Privacy Policy
This section summarises how we obtain, store and use information about you. It is intended to provide a very general overview only. It is not complete in and of itself and it must be read in conjunction with the corresponding full sections of this Privacy Policy.
-
Data controller: Isabelle Ben yamin
How we collect or obtain information about you:
-
when you provide it to us (e.g. by contacting us by contacting us by email, over the phone and in person, placing an order on our website and by signing up to our newsletters.
-
from your use of our website, using cookies and similar technologies, and
-
occasionally, from third parties
Information we collect: name, contact details, payment information e.g. your credit or debit card details, IP address, information from cookies, information about your computer or device (e.g. device and browser type), information about how you use our website (e.g. which pages you have viewed, the time when you view them and what you clicked on, the geographical location from which you accessed our website (based on your IP address), company name or business name and address and VAT number.
-
How we use your information: for administrative and business purposes (particularly to contact you and process orders you place on our website), to improve our business and website, to fulfil our contractual obligations, to advertise our goods and services, to analyse your use of our website, and in connection with our legal rights and obligations.
-
Disclosure of your information to third parties: only to the extent necessary to run our business, to our service providers and third parties resellers, to fulfil any contracts we enter into with you and where required by law or to enforce our legal rights.
-
Do we sell your information to third parties (other than in the course of a business sale or purchase or similar event): No
-
How long we retain your information: for no longer than necessary, taking into account any legal obligations we have (e.g. to maintain records for tax purposes), any other legal basis we have for using your information (e.g. your consent, performance of a contract with you or our legitimate interests as a business) For specific retention periods in relation to certain information which we collect from you, please see the main section below entitled How long we retain your information.
-
How we secure your information: using appropriate technical and organisational measures such as storing your information on secure servers, encrypting transfers of data to or from our servers using Secure Sockets Layer (SSL) technology, encrypting payments you make on or via our website using Secure Sockets Layer (SSL) technology, only granting access to your information where necessary.
-
Use of cookies:
We use both ‘session’ cookies and ‘persistent’ cookies on this website. ‘Session’ Cookies are erased from your computer when you close your browser. ‘Persistent’ cookies remain on your computer until the expire or are deleted. Melange Chocolate Ltd uses cookies for essential operations (such as keeping you logged in and storing items in your cart) and to track patterns of visitors to this website in order to help us improve its functionality.
All Computers have the ability to automatically accept or decline cookies. This can be done by activating the setting on your browser which determines how to deal with cookies. Please note that should you choose to decline cookies, your experience on our website will be restricted.
-
Transfers of your information outside the European Economic Area In certain circumstances we transfer your information outside of the European Economic Area, including to the following country: the United States of America. Where we do so, we will ensure appropriate safeguards are in place, including safeguards used for data transfers outside the European Economic Area e.g. the third parties we use who transfer your information outside the European Economic Area have self-certified themselves as compliant with GDPR.
-
Profiling: we use profiling e.g. use of web analytics, cookies, web beacons or server logs analysis tools.
-
Your rights in relation to your information
-
to access your information and to receive information about its use
-
to have your information corrected and/or completed
-
to have your information deleted
-
to restrict the use of your information
-
to receive your information in a portable format
-
to object to the use of your information
-
to withdraw your consent to the use of your information
-
not to have significant decisions made about you based solely on automated processing of your information, including profiling
-
to complain to a supervisory authority
-
Sensitive personal information: we do not knowingly or intentionally collect what is commonly referred to as ‘sensitive personal information’. Please do not submit sensitive personal information about you to us. For more information, please see the main section below entitled Sensitive Personal Information.
Our Details:
The data controller in respect of our website is Isabelle Ben Yamin, company registration number: 08248925, 187 Ferndale Road, Brixton, London SW9 8BA. You can contact the data controller by writing to The Chocolate Museum, at the address above or info@thechocolatemuseum.co.uk
If you have any questions about this Privacy Policy, please contact the data controller.
Information we collect when you visit our website:
We collect and use information from website visitors in accordance with this section and the section entitled Disclosure and additional uses of your information.
Web server log information
We use Wix as a third party server to host our website, the privacy policy of which is available here:
Our website server automatically logs the IP address you use to access our website as well as other information about your visit such as the pages accessed, information requested, the date and time of the request, the source of your access to our website (e.g. the website or URL (link) which referred you to our website), and your browser version and operating system.
Use of website server log information for IT security purposes
We do not access log data from our website server as our third party hosting provider collect(s) and store(s) server logs to ensure network and IT security and so that the server and website remain uncompromised. This includes analysing log files to help identify and prevent unauthorised access to our network, the distribution of malicious code, denial of services attacks and other cyber attacks, by detecting unusual or suspicious activity.
Unless we are investigating suspicious or potential criminal activity, we do not make, nor do we allow our hosting provider to make, any attempt to identify you from the information collected via server logs.
Legal basis for processing: compliance with a legal obligation to which we are subject (Article 6(1)(c) of the General Data Protection Regulation).
Legal obligation: we have a legal obligation to implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk of our processing of information about individuals. Recording access to our website using server log files is such a measure.
Legal basis for processing:Our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation).
Legitimate interests: we have a legitimate interest in using your information for the purposes of ensuring network and information security.
Use of website server log information to analyse website use and improve our website
We use the information collected by our website server logs to analyse how our website users interact with our website and its features. For example, we analyse the number of visits and unique visitors we receive, the time and date of the visit, the location of the visit, the operating system and browser used.
We use the information gathered from the analysis of this information to improve our website. For example, we use the information gathered to change the information, content and structure of our website and individual pages based according to what users are engaging most with and the duration of time spent on particular pages on our website.
Legal basis for processing: our legitimate interests (Article 6(1)(f) of the General Data Protection Regulation).
Legitimate interest: improving our website for our website users and getting to know our website users’ preferences so our website can better meet their needs and desires.