This Notice explains in detail the types of personal data Party Pieces may collect about you when you interact with us. It also explains how we’ll use, store and handle that data, and how we keep it safe.
We know that there’s a lot of information here, but we want you to be fully informed about your rights and how you can control the manner in which we use the data we collect from you and how you can check it, amend it, and delete it if you wish.
We hope the following sections will answer any questions you have but if not, please do get in touch with us.
We will update this Privacy Notice from time to time so if you have any concerns about the data we ask you for you can always check the latest version which will be available on our website. The date of the last update will always be shown at the beginning of the notice.
2. Who are Party Pieces?
Party Pieces is a partnership formed in 1987 between Mike and Carole Middleton for the purposes of selling party goods and associated products to members of the public in the UK or overseas. All sales are currently online and we have no retail premises. Our head office and fulfilment centre is at the following address:
Any questions regarding this Privacy Notice or concerning the way your personal data has or is being handled by us should be sent to the above address by post, email or phone.
For Data Protection purposes Party Pieces has been registered (Reg No:Z6426601) with the Information Commissioners Office since 2002. The registration was updated on 25th May 2018.
3. Explaining the legal bases we rely on
The law on data protection requires us to explain the legal justification we have for collecting and processing your personal data. Party Pieces relies on the following four bases:
- Consent – An example of this is when you opt-in to receive email newsletters or special offers. You can easily withdraw this consent at any time either by contacting us or by “unsubscribing” from any of the email messages we send you.
- Contractual obligations – When you order from us, you are asked to accept our Terms and Conditions and these establish a contract between you and Party Pieces. Our part of the deal is to pack and deliver the goods you have ordered, and for this we need a delivery address, a means of communicating with you electronically (phone or email or both), and payment for the goods.
- Legal compliance – For example, when we make a sale we have to raise a VAT invoice for the transaction which will have the name and address of our customer on it. We have to keep this accounting information for up to six years after the date of the sale. Please note however, we are not required to hold any credit card (or Paypal) details and neither do we want to. When you place your order this information goes directly to the payment services provider (PSP) we use (Sagepay or Paypal) who arrange the transfer of money from your account to ours. We never see this information ourselves except when you place your order by telephone and in this case we send the information to our PSP on your behalf and destroy the information immediately afterwards.
In the case of marketing sent electronically (email marketing), businesses also have to give customers the opportunity to opt-out of any such marketing activity. Therefore, when you place an order with Party Pieces and we ask you for an email address, you will see a tick box and an explanation that if you tick the box we won’t send you marketing newsletters and/or offers. If the experience of ordering from us is entirely satisfactory (we are sure it will be!) and you want to place a further order a few months later, you may decide you do want to receive newsletters and special offers from us by email. If on this occasion you do not tick the “opt-out” box your original choice will be updated and we will start to send you email marketing communications. We will make a record of your marketing email preference each time you place an order.
- Legitimate interest – Under certain circumstances businesses may send marketing information or offers to previous customers provided the goods being promoted are similar in nature to those previously purchased and that such communications do not materially impact the rights, freedom or interests of the recipients.
4. When do we collect your personal data?
We only collect personal data from you when you give it to us by interacting with our website (www.partypieces.co.uk), when you engage with us on social media or by speaking to us on the telephone.
Here are some examples of when we might collect personal data from you. The legal basis we rely on when doing this is shown in brackets:-
- When you create an online account with us (consent).
- When placing an order online using an account or as a guest (contractual obligation, legal compliance and legitimate interest).
- When you request a catalogue (consent).
- When you sign up for our newsletter (consent).
- When you sign up for our blog (consent).
- When you contact us by any means (including our Chat Line) with queries, complaints etc (contractual obligation and/or consent).
- When you enter prize draws or competitions (consent and you may have to give further consent for your personal information to be passed on to the company offering the prize for the competition).
- When you comment on or review our products and services (consent and legitimate interest).
5. What sort of personal data do we ask you for?
- Your name & address details
- Your email address.
- Your payment card information to pay for your order. This information goes straight to our Payment Service Providers (Sagepay or Paypal). We do not see this information and neither do we store it.
- Optionally, your landline or mobile phone number if you choose to give it to us.
- Optionally, the dates of birth of your children if you choose to give us this data.
6. What sort additional data do we collect from you?
- We collect technical information about your internet connection and the browser you use, the pages you visited while on our site and the search terms you used. This helps us to improve our site in order to give the best possible online experience to all our users.
- Your social media username if you interact with us through those channels and this allows us to respond to your comments, questions and feedback.
- Tracking your movements when using our website and how you react to our marketing emails.
- Buying information such as order value and products purchased.
7. How do we use your personal data?
The personal data we ask you for is primarily used to fulfil our contract with you so we can deliver the goods you have ordered from us.
We ask you for your name and home address so we can:-
- deliver your order to you or to your delivery address if different
- check the viability of the payment method you have used and to prevent fraudulent transactions.
- create an record for you in our order management system and account for the sale of goods to you for tax and VAT purposes.
- once or twice a year send you a copy of our latest party catalogue unless you ask us to cease. You can do this here or at any time in the future by emailing firstname.lastname@example.org.
We ask you for your email address so we can:
- get in touch with you about your order where necessary
- acknowledge receipt of your order and advise you when it has left us giving you details of the shipment allowing you to track its progress.
- ask the delivery service to advise you when your order will be delivered.
- tell you when any refund you have asked for has been actioned.
- stay in touch with you after subscribing to our newsletter or placing an order unless you ask us not to. These emails usually take the form of:-
- advise of free offers or periods of free delivery
- arrival of new product ranges
- arrival of seasonal ranges such as Christmas, Easter, Halloween, Summer etc
- issue of a new edition of our catalogue
stay in touch with you after signing up for our blog. These emails usually take the form of:-
Every marketing email we send you gives you the opportunity to “unsubscribe” from further email marketing messages.
