. We undertake data security due diligence on our partners and ensure that that these partners conform to appropriate accreditations.
Credit Card Security
We are confident that credit card information entered on our site will not be accessible to any unauthorised person or company. Our secure sockets layer (SSL) encryption uses 128-bit encryption.
Keeping in touch with you
We want to keep you up to date with information about new ranges, special offers and improvements to our website. When you set your account up, we asked you if you wanted to receive this type of marketing information. In addition, this option is available to you at any time by entering your details as requested from various links on the website. SANTORO will not share your information with companies outside of SANTORO Ltd. SANTORO Ltd includes all companies within the SANTORO group of companies.
You will only receive this information if you have requested it; SANTORO do not purchase mailing lists from any third party. If you decide you do not want to receive this marketing information you can request that we stop by writing to the address provided above, emailing dataprotection@santoro.co.uk, by calling Customer Service on 01709 518100, via your online account, or the unsubscribe link within the email.
You may continue to receive mailings for a short period while your request is dealt with.
How long we keep your information
If we collect your personal information, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws.
We may need your personal information to establish, bring or defend legal claims. For this purpose, we will always retain your personal information for approx. 7 years after the date it is no longer needed by us for any of the purposes listed under How we use your information above. The only exceptions to this are where:
- the law requires us to hold your personal information for a longer period, or delete it sooner;
- you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law;
- we bring or defend a legal claim or other proceedings during the period we retain your personal information, in which case we will retain your personal information until those proceedings have concluded and no further appeals are possible; or
- in limited cases, existing or future law or a court or regulator requires us to keep your personal information for a longer or shorter period.
What are your rights
You are entitled to request the following from SANTORO, these are called your Data Subject Rights and there is more information on these on the Information Commissioners website www.ico.org.uk
- Right of access –to request access to your personal information and information about how we process it
- Right to rectification –to have your personal information corrected if it is inaccurate and to have incomplete personal information completed
- Right to erasure (also known as the Right to be Forgotten) – to have your personal information erased. Contact Customer Service on 01709 518100
- Right to restriction of processing – to restrict processing of your personal information
- Right to data portability - to electronically move, copy or transfer your personal information in a standard form
- Right to object - to object to processing of your personal information
- Rights with regards to automated individual decision making, including profiling –rights relating to automated decision making, including profiling
You have the right to lodge a complaint with a data protection regulator in Europe, in particular in a country you work or live or where your legal rights have been infringed where the details within this Privacy Policy have been contravened. We encourage you to contact us before making any complaint and we will seek to resolve any issues or concerns you may have – SANTORO will not intentionally breach any aspect of the GDPR and as such if there are any misunderstandings we will do all we can to rectify the situation to the satisfaction of all concerned.