Who we are
Business Name: Ezecoms LTD T/A Hampshire Uniforms
Registered Company Number: 12367995
Registered Address: 35 Hillcrest Drive, Ashington, West Sussex, RH20 3LB
VAT Number: GB197355661
Data Privacy Officer: Data Privacy Manager
Email: hello@hampshireuniforms.co.uk
Data we collect:
To operate our business and services we may collect, use, store and transfer the following data from yourself
- Personal Data – Includes First Name, Last Name, Usernames and titles or similar
- Contact Details – Includes Registered Address, Billing Address, Email Address and telephone numbers
- Financial Data – Includes Bank Account Details and Card Details
- Transaction Data – Includes payments to and from you regarding services you have purchased from us
- Technical Data – Includes IP addresses, login data, browser information, operating system and other
technologies on the devices that access our website - Profile Data – Includes usernames and passwords, purchases or orders by you, your interests, preferences,
feedback and survey responses - Usage Data – Includes information about how you use our website, products or services
- Marketing & Communication Data – Includes your preferences to receiving marketing from us and our group
companies
We may collect, use and share Aggregated Data such as statistical or demographic data for any purpose.
Aggregated Data does not directly or indirectly reveal your identity and is not considered as personal data by
law.
IF YOU FAIL TO PROVIDE PERSONAL DATA
We need to collect personal data by law, or under the terms of our contract we have with you, and you fail or
refuse to provide data when requested, we may not be able to perform the contract we have with you. This
includes an order of any goods or service. In this case we may have to cancel the product or service and we
will notify you if this is the case at the time.
How is Personal Data collected?
We use several methods to collect data from and about you these include the following:
- Direct interactions. You may give us your Identity, Contact and Financial Data by filling in forms or by
corresponding with us by post, phone, email or otherwise. This includes personal data you provide
when you:
o Applying for our products or services;
o Creating an account on our website;
o Subscribing to our service or publications;
o Requesting marketing to be sent to you;
o Entering a competition, promotion or survey; or
o Giving us some feedback. - Automated technologies or interactions. As you interact with our website, we may automatically collect
Technical Data about your equipment, browsing actions and patterns. We collect this personal
data by using cookies, server logs and other similar technologies. We may also receive Technical Data
about you if you visit other websites employing our cookies. Please see our cookie policy for further
details. - Third parties or publicly available sources. We may receive personal data about you from various
third parties and public sources as set out below:
o Technical Data from the following parties:
analytics providers such as Google based outside the EU;
advertising networks such as Facebook based outside the EU;
o Contact, Financial and Transaction Data from providers of technical, payment and delivery
services such as GoCardless, Experian and Lloyds Bank based inside the EU.
o Identity and Contact Data from publicly availably sources such as Companies House and the
Electoral Register based inside the EU.
How we use your Personal Data:
We will only use your personal data in a lawful manner. We will use your personal data in the following
circumstances:
- When we need to perform the contract, we are about to enter or have entered with you
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and
fundamental rights do not override those interests - Where we need to comply with legal or regulatory obligations
Purposes for which we will use your Personal Data
Below we have set out information and a description of all the ways we plan to use your personal data, and
for which legal bases we rely on to do so. We have also identified what out legitimate interests are, where
appropriate.
- Registering you as a new customer
o Identity and Contact
Performance of a contract with you - Processing and delivering your order including managing payments, fees and charges, collect and
recover money owed to us
o Identity, Contact, Financial, Transactional, Marketing and Communications
Performance of a contract with you
Necessary for our legitimate interests – Recover Debts - Partaking in an event, prize draw, survey and competitions
o Identity, Contact, Profile, Usage and Marketing and Communications
Performance of a contract with you
Necessary for our legitimate interests – Study Customers / Develop & Grow Business - Administrating and protecting our business and website
o Identity, Contact and Technical
Necessary for our legitimate interests – Running Business, Security and prevent
fraud
Necessary to comply with a legal obligation - Delivering relevant website content and advertising and understanding effectiveness
o Identity, Contact, Profile, Usage, Marketing and Communications
Necessary for our legitimate interests – Studying Customers, develop/improve our
services, to grow business - Using data analytics to improve our website and business interests
o Technical and Usage
Necessary for our legitimate interests – Define customers, keep our website relevant
and develop our marketing strategy - Recommending products or services
o Identity, Contact, Technical, Usage and Profile
Necessary for our legitimate interests – Develop our products and services to grow
our business
Promotional Marketing from ourselves
We may use your Identity, Contact, Technical, Usage and Profile Data to form an opinion on what we think
you may want or need, or what may interest you. This is how we identify which products, services and offers
may be of interest to you.
If you have opted into marketing, you will receive this information on a regular basis, until you opt out.
You can opt out by clicking the opt out link within the marketing email, or by emailing us with the subject
UNSUBSCRIBE to the email addresses above.
Change of Purpose
We will only use your Personal Data for the purposes of which we collect it. We may from time to time
reasonably consider that we need to use it for another reason and that reason is compatible with the original
purpose.
