Copyright © 2020
Privacy Policy & GDPR
At Water Heaters 4U Ltd, we are committed to ensuring and protecting your privacy at any time you are
on our website or communicate electronically with our personnel. Our Privacy Policy is contained below
and provides a detailed explanation as to how we may use your personal information provided to us or
any we collect through legal means.
This policy (together with our terms of use and any other documents referred to on it) sets out the basis
on which any personal data we collect from you, or that you provide to us, will be processed by us. Please
read the following carefully to understand our views and practices regarding your personal data and how
we will treat it.
We do occasionally update this policy so please refer back to it in the future.
Definitions and Interpretation:
"Zip 4U Ltd T/A Water Heaters 4U Ltd, 73 Aughnagar Road, Galbally, Dungannon, Co Tyrone, BT70 2PN
"We/Us/Our" means Water Heaters 4U Ltd (See above).
"Account" means an account required to access and/or use certain areas and features of Our group of
sites.
"Personal data" means any and all data that relates to an identifiable person who can be directly or
indirectly identified from that data. In this case, it means personal data that you give to Us via Our Site(s).
This definition shall, where applicable, incorporate the definitions provided in the Data Protection Act 1998
OR EU Regulation 2016/679 - the General Data Protection Regulation ("GDPR").
Your Rights
As a data subject, you have the following rights under the GDPR, which this Policy and Our use of
personal data have been designed to uphold:
" The right to be informed about Our collection and use of personal data;
" The right of access to the personal data We hold about you (see section - How to access your data);
" The right to rectification if any personal data We hold about you is inaccurate or incomplete (please
section - How to rectify data or contact Us);
" The right to be forgotten - i.e. the right to ask Us to delete any personal data We hold about you (We
only hold your personal data for a limited time, as explained in the section below (How we use Your data)
" The right to restrict (i.e. prevent) the processing of your personal data.
" The right to data portability (obtaining a copy of your personal data to re-use with another service or
organisation).
" The right to object to Us using your personal data for particular purposes.
" Rights with respect to automated decision making and profiling.
The processing of your data is either based on your consent or in case the processing is necessary for the
performance of a contract to which you are a party, or in order to take steps at your request prior to
entering into a contract, ref. GDPR art. 6(1) (a)-(b).
If the processing is based on your consent (An example of which is email marketing), you may at any time
withdraw your consent by either updating your preferences or by contacting us direct.
In order to enter into a contract regarding the purchase of Our service(s), you must provide us with the
required personal data. If you do not to provide Us with all the required information, it will not be possible
to provide those service(s).
If you have any cause for complaint about Our use of your personal data, please contact Us and We will
do Our best to solve the problem for you. If We are unable to help, you also have the right to lodge a
complaint with the UK's supervisory authority, the Information Commissioner's Office. For further
information about your rights, please contact the Information Commissioner's Office or your local Citizens
Advice Bureau.
Information We Collect from You
Data can be collected and processed for legitimate interests when our site/s are in operation by you. The
following are approved methods of collection:
" If you register for information or complete a purchase, by filling out a form we can collect the
information provided.
" Corresponding with us by phone, e-mail, support ticket or otherwise.
" Traffic data, weblogs, location data, and any other communication can be collected. These details come
from your visit to our site and any services / resource tools you use while on the site. See section on
analytics in addition
" Any communication on our website or to personnel allows us to collect information.
" Some information is shared with third party business partners, sub-contractors in technical, payment
and delivery services, analytics providers, search information providers, credit reference agencies to
provide You a better user experience. Any data shared is restricted and limited for the purpose it is
intended for.
"
The information collected is dependent on your activity but could be from the below datasets:
" Your name
" Business / Company Name
" Title
" Contact information [Address, Email addresses, telephone numbers]
" Financial payment method
" Your Opted In & Out preferences regarding methods & types of communications
" IP Address
" Web browser type and version, including OS type and version
" Access & Activity logs, including full URLs, click to & through data, Site(s) search data, response times
and errors. (Reference Privacy & Electronic Communications Regulations 2003 & Investigatory Powers Act
2016)
Please note we use third party payment gateways for online invoices and therefore do not collect
credit/debit card information.
How we use Your data
All personal data is processed and stored securely, for no longer than is necessary in light of the reason(s)
for which it was first collected. We will comply with Our obligations and safeguard your rights under the
Data Protection Act 1998 and GDPR at all times.
Our use of your personal data will always have a lawful basis, either because it is necessary for Our
performance of a contract with you, because you have consented to Our use of your personal data (e.g.
by subscribing to emails), or because it is in Our legitimate interests. We may use your data for the
following purposes:
" Providing and managing your Account.
" Providing and managing your access to Our Site(s)
" Personalising and tailoring your experience on Our Site(s)
" Personalising and tailoring Our products and/or services for you
" Supplying Our products and/or services to you (please note that We require your personal data in order
to enter into a contract with you)
" To conduct manual or systematic monitoring for fraud and other harmful activity
" To process payments with our payment gateway companies (PayPal & BACS)
" Replying to emails from you
" Supplying you with emails that you have opted into (you may unsubscribe or opt-out at any time)
" Supplying you with emails about the product(s) and/or service(s) you have (E.g. usage stats, summary
digests, how to use the service)
" Analysing your use of Our Site(s) and gathering feedback to enable Us to continually improve Our Site(s)
and your user experience
" For audits, regulatory purposes, and compliance with industry standards
With your permission and/or where permitted by law, We may also use your data for marketing purposes
which may include contacting you by email, telephone or post with information, news and offers on Our
products and/or services.
