Privacy & Security Policy
You may interact with us in several different ways including via our website, our shop, our business representatives or our newsletter. You may be a residential customer who visits our shop or an enterprise customer (a business or local authority for example). Or you may be an employee or a prospective member of staff. This document covers the categories of personal information we collect through each of the ways you interact with us and the type of services you take from us.
Information Collected about our Customers
We collect information to help manage your interactions with us and to provide a quality service:
- To deliver products and services you have ordered from us;
- To manage the service, we provide to you;
- To charge you for the products and services you have ordered from us;
- To be able to answer questions you may have now and in the future about the services we have provided to you;
- To fulfil our legal obligations as a business; and
- To help us run and grow our business
We also collect information about you so we can tell you about our products and services.
We will not collect any personal information from you we don’t need.
Information Collected via our Website
You can visit our site (www.thehen-house.com) without telling us who you are or providing us with any personal information. However, we may collect the I.P (internet protocol) addresses of all of our website visitors and other related information to be used to improve our website. We use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone.
When you visit our website, you are presented with an option to opt-in to accept cookies. Our lawful basis for using cookies if your consent via opting in.
Making Contact via our Website
You may choose to raise a query with us via the contact forms provided on our website. In this case we will collect and store your name and email address. As an alternative method of contact you may click on one of the email addresses on our website. In this case the link will open your own email application and you will not need to save your information on our website.
Information Collected for our Email Newsletter
You may choose to subscribe to our email newsletter via our website. If you subscribe to our newsletter, we use a double opt in method to verify you are who you say you are. In order send you the newsletter we will collect your name, email address and your preferences. We gather statistics around email opening and clicks using industry standard technologies.
Our lawful basis for holding this personal information is that you provide your Consent through opting in. You may withdraw your consent at any time by clicking the ‘unsubscribe’ link contained in each newsletter.
Information Collected about our Customers
When you purchase a product or service from us, we will collect personal information required to perform the service. This information may include your name, billing address, delivery address, email address, phone number, payment method and other location information required to perform the service. We may also collect personal information of your staff where this is needed to provide the service to them.
We will retain this information to assist you while you remain a customer of The Hen House.
Our lawful basis for collecting this information is that we have a Legitimate Interest to enable us to provide products and services to you.
Who we Share your Personal Information With
We use a number of service providers to assist us deliver products and services to you and share necessary portions of your personal information with them:
- Our website hosting is with WPMU DEV. Our website is hosted outside of the EU but with an organisation that complies with the EU’s data privacy regulations.
- Our email newsletter provider is MailChimp. They hold the personal information you provide that enables us to send you the newsletter. The information is only used for email newsletter subscriptions and no other purposes. The provider hosts your information outside of the EU but is an organisation that complies with EU’s data privacy regulations.
- Our point of sale system, EposNow, holds personal and transaction information about our residential customers. The information is hosted in the UK.
- Our accounting system, Xero, holds your personal information related to invoices and payments. The provider hosts your information outside of the EU but is an organisation that complies with the EU’s data privacy regulations.
All of our service providers are required to maintain the confidentiality and security of your personal information and to use it only in compliance with applicable privacy laws. These companies are not authorised to use your information in any manner, other that in helping us to provide you with products and services or as otherwise required by applicable law.
We may also disclose specific personal information about you if required by law, governmental request or court order if, based on our good faith believe, it is necessary to conform or comply with such law, request or court order.
Retention of Personal Information
We only keep your personal information as long as necessary for the purpose we collected it, or as otherwise required by law.
Information Collected about Job Applicants, Current and Former Employees
All of the information you provide during the recruitment process will only be used for the purpose of progressing your application and we will not share any of the information you provide during the recruitment process with any third parties. The information you provide will be held securely by us and/or our data processors whether the information is in electric or physical format.
We will use the contact details you provide to us to progress your application. We will also ask you about your previous experience, education, references and for answers to questions relevant to the role you have applied for. We will use the information you provide to assess your suitability for the role you have applied for.
If you are unsuccessful following assessment for the position you have applied for, we may ask if you would like your details to be retained for up to a period of six months.
If we make a conditional offer of employment, we will ask you for information so that we can carry out pre-employment checks. We need to confirm the identity of our staff, their right to work in the UK and seek assurance as to their trustworthiness, integrity and reliability.
You will therefore be required to provide proof of your identity and proof of your qualifications. We will contact your referees, using the details you provide in your application, directly to obtain references.
If we make a final offer, we will also ask you for the following:
- Bank details – to process salary payments;
- National Insurance number and tax codes for use with HMRC; and
- Emergency contact details – so we know who to contact in case you have an emergency at work.
During your employment with us we will collect and store information in our personnel file such as performance reviews and leave records.
Retention of Employee Personal Information
If you become a member of staff the information you provide during the application process will be retained by us as part of your employee file for the duration of your employment, plus 6 years following the end of your employment.
If you are unsuccessful at any stage of the process, the information you have provided until that point and out interview notes will be retained for 6 moths from your application.
Who we Share our Employees’ Personal Information With
We share our employees’ personal information with our accountant for preparing payroll, with HMRC and with our pension’s provider. We may also disclose specific personal information about you if required by law, governmental request or court order if, based on our good faith belief, if it necessary to conform or comply with such law, request or court order.
Security of your Personal Information.
We maintain reasonable administrative, technical and physical safeguards in an effort to protect against the loss, theft, unauthorised access, use, modification and disclosure of personal information in our custody and control. We only provide access to personal information to employees and authorised service providers who require such information for the purpose described in this Privacy & Security Policy.
Sale of our Business
In the event of a merger or transfer of our business to a new owner we may transfer or share information we have about you to a third-party acquirer.
This policy was last updated in July 2020.
How to Contact us about your Personal Information
If you wish to access or update personal information, we have about you, or to correct factual errors in our records, please email us or write to us at the addresses below. To protect your privacy, we will take reasonable steps to help verify your identity before granting access or making changes.
The Hen House, 14b Lower Street, Haslemere, Surrey GU27 2NX
Telephone: 01428 658 946
You can request a copy of the personal information we hold on you at any time. If you believe the information, we process on you is incorrect you can request to see this information and have it corrected or deleted. If we are providing a service to you under contract, then it may not be possible to delete your information. We may also be required to retain some parts of your personal information for legal reasons – such as invoice and payment records. Please make such request in writing. There will no charge for reasonable requests for information and we will respond within 30 working days. If it will take longer than 30 working days to meet your request, we will advise you accordingly.
If you wish to raise a request regarding personal information or to register a complaint on how we have handled your personal data, please contact firstname.lastname@example.org.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office at http://ico.org.uk/