Who We Are
BHMA Limited is the data controller of the information you provide. BHMA Limited is a company registered in England and Wales with registration number 02662130. Our registered office address is 7-10 Ashley Park, Common Road, Witchford, Cambridgeshire CB6 2HZ.
Your Personal Information & How We Use It
We collect certain information from you when you use our websites, contact us by telephone, our social media channels, email us or use our Live Chat services. Some of this information is collected automatically, such as IP address and data stored in cookies. Other information is given to us by you, such as a delivery address when placing an order.
We only collect and process your information for legitimate business interests, legal requirements or contractual obligations. More information on what grounds we collect your data can be found in the ‘Basis For Collecting Your Personal Information’ section below. Here; you can find a rundown of the different types of personal information we process and how we use it.
Information You Give to Us
Personal information such as name, address, phone number and email address. This could be given when registering for an account, purchasing a product, filling out a contact form or entering a competition. We will only use this data to send marketing emails to users that purchase a product or sign up to our mailing list or use our Live Chat Service. When giving your email address at the checkout, we may use this to send you an email enabling you to checkout easily if you leave the site.
Payment details. These are used when purchasing a product. We use secure payment processors and security measures throughout our site and server. We never store payment details. These are only kept at the payment gateway, an example of which is, Stripe or PayPal.
Your contact history such as emails, messages via social media and live chat transcripts. These are used to help resolve your problems, to be able to follow up at a later time if necessary and to help optimise our customer services.
Other. Such as leaving a review, completing a survey or requesting a quote for a product. We keep this data to a minimum in order to contact you where applicable and analyse the results of our marketing efforts.
We collect this information to ensure we can carry out the functional and legal requirements of our business operations. This includes creating an account for you when requested, engaging with you with communications you have initiated, processing payment information and working with our couriers to ensure your orders get to the right destination.
We also use it to improve the user experience of the site, to offer personalised user experience and to deliver more relevant marketing communications where applicable.
Information We Collect Automatically
Device information such as your IP address, browser data and cookie data. We use both internal tracking technology and third-party vendors to handle this information.
On page information such as which products you have looked at, what search terms you have used and which products you have added to the basket. This data is linked to the device information listed above and not to any identifiers such as name or physical address.
We use this data in order to be able to deliver the best possible shopping experience in a safe and easy to use environment. Device and page information is used to help us identify issues with the website, analyse what type of devices are using our website and look at data on the individual page level.
With this information we then screen for potential fraud, make improvements to the site, help train our staff and offer a personalised shopping experience to our users.
In terms of using this data to offer a personalised experience this could include showing relevant promotions or products based on the previous pages that have looked at and showing prices including or excluding tax based on your previous selection. We also use third party vendors to present targeted advertising when browsing other websites.
This information also helps us comply with certain legal requirements and ensure any contractual obligations between us and the user are being met.
Basis for Collecting Your Personal Information
Under GDPR we must have a legal basis for doing so and the language in the regulations describes what these are. Below are some of the different bases we use to determine what personal information to process and what these mean in context.
Legitimate Interests. This is the main basis we use when processing your personal information. Legitimate interests means: processing data that is necessary to achieve the commercial, individual or societal interests of the parties involved. It only applies when the same result could not be achieved in a less intrusive way, and we do everything we can to ensure this is the case.
When weighing up if a certain type of data processing is a legitimate interest we perform a balance test that compares our interests against your interests to decide if it is something you would reasonably expect us to do in a commercial operation.
If you do not want us to process your data under the legitimate interests listed below, you have the right to object. Please take a look at ‘Your Rights’ section for more information. Please note that if we can’t process your personal information, we may not be able to fulfil some aspects of our operations, and therefore not fulfil your intended orders.
During our assessments, we identified the following as legitimate interests for processing your personal information:
Core services such as taking payment details.
Being able to deliver purchased products to the correct address.
Being able to contact you if there are any problems with your order
Sending you a marketing email if you have purchased from or communicated with us.
The ability to engage in a live chat with you.
Promoting our products on our website and elsewhere on the internet.
Giving you the ability to restore a shopping cart easily.
Personalisation of your shopping experience and your products.
Tracking user behaviour and site traffic to enhance the customer experience.
Contractual. As e-commerce stores, when you purchase a product from us we; both parties, enter a contract (buyer and seller). This contract ensures you are protected by various safeguards and legislations regarding buying goods. In order for us to keep up the side of our contract, namely delivering the products to you, we need to process certain personal information that you provide to us when purchasing. An obvious example of this is using your address to deliver the product to you.
Legal. There are certain laws that mean personal information would have to be kept in order to adhere to them. An example of this is to investigate any warranty claims or to notify you of a product recall, or the keeping of records for 7 years for HMRC.
Sharing Your Personal Information
We share your personal information in limited ways with partners who have been subjected to our rigorous screening methods to ensure they have the same high level of data processing standards as we do. We only share data that helps to provide a better customer experience and this information cannot be used by the third-party for their own promotional activities.
Here are the ways your personal information may be shared with third parties:
Delivery information provided to our couriers and suppliers to ensure that any product you purchase can be delivered to you.
