Bluestem Group Privacy Policy

INTRODUCTION

The website www.bluestemgroup.co.uk is operated by Lancaster Holdings Ltd (“we”, “us” or “our”) and we are a “data controller” for the purposes of the Data Protection Act 2018 and the EU General Data Protection Regulation 2016/679. This means that we are responsible for, and control the processing of, your personal information.

This privacy policy relates to your use of our website. A separate privacy policy applies in relation to the processing of personal data other than through or in addition to through our website.

We take your privacy very seriously and we ask that you read this privacy notice carefully as it contains important information on:

  • The personal information we collect about you
  • What we do with your personal information
  • Who your personal information might be shared with

WHAT TYPE OF PERSONAL INFORMATION WE COLLECT

Personal information means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

We collect personal information about you when you register with us online, contact us or when you submit a response to an online questionnaire on our website.

  • Identity Data includes first name, last name, username or similar identifier, title, date of birth
  • Contact Data includes billing address, delivery address, email address and telephone numbers
  • Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us
  • Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website
  • Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses
  • Usage Data includes information about how you use our website, products and services
  • Marketing and Communications Data includes your preferences in receiving marketing from us

Please note that we do not collect or hold any personal information in relation to your payment information, such as credit/debit card details or any ‘Special Categories’ of personal information about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

We may collect personal information about you from other sources (such as credit reference agencies), which we will add to the information we already hold about you in order to help us improve our products and services and help us access the initial credit limit to be applied to your account and as part of our annual review of your credit status.

 

 

 

 

HOW WE COLLECT YOUR PERSONAL INFORMATION AND WHY WE HAVE IT

Most of the personal information we process is provided to us directly by you and we will use it for one or more of the following reasons:

  • To identify you and manage any accounts you hold with us
  • To process your order and obtain payment
  • To detect and prevent fraud
  • To carry out security vetting
  • To conduct research, statistical analysis and behavioral analysis
  • To customise our website and its content to your particular preferences; – see ‘Cookies and Tracking’ section below
  • To notify you of any changes to our website or to our products services that may affect you
  • To improve our product and services
  • To give to companies and organisations whose products you purchase through the website
  • To let you know about other products or services that may be of interest to you—see ‘Marketing’ section below

Generally, we do not rely on consent as a legal basis for processing your personal information although we will get your consent before sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.

PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL INFORMATION

Under the General Data Protection Regulation (GDPR), the legal bases we rely on for processing your personal information are:

Purpose of processing Our legal basis
·        Communicate with you about your account

·       Notify you about changes to our services and to otherwise communicate with you. For example, we will use your contact details in order to respond to any queries that you submit to us

·       We use a third party for the purposes of managing and facilitating customer orders only

Performance of a contract with you – we use your personal information in order to meet our obligations under our contract with you, keep you up to date with information about our services, and to respond to your queries
·        Send you information about products and services, including promotions, exclusive offers, discounts, vouchers, free gifts, information about products and events Legitimate interests – we use your personal information to send you this information. You have the right to object to processing of this nature and will always be given the opportunity to do so
·        Review your past purchases and viewing history on our website to provide you with special offers or to tailor your experience online Legitimate interests – we use your personal information to provide you with offers and to tailor your experience when using our online services
·        Help us review, develop and improve the products and services we offer. For example, calls to customer services may be monitored and/or recorded for quality control and training purposes. We may also send you market research requests via email (which you can opt out of via that email)

·        If you raise a query (for example about a product or about our service) while we still hold a recording of your telephone call, and we can investigate or answer your query by referring to this call, we may do so. This may mean that your call recording will be held until your query has been resolved

Legitimate interests – we use your personal information to help us deliver the best quality of service to you and all our customers
·       Improve and measure the effectiveness of our marketing communications, including online advertising

·       We share cookie and other data (including online and offline purchase data) with entities such as Google, YouTube, Twitter, Instagram, and Facebook in order to make our advertising more relevant to you. Please see our Cookies and Tracking Section for full details of the cookies used. We require any such third parties to treat your personal information as fully confidential and to fully comply with all applicable data protection legislation

Legitimate interests – we use your personal information to deliver you a tailored experience when using such digital services, to help us understand the effectiveness of our advertising, and to make sure you see adverts that are most relevant to you
·        Provide, enhance and personalise your experience on our digital services provided from our web and mobile portals Legitimate interests – we use your personal information to deliver you a tailored experience when using our digital services
·        Carry out security checks and identity checks to protect against fraudulent transactions and to prevent and detect criminal activity, such as money laundering Legitimate interests – we use your personal information to protect against unlawful activities and comply with laws applicable to us. In some cases, we may also be under a legal obligation to disclose your personal information (for example, to law enforcement agencies). Furthermore, if you are from a public authority, we use your personal information on the basis that it is necessary in the public interest or in exercising official authority for us to prevent fraud and money laundering

Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

 

MARKETING

We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided.

