Last updated: 5 November 2021
Account means a unique account created for You to access our website or parts of our website.
Consumer means every individual who uses our website.
Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.
Country refers to the United Kingdom.
Data Controller, for the purposes of the GDPR (General Data Protection Regulation), refers to the Company as the legal person which alone or jointly with others determines the purposes and means of the processing of Personal Data.
Device means any device that can access the website such as a computer, a mobile phone or a digital tablet.
Personal Data is any information that relates to an identified or identifiable individual.
For the purposes for GDPR, Personal Data means any information relating to You such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity.
Service refers to the website.
Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the website, to provide a service on behalf of the Company, to perform services related to the website or to assist the Company in analyzing how the website is used. For the purpose of the GDPR, Service Providers are considered Data Processors.
Usage Data refers to data collected automatically, either generated by the use of the website or from the website infrastructure itself (for example, the duration of a page visit).
Website refers to the Carolyn Spring Ltd website, accessible from https://www.carolynspring.com.
You means the individual accessing or using the website, or the company, or other legal entity on behalf of which such individual is accessing or using the website, as applicable. Under GDPR (General Data Protection Regulation), ‘You’ can be referred to as the Data Subject or as the User as You are the individual using the website.
While using our website, we may ask You to provide us with certain personally identifiable information that can be used to contact or identify You. Personally identifiable information may include, but is not limited to:
Usage Data is collected automatically when using the website. Usage Data may include information such as Your device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our website that You visit, the time and date of Your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
When You access the website by or through a mobile device, we may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system, the type of mobile internet browser You use, unique device identifiers and other diagnostic data. We may also collect information that Your browser sends whenever You visit our website or when You access the website by or through a mobile device.
Cookies can be “Persistent” or “Session” Cookies. Persistent Cookies remain on Your personal computer or mobile device when You go offline, while Session Cookies are deleted as soon as You close Your web browser. You can learn more about cookies here.
We use both Session and Persistent Cookies for the purposes set out below:
Necessary / Essential Cookies
Cookies Policy / Notice Acceptance Cookies
Tracking and Performance Cookies
The Company may use Personal Data for the following purposes:
We may share Your personal information in the following situations:
The Company will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our website, or we are legally obligated to retain this data for longer time periods.
Your information, including Personal Data, is processed at the Company’s operating offices and in any other places where the parties involved in the processing are located. It means that this information may be transferred to — and maintained on — computers located outside of Your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from Your jurisdiction.
Under certain circumstances, the Company may be required to disclose Your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
The Company may disclose Your Personal Data in the good faith belief that such action is necessary to:
The security of Your Personal Data is important to us, but please bear in mind that no method of transmission over the internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect Your Personal Data, we cannot guarantee its absolute security.
The Service Providers we use may have access to Your Personal Data. These third-party vendors collect, store, use, process and transfer information about Your activity on website in accordance with their Privacy Policies.
We may use third-party Service Providers to monitor and analyse the use of our website, for example:
We may use Your Personal Data to contact You with newsletters, marketing or promotional materials and other information that may be of interest to You. You may opt-out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us.
We may use Email Marketing Service Providers to manage and send emails to You either with Your consent or under the lawful basis of legitimate interest, but if You opt out of receiving emails from us then Your email address will be added to a blacklist and You will not receive any further such emails unless You specifically ask us to be re-added to our whitelist.
Our current Email Marketing Service Providers are:
We may provide paid products and/or services within the website. In that case, we may use third-party services for payment processing (e.g. payment processors).
Our current payment processor is:
We may process Personal Data under the following conditions:
In any case, the Company will gladly help to clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a statutory or contractual requirement, or a requirement necessary to enter into a contract.
The Company undertakes to respect the confidentiality of Your Personal Data and to guarantee You can exercise Your rights.
You may exercise Your rights of access, rectification, cancellation and opposition by contacting us. Please note that we may ask You to verify Your identity before responding to such requests. If You make a request, we will try our best to respond to You as soon as possible.
You have the right to complain to a Data Protection Authority about our collection and use of Your Personal Data. For more information, if You are in the European Economic Area (EEA), please contact Your local data protection authority in the EEA.
We have a separate privacy notice for California residents which is available from us upon request, and it applies solely to all visitors, users, and others who reside in the State of California.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
By email: firstname.lastname@example.org
By mail: Workspace House, 28-29 Maxwell Road, Peterborough, PE2 7JE