Our live chat provider when you engage in a chat with one of our representatives.
When we are legally obliged to do so e.g. legal request.
For email marketing campaigns. This data is strictly limited to as few pieces of data as possible to deliver an effective marketing campaign, for products services or general information we believe would benefit you.
For web traffic analytics, such as Google Analytics, to help us understand how our customers use the site. This includes, but isn’t limited to your IP address and demographic information. You can opt-out of Google Analytics via the following link: https://tools.google.com/dlpage/gaoptout
For targeted advertising on other websites, currently the third parties we use are Google’s AdWords® You can opt-out of these services by going to the providers' website.
We will never sell your information or otherwise provide it to a third party that doesn’t fall under the uses listed above. We will always ensure we comply with any and all applicable data protection laws including the General Data Protection Regulation (GDPR).
International Transfers of Your Personal Information
From time to time your personal information may be transferred outside of the UK/European Economic Area (EEA). An example of this would be Google Analytics data that was sent to a server in the United States.
If your personal information is transferred outside of the UK/EEA it will be subject to any applicable laws of the country it resides in. We will always ensure to the best of our ability that any country outside the UK/EEA it is transferred to has laws that offer the same level of protection as if it were inside the UK/EEA as outlined by the European Commission.
How Long We Keep Your Personal Information For?
We will keep your personal records as long as you have an account with us, or if you have made a purchase with us as long as is necessary to ensure we can fulfil the purpose it was collected for. This would be one of the ways outlined in the ‘Your Personal Information & How We Use It’ section.
If you call our phone line but do not make a purchase and have not requested a call back or further information we will not keep your data on record.
If you email us, we will retain your email for a period of three years. This will be to respond to any questions or complaints you may have. We will not store your data for other marketing purposes unless you have requested to do so, e.g. to be part of our marketing list.
For data kept on our marketing mailing lists, we will remove any personal information where there has been no interaction with an email for two years. You may unsubscribe or ask us to be removed from this list at any time. We will keep your email address on record when unsubscribing in order to prevent us emailing you again. You will be recorded as unsubscribed.
We may also keep some parts of your information in order to meet certain legal or regulatory requirements.
Once the retention period for your data has ended we will delete the information from the necessary sources or anonymise it so you can not be identified in any way.
You have rights relating to the personal information we hold about you. These rights are designed to put you in control of your personal information, enabling you to access it, update it and remove it quickly and easily. You can find an overview of your rights listed below:
You have the right to know what personal information we store in relation to you and the right to access this information. This is known as a ‘Data Subject Access Request’. If your request falls under our obligations we will provide it to you within 30 days from your request. We may ask for proof of identity or information about your interaction with us to ensure we are giving information to the correct party.
· You have the right to correct any information that is not incorrect, such as an old address.
· You have the right to ask us to delete any personal information where it is no longer required for the function it was intended to carry out.
· You have the right to stop your personal data from being used to send direct marketing. In regards to email marketing, the quickest way to do so if by clicking the unsubscribe button in the footer of an email. Please note we will continue to store your email address to ensure no more emails are sent to that address.
· You have the right to withdraw any consent you have given us in relation to processing your data at any time.
· You have the right to ask us to stop processing your personal information on the basis of our listed legitimate interests.
· You have the right to complain to the data protection regulator regarding how we process your personal information. You can find details on how to do so in the ‘How To Contact The Information Commissioner's Office’ section of this policy.
· To exercise any of these rights please get in contact with us using the details listed in the ‘How To Contact Us’ section below.
How To Contact The Information Commissioner's Office
If you are unhappy with the way in which your data has been processed by us or the way we have dealt with your requests regarding that data, it is your right to be able to make a complaint to the Information Commissioner’s Office (ICO). For more information please visit: https://ico.org.uk/
How To Contact Us
So what are cookies? Cookies are small files containing letters and numbers that are stored by your browser onto your device when you visit a website. They allow us to distinguish one user of the website from another, which helps us to improve our website. Most browsers will accept cookies automatically, but they can be disabled - more on that below. Bear in mind cookies perform functions such as keeping items in your basket so disabling them will affect the functionality of our site. We may change our cookies from time to time, but here is a rundown of the types of cookies we generally use on our website and what they do.
Functional cookies. These are cookies that are essential for the use and operation of our website. Adding products to the shopping basket, using our live chat or logging on to your account are examples of these. Some of these cookies are session only, so are deleted once you close your browser, others are persistent which are kept until they expire or are manually deleted.
Analytical cookies. These cookies allow us to look at how users interact with our site, and how many users are on the site and particular pages at a given time, through Live Chat for example. We use both internal first-party cookies and also third-party cookies set by Google Analytics. These cookies enable us to optimise the customer experience and make sure the right content is easy to find. They do not store any personal information such as your name or address.
Targeting or advertising cookies. These types of cookies look at what pages you have visited and what products you have interacted with when using our site. We use internal first-party cookies that help us deliver personalised content such as promotions or allowing you to retrieve your cart easily. We also use third-party cookies that aim to give you more relevant advertising when browsing the web outside of our site.