Grizzly Bear Hot Tubs – Website Privacy Notice
Who we are
Grizzly Bear Hot Tubs are a company limited under the Companies Acts in Scotland (company number SC322097) and has its registered office at The Hot Tub Showroom, Woodhill, A92 Dual Carriageway, By Carnoustie, Angus, DD7 7SD. Grizzly Bear Hot Tubs is the Data Controller over any personal data we process about you that we collect directly from you via the website, or otherwise, including by telephone, email, post or face to face.
Grizzly Bear Hot Tubs are committed to protecting your personal data and adheres to the principles of the General Data Protection Regulation (GDPR) when processing your personal data. This privacy notice outlines what personal data Grizzly Bear Hot Tubs collects from you through your interaction with this website www.thegrizzlybearhottubcompany.co.uk and how we use your data. Please read through the privacy notice to understand how Grizzly Bear Hot Tubs uses and protects the information obtained from those visiting and using its website. If you have any concerns about Grizzly Bear Hot Tubs processing of your personal data or you have a general enquiry in relation to data protection please contact Scott Jackson at email@example.com or by telephone on 01382 530220.
What is personal data?
Personal Data: means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Special Category of Data: means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
When we refer to “personal data”, we mean both personal and special category of data, although we do not envisage that we will collect any special category data from you.
What personal data is Grizzly Bear Hot Tubs processing?
- Your name, email address, address, telephone number, bank card type, card number, expiry date and CVV number you provide when making an online payment or finance application through our website.
- Any personal data that you pass to us during the provision of goods and services.
- Your name, email address, telephone number and any data you provide in the message box, if you choose to provide it when sending an enquiry form through our website;
- How you use the website through cookies that we use on our website; and any other information you post, e-mail or otherwise send to us.
Where did Grizzly Bear Hot Tubs obtain my personal data from?
The personal data is gathered from our website enquiry form page or when you contact us by telephone, email, post or provide us personal data face to face. IP addresses may be collected, where available, from data subjects when they access the Grizzly Bear Hot Tubs website.
Where will Grizzly Bear Hot Tubs keep my data?
Your personal data will be stored in the UK.
Why is Grizzly Bear Hot Tubs processing my personal data?
Grizzly Bear Hot Tubs shall process your personal data to respond to any enquiry you make through our website. Our legal basis for processing your personal data in relation to an enquiry is that it is in our legitimate interest to respond to any queries or requests from you, and to provide an efficient service to you as a potential or existing customer. Where we rely on legitimate interests, we have performed a balancing test to confirm that our interest doesn’t have a prejudicial impact on your rights and freedoms.
We also process your personal data to provide you with the products and services you have requested. Our legal basis for processing your personal data in that it is necessary to perform the contract we have with you.
In addition, we may process your personal data when marketing to you by email through a third party marketing service. Our legal basis for this processing this personal data is that we have your consent to send you this information electronically. We will not process your personal data in this manner unless we have your consent.
Will my personal data be shared with any other organisation/third parties and if so, why?
Grizzly Bear Hot Tubs will never normally share your personal data with any other organisation or third parties without seeking your prior consent. An exception to this would be where (i) we are obliged by law or regulatory obligation we are subject to; (ii) our asset(s) are purchased by a third party and/or (iii) where we are required to share your information with any third parties who provide services on our behalf. The following services are carried out by a third-party service provider: web hosting services, Cloud storage services, IT services, telecommunications systems, finance providers (if you request that type of payment), marketing platforms and web design services.
Will my personal data be shared outside of the EEA?
Grizzly Bear Hot Tubs will not share your personal data outside of the EEA without first seeking your prior consent.
Is my personal data safe?
Grizzly Bear Hot Tubs work hard to protect your personal data and have adopted appropriate technical and organisational measures to keep it safe from unauthorised disclosure, alteration or destruction.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to Grizzly Bear via the internet; any transmission is at your own risk.
How long will Grizzly Bear Hot Tubs retain my personal data?
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
Does Grizzly Bear Hot Tubs make any automated decisions about me or profile my personal data?
Grizzly Bear Hot Tubs does not make automated decisions about you and also does not profile your personal data.
Cookies are small text files that are stored on your computer or mobile device when you visit Grizzly Bear Hot Tubs website. They do not cause your computer any harm nor do they identify you personally, they only identify the computer being used to access the site. The cookies obtain information in relation to your use of the website.
Can I withdraw my consent?
If we are relying on your consent, you can withdraw your consent at any time, at which point we shall stop processing your personal data in that way. Please note this does not affect the legality of our processing up to the date of your withdrawal of consent.
What are my rights in relation to the personal data Grizzly Bear Hot Tubs holds about me?
We have summarised your rights below. Please contact Scott Jackson at firstname.lastname@example.org to exercise these.
- If we are relying on your consent, you can withdraw your consent at any time, at which point we shall stop processing your personal data in that way. Please note this does not affect the legality of our processing up to the date of your withdrawal of consent.
- You have the right to request correction of your personal information that we hold about you if you believe it is incomplete or inaccurate
- You can seek to restrict our processing of your personal data or ask us to rectify any personal data we hold about you for the purposes stated above.
- You can object to us processing your personal data where we are relying on legitimate interest and we will cease processing for the purpose you object to. An exception to this would be where we have compelling legitimate grounds for processing which override your interests, rights and freedoms or where it is necessary for the establishment, exercise or defence of legal claims. You can also object or withdraw your consent to marketing at any time and we will stop immediately.
- You have the right to lodge a complaint with the Information Commissioners Office (ICO) if you think that we have infringed your rights. You can find more information about reporting a matter to the ICO at the following link: https://ico.org.uk/
- You have the right to access personal data held by us about you.
- In certain circumstances you have the right to ask us to provide you with your personal data in a structured, commonly used and machine-readable format to allow you (or us on your behalf) to transmit this information to another party. More information can be found at https://ico.org.uk
- In certain circumstances you have the right to ask us to erase the personal data we hold about you. Such circumstances include (a) where we no longer need your personal data for the purposes set out above; (b) if you withdraw your consent to our processing; (c) if you object to our processing based on our legitimate interest and we have no overriding legitimate grounds to continue processing your personal data; (d) if we process the data unlawfully; or (e) where the personal data has to be erased to comply with legal obligation to which we are subject. We will consider any such request in line with GDPR. Please note this is not an absolute right and there may be circumstances where we choose not to delete all of the personal data we hold about you. More information about your right of erasure can be found at https://ico.org.uk
- Data portability in particular circumstances meaning that you can request for your personal information to be securely moved, copied or transferred from our IT environment to another. This only applies if our lawful basis for processing your data is consent or performance of a contract, and we are processing your data by automated means.
Third Party Links
Grizzly Bear Hot Tubs website may, from time to time, contain links to and from the websites of third parties. If you follow a link to any of these websites, please note that these websites and any services that may be accessible through them have their own privacy notices and that we do not accept any responsibility or liability for these notices or for any personal data that may be collected through these websites or services, such as contact and location data. Please check these notices before you submit any personal data to these websites or use these services.
Changes to Privacy Notice
We reserve the right to amend this privacy notice. However any changes we may make to our privacy notice in the future will be communicated to you in some manner.