Privacy and cookies policy (online shop) contents

1. Introduction: commitment to privacy; document applies to controlled personal data; website privacy controls; consent to use of cookies; data controller name.
2. The personal data that we collect: introduction to categories; processing of contact data; processing of account data; processing of customer relationship data; processing of transaction data; processing of communication data; processing of usage data; processing of other data.
3. Purposes of processing and legal bases: setting out purposes etc of personal data processing; processing for operations; processing for publications (account data); processing for communications; processing for personalisation (account data and usage data); processing for direct marketing (contact data, account data, customer relationship data and transaction data); processing for research and analysis (usage data and transaction data); processing for record keeping; processing for security; processing for insurance and risk management; processing for legal claims; processing for legal compliance and vital interests protection.
4. Automated decision-making: personal data used in automated decisions; logic involved in automated decisions; significance of automated decisions.
5. Providing your personal data to others: intra-group disclosures of personal data; disclosure of personal data to insurers etc; disclosures of personal data to hosting services providers; disclosures of personal data to subcontractors; disclosure of personal data to payment services providers; disclosure of personal data to third party suppliers; disclosure of personal data necessary for legal compliance etc.
6. International transfers of your personal data: introduction to international personal data transfers; UK to EEA and EEA to UK personal data transfers; international transfers within business; international transfers to hosting services provider; international transfers to subcontractors; publication of personal data on internet.
7. Retaining and deleting personal data: data retention introduction; personal data retention default rule; personal data retention specific rules (online shop); personal data retention criteria; personal data deletion exception.
8. Security of personal data: appropriate technical and organisational security measures; personal data stored on secure servers and computers; encrypted storage of personal data; security of server-browser communications; unencrypted data sent over internet is insecure; password security.
9. Your rights: introduction to data subject rights list; list of data subject rights; learn more about data subject rights; exercise of data subject rights.
10. Your rights: introduction to data subject rights summaries; list of data subject rights; summary of right to access personal data; summary of right to rectification of personal data; summary of right to erasure of personal data; summary of right to restrict processing of personal data; summary of right to object to processing of personal data; summary of right to object to processing of personal data for direct marketing; summary of right to object to processing of personal data for research purposes; summary of right to personal data portability; summary of right to complain to data protection supervisory authority; summary of right to withdraw consent to personal data processing; exercise of data subject rights.
11. Third party websites: hyperlinks to third party websites; no responsibility for third party privacy policies.
12. Personal data of children: website targeted at persons over specified age; deleting personal data of children.
13. Updating information: correcting or updating personal information.
14. About cookies: what are cookies?; persistent and session cookies; cookies and personal data.
15. Cookies that we use: purposes for which cookies are used (including shopping cart).
16. Cookies used by our service providers: use of cookies by services providers; google Analytics cookies; google advertising cookies; facebook pixel; service provider cookies (generic).
17. Managing cookies: how to manage cookies; negative impact of blocking cookies; effects on website use of blocking cookies.
18. Cookie preferences: managing cookie preferences.
19. Amendments: amendment by publication; check for changes to Policy; notification of changes to Policy.
20. Our details: website operator name; company registration details; place of business; contact information.
21. Data protection registration: registered with ICO; data protection registration number.
22. Representatives: identity and contact details of EU representative of data controller; identity and contact details of UK representative of data controller.
23. Data protection officer: data protection officer contact details.