From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, SMS or other electronic messaging services, phone, fax or mail. We may use the information to customise the website according to your interests.

We use third parties to carry out certain activities on our behalf that involve the processing of personal information, particularly a third-party service provider to send promotional material via postal mail. We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.

You can opt out of us or any third parties sending you marketing messages at any time by sending an email to [email protected] or via the unsubscribe link at the bottom of emails we send to you. Please see ‘The right to ask us to stop contacting you with direct marketing’ below for further information.

Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase or other transactions.

COOKIES AND TRACKING

USE OF COOKIES

A cookie is a small text file which is placed onto your computer (or other electronic devices) when you access our website. We use cookies on this website to:

  1. recognise you whenever you visit this website (this speeds up your access to the website as you do not have to log in each time)
  2. obtain information about your preferences, online movements and use of the internet
  3. carry out research and statistical analysis to help improve our content, products and services and to help us better understand our customer requirements and interests
  4. target our marketing and advertising campaigns more effectively by providing interest-based advertisements that are personalised to your interests
  5. make your online experience more efficient and enjoyable

 

In most cases we will need your consent in order to use cookies on this website. The exception is where the cookie is essential in order for us to provide you with a product or service you have requested.

CONSENT

If you visit our website when your browser is set to accept cookies, we will interpret this as an indication that you consent to our use of cookies and other similar technologies as described in this website cookie policy. If you change your mind in the future about letting us use cookies, you can modify the settings of your browser to reject cookies or disable cookies completely.

DESCRIPTION OF COOKIES

The tables below provides some information on the cookies which we use on our websites.

Pik-a-Pak Cookies:

Cookie Name What it does Why is it used How long it lasts
_pik-a-pak_session Unique session key to identify you So we can make sure your visit on the site is not hijacked Until the browser session closes
_gid Site analytics Used to distinguish users 24 Hours
_ga Site analytics To visualize how the site is being used Until the browser session closes
_gat Google Tag Manager Used to throttle request rate 1 Minute
_cfduid Identifies a user to Cloudflare our security provider If Cloudflare challenges a user, it stores the acknowledgement of that challenge in this Persistent
remember_user_token Stores an anonymous token that identifies which user is logged in Keeps you logged in while you use the site 3 months, or until you press the sign out button
LSW_WEB Enables the use of GetSocial toolbars for sharing webpages on social networks Used to tack social shares Until the browser session is closed

 

Go Shop Direct Cookies:

Cookie Name What it does Why is it used How long it lasts
JSESSIONID Used to session state tracking To ensure the state can be remembered Until the browser session is closed
NID Cookie from Google Used to remember preferences and other information such as preferred language and how many search results you want to have shown per page 6 Months
1P_JAR Google uses this cookie Based on recent searches and interactions, to customise adverts on Google websites Until the browser session is closed
ANID Google uses this cookie Is used for advertising served across the web and stored in google.com Persistent
_gat Google tag manager Used to throttle request rate 1 Minute
_gid Site analytics Used to distinguish users 24 Hours
_cfduid Identifies a user to Cloudflare our security provider If Cloudflare challenges a user, it stores the acknowledgment of that challenge in this Persistent
LSW_WEB Enables the use of GetSocial toolbars for sharing webpages on social networks Used to track social shares Until the browser session is closed
CONSENT Facilitates embedded YouTube videos Registers anonymous statistical data on for example how many times the video is displayed and what settings are used for playback Persistent
_goshopdirect2017_session Unique session key to identify you To make sure your session is not hijacked Until the browser session closes
_ga Site analytics To visualise how the sire is being used Until the browser session closes

 

Statesman Cookies:

Cookie Name What it does Why is it used How long it lasts
_gat_UA-xxxxxxxx This is a pattern type cookie set by Google Analytics The patter element on the name contains the unique identity number of the account or website it relates to 1 Minute
_gid Site analytics Used to distinguish users 24 Hours
_ga Site analytics To visualize how the site is being used Until the browser session closes
_statesman_appliances2019_session Unique session key to identify you To make sure your session is not hijacked Until the browser session closes

 

HOW TO TURN OFF COOKIES

If you do not want to accept cookies, you can change your browser settings so that cookies are not accepted. If you do this, please be aware that you may lose some of the functionality of this website. For further information about cookies and how to disable them please go to the Information Commissioner’s webpage on cookies: https://ico.org.uk/your-data-matters/online/cookies/.

DISCLOSURES OF YOUR PERSONAL INFORMATION

Where necessary to fulfill our obligations to you, we may pass your personal information to third parties where this is necessary for the functioning of our business and the purposes set out in the table ‘Purposes for which we will use your personal information’. We may share your personal information with:

  1. a) Google

We work with third party company Google to automatically collect information including: IP address, MAC (Media Access Control) address, unique identifier or other persistent or non-persistent device identifier, device software platform and firmware, mobile phone carrier and geo location data to help us understand your use of our app such as how often you return, what parts of the app you visit, how you use the app and how long you spend on the app. This third-party provider is prohibited from using our data for any other purposes. Go to http://www.google.com/analytics/terms/us.html to read Google Analytics Privacy Policy. We use the data we collect about your use of our website to analyse trends across the data set of all customers worldwide, and to enable us to offer a better service to you.