If we need use your Personal Data for an unrelated purpose, we will notify you and explain the legal basis
which allows us to do this.
We may process your Personal Data without your knowledge or consent, in compliance with the above rules,
where this is permitted or required by law.
Disclosure of Personal Data
We may share your Personal Data with selected third parties or partners. We require all third parties or
partners to respect the security of your Personal Data and treat it in accordance with the law. We do not allow
third parties to use your personal data for their own purposes and only permit them to process your data for
specified purposes and in accordance with our instructions.
A list of external third parties include the following:
- Service providers acting as processors based in the UK who provide IT and system administration
services. - Professional advisers acting as processors including lawyers, bankers, auditors and insurers based in
the UK who provide consultancy, banking, legal, insurance and accounting services. - HM Revenue & Customs, regulators and other authorities acting as processors based in the United
Kingdom who require reporting of processing activities in certain circumstances. - Review sites acting as processors based outside of the UK.
International Transfer
Some of our external third parties are based outside the European Economic Area (EEA) so their processing
of your personal data will involve a transfer of data outside the EEA. Whenever we transfer your personal
data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the
following safeguards is implemented:
- Transferring your personal data to countries that the European Commission have approved as
providing an adequate level of protection of personal data - Using specific contracts or codes of conduct or certification mechanisms approved by the European
Commission which give personal data the same protection it has in Europe - Any US-based providers that are part of EU-US Privacy Shield, we may transfer data to them, as
they have equivalent safeguards in place.
Data Security
To prevent your personal data from being lost, used or accessed by an unauthorised way, altered or
disclosed, we have put sufficient security measures in place. We limit access to your personal data to our
employees, agents, contractors and partners. They will only process your personal data in accordance with
our instructions along with a duty of confidentiality. In the event of a suspected data breach, we will notify
you and any applicable data regulator, where we are legally required to.
Data Retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for,
including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the
appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the
personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the
purposes for which we process your personal data and whether we can achieve those purposes through
other means, and the applicable legal requirements. By law we have to keep basic information about our
customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being
customers.
Legal Rights
In relation to your personal data, under data protection laws, you have the right to
- Request access to your personal data
This enables you to receive a copy of the personal data we hold about you and to check that we are
lawfully processing it. - Request correction of your personal data
This enables you to have any incomplete or inaccurate data we hold about you corrected, though we
may need to verify the accuracy of the new data you provide to us. - Request erasure of your personal data
This enables you to ask us to delete or remove personal data where there is no good reason for us
continuing to process it. You also have the right to ask us to delete or remove your personal data
where you have successfully exercised your right to object to processing (see below), where we may
have processed your information unlawfully or where we are required to erase your personal data to
comply with local law. Note, however, that we may not always be able to comply with your request
of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request. - Object to processing of your personal data
Where we are relying on a legitimate interest (or those of a third party) and there is something about
your particular situation which makes you want to object to processing on this ground as you feel it
impacts on your fundamental rights and freedoms. You also have the right to object where we are
processing your personal data for direct marketing purposes. In some cases, we may demonstrate
that we have compelling legitimate grounds to process your information which override your rights
and freedoms. - Request restriction of your personal data
This enables you to ask us to suspend the processing of your personal data in the following scenarios:
(a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but
you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it
as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of
your data but we need to verify whether we have overriding legitimate grounds to use it. - Request transfer of your personal data
We will provide to you, or a third party you have chosen, your personal data in a structured, commonly
used, machine-readable format. Note that this right only applies to automated information
which you initially provided consent for us to use or where we used the information to perform a
contract with you. - Right to withdraw consent
However, this will not affect the lawfulness of any processing carried out before you withdraw your
consent. If you withdraw your consent, we may not be able to provide certain products or services to
you. We will advise you if this is the case at the time you withdraw your consent.
If you wish to exercise any of the rights set out above, please contact us by emailing hello@hampsireunifroms.co.uk
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However,
we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive, or we may
refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right
to access your personal data (or to exercise any of your other rights). This is a security measure to ensure
that personal data is not disclosed to any person who has no right to receive it. We may also contact you to
ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a
month if your request is particularly complex or you have made a number of requests. In this case, we will
notify you.
Lawful Basis
Legitimate Interest means the interest of our business in conducting and managing our business to enable
us to give you the best service/product and the best and most secure experience. We make sure we consider
and balance any potential impact on you (both positive and negative) and your rights before we process your
personal data for our legitimate interests. We do not use your personal data for activities where our interests
are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to
by law). You can obtain further information about how we assess our legitimate interests against any
potential impact on you in respect of specific activities by Contacting us
Performance of Contract means processing your data where it is necessary for the performance of a
contract to which you are a party or to take steps at your request before entering into such a contract.
Comply with a legal or regulatory obligation means processing your personal data where it is necessary for
compliance with a legal or regulatory obligation that we are subject to.