Your privacy is important to us. This Privacy Notice aims to give you information on how we collect and process your personal data. Your use of our web sites, and any engagement with us on a commercial, employment, marketing or correspondence basis (for example if you are or have been a customer, employee or supplier) will mean you accept the terms of this Policy.
This website is not intended for children and we do not knowingly collect data relating to children.
If you provide information about other people, please make sure you have their permission.
For the purposes of data protection legislation, we are the data controller of your personal data.
We aim to keep your personal data safe by using industry standard perimeter security and endpoint security systems, and through internal policies and procedures – all of which are reviewed periodically.
It is important that you read this Privacy Notice together with any other similar Notice we may provide from time to time when we are collecting or processing personal data about you so that you are aware of how and why we are using your data. This Privacy Notice supplements the other notices and is not intended to override them.
Personal information posted by you on social media is your responsibility. Once you make a public posting, you may not be able to change or remove it.
Throughout our dealings with you, we seek to balance our interests with your rights.
Who we are
History & Heraldry Limited is located at 5 Denby Way, Hellaby Industrial Estate, Rotherham, S66 8HR. We have operated a number of brands including History & Heraldry, Heart & Home, Next Pixel, Paper Island and John Hinde. If you have any questions or concerns about how we use your data you can write to us at this address, phone us on 01709 730700, or email us at email@example.com
The personal information we collect and use
Information collected by us:
The table below shows the type of Personal and Sensitive data we hold. This data is held in a combination of electronic and paper based solutions and systems.
|Customer||Registered Interest (4)||Supplier, Agent, Contractor||Current / former employee|
|Phone Number||Yes (1)||Sometimes||Yes||Yes|
|Email Address||Yes (1)||Yes||Yes||Yes|
|Date of Birth||Yes (2)||No||No||Yes|
|Bank / Payment Details||Yes (3)||No||Yes||Yes|
|Gender, Ethnicity, Religion||No||No||No||Yes|
|Passport, Driving License||No||No||No||Yes|
|Holiday, Sickness, Absence||No||No||No||Yes|
|NI, Tax Information||No||No||No||Yes|
|Surveys, Competitions (5)||Yes||Yes||No||No|
(1) We may store several names, phone numbers and email addresses for a customer e.g. Accounts, Manager. Sometimes this information will be personal such as a named individual with a personal email address and mobile number, and other times it maybe generic information e.g. firstname.lastname@example.org.
(2) Date of Birth may be held for sole traders when performing credit checks
(3) We store bank details if we make payments by cheque or BACS transfer. We do not store credit / debit card details (we are PCI DSS compliant in this area).
(4) Someone who has registered an interest with us would have provided consent to receive brochures, marketing emails, etc.
(5) We need to capture personal information in order for us to successfully run surveys, competitions and other promotions helping us give you what you want.
In addition, our web sites and other technologies automatically collect certain information (see below) to help us administer, protect, and improve our services; analyse usage; and improve users’ experience.
Information we collect automatically:
(a) First Party Cookies: These cookies are created by historyheraldry.com to enable the functionality of various aspects of our website, typically random numbers and letters (PHP session cookie) which identifies a specific user’s session. This will expire when you leave the website.
(b) Third Party Cookies: These are created by companies to provide various services which we use to enhance our site. The only one we use is Google Analytics used to determine where visitors are coming from and what content they are looking at. No personal information is collected by Google Analytics. Cookies beginning with _ga, _gat, _utm(x) are used to collect information about traffic and user activity.
We may also collect information about your device each time you use a site. If you have an account with us, we may collect information from or about the computers, phones or other devices where you log into our services. We may associate the information we collect from your different devices, which helps us provide consistent services across your devices. Examples of the device information that we collect include operating system, hardware version, browser type and IP address
We also collect log information when you use our website which includes amongst other things – device information such as web browser type and language; how long you have been on our web site; pages viewed, identifiers associated with cookies or other technologies that may uniquely identify your device or browser, and pages you visit before or after navigating to our website.
How we use your personal information
We use your information in several different ways. The table below set this out in detail, showing what we do, and why we do it.
|Category of Personal Data||Purpose for Processing||Lawful basis – GDPR|
|Name and contact details such as email address, phone number, postal address|
|Date of birth information|
|Contact history e.g. by phone, email|
|Information about the technology you use to access and use our systems e.g. phone, PC|
Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service, the best products and the best and most secure experience. We assess any potential impact on you (both positive and negative) before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
Performance of Contract means processing your data where it is necessary for the performance of a contract such as the supply of goods and services, employment, and purchasing to which you are a party. Where there is an intention or possibility of a contract existing between us we may also process your personal data.
Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to. This typically includes fraud prevention and detection which in practice is used sparingly.
Consent means you have agreed we can send you promotional and marketing information about us and our products and services. You can remove consent at any time by contacting us at email@example.com or 01709 730700, or by clicking on unsubscribe links in emails.
Who we share your personal information with
We share your data with the following categories of companies as an essential part of being able to provide our services to you:
- Members of the History & Heraldry group of companies, as sometimes different entities in our group are responsible for different activities
- Companies that get your order to you, such as payment service providers and delivery companies
- Professional service organisations such as marketing providers and IT partners who help us run our business
- Credit reference agencies, law enforcement and fraud prevention agencies, so we can help tackle fraud. This includes any third parties relating to court orders as part of legal proceedings
- Companies approved by you, such as social media sites
Wherever possible we aim not share your personal information with any other third party.
How long your personal information will be kept
We will retain your information for as long as you have your account, or as long as is needed to be able to provide the services to you, or (in the case of any contact you may have with our Customer Care team) for as long as is necessary to provide support-related reporting and trend analysis only.
If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions, we may also keep hold of some of your information as required, even after you have closed your account or it is no longer needed to provide the services to you.
For employees we will retain your information so long as you are an employee. We will retain personal data on former employees to comply with prevailing employment legislation, financial purposes (such as tax and pension), and for other obligations (such as providing employment reference).
Job applicants, current and former History & Heraldry employees
All the information you provide will only be used for progressing your application, or to fulfil legal or regulatory requirements if necessary.
We will not share any of the information you provide during the recruitment process with any third parties. The information you provide will be held securely by us and/or our data processors whether the information is in electronic or physical format.
We will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role you have applied for.
We do not collect more information than we need to fulfil our stated purposes and will not retain it for longer than is necessary. Therefore, if you unsuccessfully apply for a role with us, we will delete or anonymise your personal information once we have communicated this to you. There may be circumstances in which we may retain your data for a future opportunity and if this is the case, we will seek your approval beforehand.
The information we ask for is used to assess your suitability for employment. You don’t have to provide what we ask for but it might affect your application if you don’t.
You will be asked to provide equal opportunities information. This is not mandatory information – if you do not provide it, it will not affect your application. Any information you do provide, will be used only to produce and monitor equal opportunities statistics.
If we make you a conditional offer of employment we will ask you for information so that we can carry out pre-employment checks. You must successfully complete pre-employment checks to progress to a final offer. We are required to confirm the identity of our employees, their right to work in the United Kingdom and seek assurances as to their trustworthiness, integrity and reliability.
We therefore use your information in several different ways. The table below set this out in detail, showing what we do, and why we do it.
|Category of Personal Data||Purpose for Processing||Legal basis – GDPR|
|Name and contact details such as email address, phone number, postal address|
|Previous employment history, qualifications, references|
|Gender, nationality, religion, ethnicity|
|Passport, visa details|
|Health and disability|
|Unspent criminal convictions|
|Holiday, Sickness, Absence|
|NI, Tax Information|
|Pension Details, Westfield Health and other benefit schemes|