We will not, however, send you any unsolicited marketing and will take all reasonable steps to ensure that
We fully protect your rights and comply with Our obligations under the Data Protection Act 1998, GDPR
and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
How we store your data
We only keep your personal data for as long as We need to for legitimate and lawful purposes. All
information you provide to us is stored on our secure servers. We use third party payment gateways and
so do not store any card details.
The majority of your data will be stored within the European Economic Area ("the EEA"), however some of
your data may be stored outside of the EEA (The EEA consists of all EU member states, plus Norway,
Iceland, and Liechtenstein). You are deemed to accept and agree to this by using Our Site and submitting
information to Us. If We do store data outside the EEA, We will take all reasonable steps to ensure that
your data is treated as safely and securely as it would be within the UK and under the Data Protection Act
1998 and GDPR.
Where we have given you (or where you have chosen) a password which enables you to access certain
parts of our site, you are responsible for keeping this password confidential. We ask you not to share a
password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will
do our best to protect your personal data, we cannot guarantee the security of your data transmitted to
our site; any transmission is at your own risk. Once we have received your information, we will use strict
procedures and security features to try to prevent unauthorised access.
Data Security
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or
disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and
secure the information we collect online.
Do we share your data?
Some of your personal data is passed to third parties during order processing. For example, providing
your personal data to a payment gateway provider for invoice fulfilment, or providing your personal data
for fraud checks during the order processing.
In certain circumstances, We may be legally required to share certain data held by Us, which may include
your personal data, for example, where We are involved in legal proceedings, where We are complying
with legal obligations, a court order, or a government authority.
We may compile statistics about the use of Our Site(s) including data on traffic, usage patterns, user
numbers, sales, and other information. All such data will be anonymised and will not include any
personally identifying data, or any anonymised data that can be combined with other data and used to
identify you. The third-party data processors used by Us, which could be located outside of the European
Economic Area ("the EEA") (The EEA consists of all EU member states, plus Norway, Iceland, and
Liechtenstein). Where We transfer any personal data outside the EEA, We will take all reasonable steps to
ensure that your data is treated as safely and securely as it would be within the UK and under the Data
Protection Act 1998 and GDPR.
How Can You Control Your Data?
You have choices regarding our use and disclosure of Your Personal Data:
" Opting out of receiving electronic communications from us. If You no longer want to receive
marketing-related emails from us on a going-forward basis, You may opt-out via the unsubscribe link
included in such emails or by updating your opt-in/opt-out status in your personal settings of the site(s).
We will try to comply with Your request(s) as soon as reasonably practicable.
Please note that if You opt-out of receiving marketing-related emails from us, we may still send You
important administrative messages that are required to provide You with our Services.
" How You can access or change Your Personal Data. If You would like to review, correct, or update
Personal Data that You have previously disclosed to us, You may do so by contacting us.
If emailing us Your request, please make clear in the email what Personal Data You would like to have
changed. For Your protection, we may only implement requests with respect to the Personal Data
associated with the particular email address that You use to send us Your request, and we may need to
verify Your identity before implementing Your request. We will try to comply with Your request as soon as
reasonably practicable.
Your Right to Withhold Information
You may access certain areas of Our Site(s) without providing any data at all. However, to use all features
and functions available on Our Site you may be required to submit or allow for the collection of certain
data.
Your right to be forgotten
You have the right to request that We delete your personal data at any time unless that data is necessary
for us to provide you with services or We are required to retain it to fulfil Our legal obligations. (e.g.
financial information is retained for 7yrs - reference UK HMRC Tax laws)
Retention Period
We will retain Personal Data for the period necessary to fulfil the purposes outlined in this Privacy Policy
unless a longer retention period is required or permitted by law. Please note that we have a variety of
obligations to retain the Data that You provide to us, including to ensure that transactions can be
appropriately processed, settled, refunded or charged-back, to help identify fraud and to comply with
anti-money laundering and other laws and rules that apply to us and to our financial service providers.
Payment Gateways
To protect your payment details We do not store card information. We use the below third-party payment
gateways.
PayPal, payments made via the PayPal gateway can be either with or without a PayPal account, including
credit and debit card payments.
BACS, for selected customers payment by BACS is possible.
In order to process your payment, it is necessary to pass some of your personal data (name, address and
purchase details) to the third-party payment provider.
We use Google Analytics to monitor our website statistics. Google Analytics sets session cookies to help us
accurately estimate the number of visitors to the website and volumes of usage. This to ensure that the
service is available when you want it and fast. For more information about Google Analytics visit Google
Analytics website.
The facts collected about you are statistical only. No identifying information will be shared about our
visitors and how they made use of our site. No personal details will ever be shared.
Links to other websites
Our site(s) may contain links to other websites of interest. However, once you have used these links to
leave our site(s), you should note that we do not have any control over that other site. Therefore, we
cannot be responsible for the protection and privacy of any information which you provide whilst visiting
such sites and such site(s) are not governed by this privacy statement. You should exercise caution and
look at the privacy statement applicable to the website in question.
Controlling your personal information
You may choose to restrict the collection or use of your personal information at any time. If you have
previously agreed to us using your personal information for direct marketing purposes, you may change
your mind at any time by using the opt-out/unsubscribe in the message or updating your personal
preferences. Alternatively, you can also do so by writing to or emailing us.
We will not sell, distribute or lease your personal information to third parties unless we have your
permission or are required by law to do so. You may request details of your personal information which we
hold about you under the Data Protection Act 1998 and GDPR. If you believe that any information we are
holding about you is incorrect or incomplete, please write to us or email us as soon as possible and we will
promptly correct any information found to be incorrect.
