Policy key definitions:
“I”, “our”, “us”, or “we” refer to the business, [Ecorend, La Roc & Wetherby Group].
“you”, “the user” refer to the person(s) using this website.
GDPR means General Data Protection Act.
PECR means Privacy & Electronic Communications Regulation.
ICO means Information Commissioner’s Office.
Cookies mean small files stored on a user’s computer or device.
Processing of your Personal Data
Under the GDPR (General Data Protection Regulation) we control and / or process any personal information about you electronically. By reading this privacy statement, you will learn about the bases on which we process your Personal Data when you access our Site or otherwise interact with us. Any Personal Data that you provide will be treated as set forth below.
We may collect the following information when you visit our Site or interact with us:
• Personal information such as name and job title.
• Contact information including home, business and email address.
• Other information relevant to customer surveys/feedback.
• Information on products from Wetherby Group or competitors used by you
• Information collected automatically while you visit our site, including IP addresses, generic locations, service providers, time of activity, technology and device identifiers and information gathered through cookies/tracking pixels (please also see “Internet Cookies” section)
All of which you submit to us, for example, by:
• Completing forms on our Site
• Signing up to our Newsletters
• Participating in our promotions, offers, surveys, quizzes, questionnaires and/or contests
• Providing us with your feedback or leaving a product review
• Contacting Wetherby Group with questions and comments
We may process your data for the following purposes (the legal bases for our processing are highlighted in bold):
• To pursue our legitimate interests which include, for instance:
o Providing you with customer service
o Handling and attending to your complaints
o Understanding your needs and providing you with a better service and understanding you better as our customer
o Improving the content, general administration and customisation of our site, for example, by customising user experience, measuring effectiveness of communications and site performance, and optimising site performance.
o Improving our products and services
o Providing you with offers, products, samples, invitations to events and training courses, and other advertisement information which we have reason to believe you may find interesting based on your previous requests or based on similar products you have bought or expressed your interest in before.
o Compiling market insights
• Where you have given us your consent, for example, to periodically contact you via email about promotions, new products or services, or events or to provide you with other advertisement information
• To perform our obligations under a contract between you and us in relation to our products, that is to respond to your queries and fulfil your requests or orders, process payments, administer and process surveys, quizzes, questionnaires, and/or contests
• To comply with our legal obligations which include, for instance:
o Maintaining our business records
o Preventing fraud and
o Complying with requests of public authorities
Where we ask you for your Personal Data due to statutory or contractual requirements, we will indicate which information is voluntary. However, if you do not provide us with certain information voluntarily, we may not be able to provide you with the respective products or services, or respond to your requests, for which we need that information.
How long do we retain Personal Data?
Your Personal Data will only be retained by Wetherby Group for as long as it is required:
i. For the purpose(s) for which it was collected
ii. To be retained by law and/or
iii. To address any issues that may have arisen at a later date (in which case we will provide you with any further information as required by law)
Categories of recipients of Personal Data
We may transfer your Personal Data to third parties as follows:
• Wetherby Group entities may be recipients of your Personal Data, so that we can benefit from our corporate structure to facilitate quicker and more efficient service to you by sharing within the group information systems, financial administration or other administrative tasks and customer service.
• Processors and service providers are sometimes engaged by Wetherby Group to assist us with their services and may, in course of their engagement, receive, or have otherwise access to, your Personal Data. These processors and service providers include:
o Media, design, printing, promotional, and event agencies in order to conduct promotional and marketing activities or execute communications on our behalf
o Survey and market research companies, in order to obtain market intelligence
o IT and other technical providers in order to obtain hosting, storage, or recovery services in case Wetherby Groups computer systems were ever damaged, destroyed or inaccessible
o Shipping entities and logistics service providers to ship to you products and other materials on our behalf
o Payment processing service providers
• In case of a legal requirement, we may also disclose your Personal Data and other information to relevant third parties if we are required to do so by law or that disclosing such information is necessary to:
o Conduct investigations of possible breaches of law
o Identify, contact, or bring legal action against someone who may be violating an agreement they have with Wetherby Group
o To avoid imminent physical harm to any person or to protect Wetherby Groups rights, safety or property. We may also disclose your Personal Data to relevant third parties to investigate, respond to, and/or prevent a security/data breach, or to cooperate with government or law enforcement authorities pursuant to other legal matters.
• In the course of corporate transactions, Wetherby Group may share your Personal Data and other information with a third party in the event that Wetherby Group merges with, acquires, is acquired by, or becomes a legal affiliate with, such third party, or should such a transaction be proposed.
Except as described above, your Personal Data is not transferred to any person or entity. Where we transfer your Personal Data to third parties (as described above), we always ensure that all required contractual arrangements will be agreed between us and the third parties. This may include contractually requiring them to only act on our instructions, to implement appropriate measures for the protection of your Personal Data and not to use it for their own purposes.
How we protect Personal Data
We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement. When your Personal Data is no longer required, it is destroyed, anonymised, or otherwise disposed of using secure methods.
Your individual rights
Under the GDPR your rights are as follows. You can read more about your rights in details here;
the right to be informed;
the right of access;
the right to rectification;
the right to erasure;
the right to restrict processing;
the right to data portability;
the right to object; and
the right not to be subject to automated decision-making including profiling.
You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.
Where you have given us your consent to process your Personal Data, you can withdraw your consent at any time and at no cost with effect for the future. If you do, we will stop the respective processing of your Personal Data based on that consent. However, this may, for example, prevent us from providing you with certain services for which we processed your Personal Data.
We handle subject access requests in accordance with the GDPR.
If you would like to exercise any of the above rights, please contact us by using the Contact Us link on the Site.
Some cookies are required to enjoy and use the full functionality of this website.
Cookies that we use are;
Consent Cookie – this stores the users cookie consent for the Site.
Collect Cookie – this is used to send data to Google Analytics about the visitors device and behaviour. It tracks the visitor across devices and marketing channels.
_ga Cookie – this is used to register a unique ID that is used to generate statistical data on how the visitor uses the website.
_Gid cookie – this is used to register a unique ID that is used to generate statistical data on how the visitor uses the website.
_Gat Cookie – this is used by Google Analytics to throttle request rate
NID Cookie – this registers a unique ID that identifies a returning users device. The ID is used for targeted ads.
Email marketing messages & subscription
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the “Processing of your personal data” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third-party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences, you can also unsubscribe from all MailChimp lists, by following this link, otherwise contact the EMS provider.
Our EMS provider is; Mailchimp. We hold the following information about you within our EMS system;
Subscription time & date
We are registered with the ICO under the Data Protection Register, our registration number is: Z9902184.
Resources & further information
Overview of the GDPR – General Data Protection Regulation
Data Protection Act 1998
Privacy and Electronic Communications Regulations 2003
The Guide to the PECR 2003
Small business GDPR policy template