  1. b) New Relic

We work with third party Company New Relic Cookie who we use to store a session identifier, so they can monitor session counts for an application. The Cookie value is generated by Jetty. This third-party provider is prohibited from using our data for any other purpose. Go to
https://newrelic.com/termsandconditions/privacy to read New Relic Privacy Policy. This was accurate on 25th May 2020. Parties may have since been added. An up to date list can be obtained at [email protected].

  1. c) Click4Assistance

We use live chat software on our website, this is provided by Click4Assistance, a 3rd party UK based Software Company. Information regarding how the data is processed and stored can be viewed here.

HOW LONG WE WILL USE YOUR PERSONAL INFORMATION

We shall retain your personal information whilst you remain a customer. Should you not trade and there is no good business reason to retain your personal information we will delete your personal information on receipt of your request to be deleted whichever is the sooner, unless we are required by law to retain your personal information for a longer period.

 

DATA SECURITY

To protect your personal information, we have policies and procedures in place to make sure that only authorised personnel can access the personal information, that personal information is handled and stored in a secure and sensible manner and all systems that can access the personal information have the necessary security measures in place. To accomplish this, all employees, contractors and sub-contractors have roles and responsibilities defined in those policies and procedures.

To make sure all employees, contractors and sub-contractors understand these responsibilities they are provided with the necessary training and resources they need.

In addition to these operational measures, we also use a range of technologies and security systems to reinforce the policies.

To make sure that these measures are suitable, vulnerability tests are run regularly. Audits to identify areas of weakness and non-compliance are routinely scheduled. Additionally, all areas of the organisation are constantly monitored and measured to identify problems and issues before they arise.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

YOUR DATA PROTECTION RIGHTS

Under data protection law, you have rights in relation to your personal information including:

 

  • The right to be informed – You have the right to be informed about the collection and use of your personal data
  • The right to access information we hold about you – At any point you can contact us to request the personal information we hold about you as well as why we have that personal information, who has access to the personal information and where we got the personal information. Once we have received your request, we will respond within 30 days
  • The right to correct and update the personal information we hold about you – If the personal information we hold about you is out of date, incomplete or incorrect, you can inform us and we will ensure that it is updated
  • The right to have your personal information erased – If you feel that we should no longer be using your personal information or that we are illegally using your personal information, you can request that we erase the personal information we hold. When we receive your request, we will confirm whether the personal information has been deleted or tell you the reason why it cannot be deleted
  • The right to object to processing of your data – You have the right to request that we stop processing your personal information. Upon receiving the request, we will contact you to tell you if we are able to comply or if we have legitimate grounds to continue. If personal information is no longer processed, we may continue to hold your personal information to comply with your other rights
  • Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances
  • The right to ask us to stop contacting you with direct marketing – You have the right to request that we stop contacting you with direct marketing. You can click the unsubscribe button at the bottom of any of our marketing emails or you can email us at [email protected]
  • The right to data portability – You have the right to request that we transfer your personal information to another controller. Once we have received your request, we will comply where it is feasible to do so

Our security procedures mean that we may request proof of identity before we are able to disclose your personal information to you or comply with other requests, this is to maintain the security of your information. In such cases your response will be necessary to exercise this right.

NO FEE USUALLY REQUIRED

You are not required to pay any charge for exercising your rights. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

TIME LIMIT TO RESPOND

If you make a request, we have one month to respond to you.

If you wish to make a request, please contact us at:

[email protected]

Bluestem Group

38 Bluestem Road

Ransomes Europark

Ipswich

Suffolk

IP3 9RR

HOW TO COMPLAIN

If you have any queries about this privacy notice, need further information or wish to lodge a complaint about the use of your personal information you can use the details below to contact Bluestem Group:

[email protected]

Bluestem Group

38 Bluestem Road

Ransomes Europark

Ipswich

Suffolk

IP3 9RR

You can also complain to the ICO if you are unhappy with how we have used your personal data. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

The ICO’s address:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113

www.ico.org.uk

CHANGES TO THIS PRIVACY NOTICE

We may update this privacy notice from time to time. You should check this privacy notice occasionally to ensure that you are aware of the most recent version that will apply each time you access the website.

VERSION CONTROL

 

Version Date Author Approver Change Description
1 22/05/2020 Helen Lacey Kim Davies
2 February 2021 Helen Lacey Linda Hanley Revised for Bluestem Group
3 July 2021 Helen Lacey Include reference for us of third party to process customer orders

 

Owner Helen Lacey
Effective From Date February 2021
Date of Next Review January 2022