Privacy Policy

This Privacy Notice describes in detail the types of personal data we collect and process when you interact with us. This notice also explains our data collection and processing practices, as well as the legal bases for processing your personal data.

This Privacy Notice is designed to answer any questions you have about the way we collect and use your personal information. We’d appreciate it if you would take the time to read this carefully, as it will help you understand how Home Garden Direct uses your personal data and what rights you have in respect of it.

The law on data protection gives companies several reasons to collect and process your personal data, including:

Consent

We may collect and process your personal data with your consent, for example when you tick a box to receive email newsletters. When collecting your personal data, we’ll always make clear to you which data is necessary in connection with a particular service.

Contractual obligations

When you place an order with us, we need certain personal information to fulfill that order, such as your name and address.

Legal compliance

In certain circumstances, we may be required by law to collect and share your data. For example, we may share information about people involved in criminal activity or fraud with law enforcement agencies.

Legitimate interest

When we have a legitimate interest to do so, we will use your data in a way which does not materially impact your rights, freedom or interests. For example, we will use your purchase history to send you or make available offers.

We also use purchasing histories to identify trends and make sure we can keep up with demand or develop new products/services. We may also use address information to send you direct mailings telling you about products and services that we think might interest you. We may contact you regarding market research.

When do we collect your personal data?

  • When you create an account with us.
  • When you engage with us on social media.
  • When you visit our website and buy products.
  • When you make an online purchase and check out as a guest.
  • When you contact us by any means with queries, complaints etc.
  • When you enter prize draws or competitions.
  • When you choose to complete any surveys, we send you.
  • When you comment on or review our products and services.
  • When you’ve given a third-party permission to share with us the information, they hold about you.

What personal data do we collect?

  • If you have a web account on our site, we will collect your name, address, orders and receipts, email and telephone number. For security reasons we will also record your password in an encrypted form.
  • A description of your shopping preferences.
  • The details of your visits to our website, including the date and time of each visit and which site referred you to ours.
  • Open rates, click through rates on email marketing campaigns using Pixels.
  • Payment card information.
  • Your comments and product reviews.
  • Your social media username, if you interact with us through those channels

Why do we use your personal data?

We want to give you the best possible customer experience. To do this, we combine our data about you with other information available to us, such as your purchases and browsing behavior. We then use this to offer you promotions, products, and services that are most likely to interest you. The law allows us to do this as part of our legitimate interest in understanding our customers and providing the highest levels of service.

We will use your personal data for the following purposes:

  • We collect your personal data at checkout in order to process your order, comply with our legal obligations, and provide you with the best possible service. For example, we may need to pass your details to a third party supplier or delivery company in order to deliver the product or service that you have ordered. As a result of this, we will keep some of your personal data for a reasonable period afterwards in order to fulfil any contractual obligations such as refunds, guarantees and so on.
  • To respond to your queries, refund requests and complaints, we may keep a record of your information. We do this on the basis of our contractual obligations to you and our legal obligations. We may also keep a record of this information to demonstrate how we communicated with you throughout and how we handled your requests and complaints.
  • We need to protect our business and your account from fraud and other illegal activities. We do this by using your personal data to maintain, update, and safeguard your account, such as by checking your password when you log in. We also monitor your browsing activity with us to quickly identify and resolve any problems and protect the integrity of our websites.
  • We process payments and prevent fraudulent transactions based on our legitimate business interest to protect our customers from fraud.
  • When fraud monitoring or suspicious transaction monitoring uncovers criminal activity or alleged criminal activity, we will process the data for the purpose of preventing or detecting unlawful acts. We aim to protect individuals we interact with from crimes.
  • We store your personal details. If you agree, we will keep you informed about our products and services by email, web, text, telephone and through our contact centres. We may contact you with tailored special offers and promotions.

How we protect your privacy

We take all reasonable precautions to protect the security of your data. We secure access to all transactional areas of our websites and apps using encrypted ‘https’ technology. Sensitive data such as payment card information is protected by an advanced encryption standard, and access to your personal data is password-protected. Our system is regularly monitored for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security.

How long will the company retain your personal data?

We only retain personal data for as long as is necessary for the purpose for which it was collected. At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.

To whom do we disclose your personal data?

We may share your personal data with trusted third parties, such as delivery couriers or technicians visiting your home. For example, we may use external companies to: verify and handle complaints; comply with legal obligations; help us personalise our offers to you; and so on.

We have a policy that we apply to organisations that want to use our services, to keep your data safe and protect your privacy:

  • Our staff members provide only the information relevant to their jobs.
  • They may only use your data for the purposes that are described in the contract we have signed.
  • We maintain the confidentiality of our clients' details.
  • All personal data will either be deleted or rendered anonymous if we stop using their services.

To help personalise your journey with the Home Garden Direct website we currently use the following companies who will process your personal data as part of their contracts with us:

  • Adobe Analytics
  • Google
  • Twitter
  • Instagram
  • YouTube
  • AWIN (Affiliate Window)
  • Yahoo
  • Pinterest
  • Facebook
  • GFS
  • BJS

Also:

  • Zendesk
  • NetSuite
  • Shopify
  • Oracle NetSuite
  • Microsoft
  • Mint Soft
  • Hot Jar
  • Judge Me
  • Amazon
  • eBay,
  • Mano Mano
  • Wayfair
  • Folio3
  • Yotpo

Where your personal data is processed

Home Garden Direct is located in the United Kingdom and so we will transfer your data outside of the European Economic Area (EEA), including to countries such as the United States, which have different privacy laws. We may also need to share your personal data with third parties located outside of the EEA. The EEA includes all EU Member states, as well as Iceland, Liechtenstein and Norway. We may transfer personal data that we collect from you to third-party data processors located in countries that are outside of the UK. If we do this, we have procedures in place to ensure your data receives the same protection as if it were being processed in the UK. For example, our contracts with third parties stipulate the standards they must follow at all times. If you wish for more information about these contracts, please contact our Data Protection Officer. Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Notice.

What rights do you have over your personal data?

You have the right to request:

  • Access to the personal data we hold about you, free of charge in most cases.
  • The correction of your personal data when incorrect, out of date or incomplete.
  • The deletion of the data we hold about you, in specific circumstances. For example, when you withdraw consent, or object and we have no legitimate overriding interest, or once the purpose for which we hold the data has come to an end (e.g., the end of a warranty).
  • A computer file in a common format (e.g., CSV or similar) containing the personal data that you have previously provided to us and the right to have your information transferred to another entity where this is technically possible.
  • Restriction of the use of your personal data, in specific circumstances, generally whilst we are deciding on an objection you have made.
  • That we stop processing your personal data, in specific circumstances. For example, when you have withdrawn consent, or object for reasons related to your individual circumstances.
  • That we stop using your personal data for direct marketing (either through specific channels, or all channels).
  • That we stop any consent-based processing of your personal data after you withdraw that consent.

You can contact us to exercise your rights under the Data Protection Act at any time by filling out an online form. If we choose not to action your request, we will explain to you the reasons for our refusal.

Your right to withdraw consent:

If we have asked you for your consent to use your personal data, you can change your mind at any time and withdraw that permission.

Where we rely on our legitimate interest

If we are processing your personal data based on our legitimate interests and you ask us to stop, we will do so unless we have a legitimate reason to continue processing your personal data

Direct marketing

You have the right to end our use of your personal data for direct marketing. We must always comply with your request.

Checking your identity

Protecting your personal information is up to you. We ask you to verify your identity before we provide any confidential information. If a third party has been authorised to act on your behalf, please have them contact us so we can verify their authority