- RSS blog updates
- Blog newsletter
- send you feedback requests to help us improve our products and services. These emails do not include any promotional content.
your phone number
We ask you for payment information to allow our payment services provider to manage the payment of your order and advise us when it is complete. We never see or store this information ourselves.
Optionally we ask you for
- get in touch with you about your order where necessary
- ask the delivery service to send you SMS messages about the delivery of your order (mobile phones only of course)
Optionally we ask you for the dates of birth of your children so we can send you a party catalogue or an email tailored to the child’s age a few weeks before the birthday. No correspondence is sent to the children themselves.
Personal information you Consent to give us.
Of course if you sign up for a newsletter or other service by giving us your email address we will use the address for that purpose until you ask us to cease. Every communication sent to you as a result of giving this “consent” will provide you with the opportunity to unsubscribe.
We might have to use your home address or email address to send you communications required by law or which are necessary to inform you about changes to the services we provide you. For example, updates to this Privacy Notice or product recall notices. These “service” messages will not include any promotional content and do not require prior consent when sent by email or text message.
8. How we protect your personal data
We know how much data security matters to all our customers. With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it. We secure access to all transactional areas of our website using ‘https’ technology.Access to your personal data is password-protected, and sensitive data such as payment card information is secured by SSL encryption when it is sent to our Payment Service Providers.Our network partners regularly monitor our IT systems for possible vulnerabilities and attacks
9. How long will we keep your personal data?
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected.
At the end of that retention period, your data will either be deleted completely or rendered anonymous so that it can be used in a non-identifiable way for statistical analysis and business planning.
By way of example, when you place an order we’ll keep the personal data you give us for up to six years so we can comply with HMRC tax and VAT obligations. Email addresses will cease to be used for marketing purposes two years after your last interaction with us or earlier if you choose to unsubscribe. If you unsubscribe your email address will go onto a suppression list so we can comply with your requirements. Email addresses on suppression lists will be kept for the life of the business.
10. Who do we share your personal data with?
We often have to pass your personal data to trusted third parties but only for the purposes of processing your order (fulfilling our contract with you) keeping in touch with you by direct marketing or providing you with additional facilities on our website. We never sell, rent or pass your data to other companies for their marketing purposes. The only exception to this rule is if you enter a competition organised by us and the prize is offered by another company that company may expect to have access to your information for marketing purposes and to fulfill the prize. In this case you will be specifically informed at the time you enter the competition Where we need to share your data with other companies we only provide them with the personal information they need to carry out specific services. We will have an agreement with them to ensure:-
Obvious examples of the kind of third parties we work with are:-
- they too comply with the requirements or equivalent standards of the General Data Protection Regulations even if they are operating outside Europe.
- they only use your data for the purposes we specify in our agreement with them.
- they only retain your data for as long as is necessary after which it will be deleted.
Less obvious examples of how your personal data might be passed to other companies:-
- Operational companies such as delivery couriers who need your name and address to deliver your order and your email address to inform you when the delivery is due.
- Payment Service Providers (PSPs) who receive the credit card or Paypal details you provide when placing an order. Party Pieces never see these details but the PSPs will use them to transfer payment from your account to ours and to perform credit checking against lists of known fraudulently used cards.
- IT companies who support our website and other business systems. Our customer lists and records are usually held within the systems to which they have access.
- Direct marketing companies who help us manage our electronic and postal communications with you and keep records of your email preferences.
- Address management companies to ensure your details are up to date and accurate and that you haven’t listed with any suppression service.
- When you use our Chat Line the email address you use for the chat gets passed to Olark in the USA which we use to manage this service. While the “chat” itself is directly with our own Customer Service staff the transcript of it alongside your name and email address is made by Olark who will send the copy of the transcript to you if you request it. Olark is not allowed to use any of this data for any other purpose.
- If another business were to buy or otherwise acquire part or all of the assets of Party Pieces then the personal data held by Party Pieces about its customers could be transferred as one of the assets. If this were to happen, your personal data would be transferred to the new owner under the terms of this Privacy Notice. During the process of purchase or acquisition Party Pieces customer data might be shared with the interested party under the terms of this Privacy Notice for the purposes of the evaluation of the customer data as a whole.
We may be required to disclose your personal data to the police or other enforcement or regulatory body. These requests are assessed on a case-by-case basis and if faced with them we will take the privacy of our customers into consideration. This may include exchanging information with other companies or organisations for the purposes of fraud protection and credit risk reduction
11. Where your personal data might be processed
At Party Pieces we keep a schedule of all the customer personal data we hold showing where it is held and how it is transferred from one area to another. By far the majority of such data is held on our own servers in the UK or on the servers of our IT partners also in the UK.
Sometimes we will need to share your personal data with third parties and suppliers outside the UK and even outside the EEC. An obvious example of this are when you place an order with us and you live in the USA. Your name and delivery information will have to be passed at some stage to a courier in the USA to deliver your order. A less obvious example is the one given in Section 9 (above) concerning the use of our Chat Line.
The GDPR covers the processing of data within the EEC but where the data goes outside the EEC we ask our service partners in those countries to apply the same standards to the processing of that data as is required by the GDPR.
12. How can you stop the use of your personal data for direct marketing?
The marketing material we send to enquirers and previous customers mostly consists of email newsletters and special offers. We also send copies of our party catalogue to previous customers on the anniversary of a previous purchase and to anyone else who asks for it.
If you are receiving marketing information and want to stop it or you want to prevent it from the outset you can take any of the following actions and we will comply with your request:-
- tick the “opt-out” box when placing an order to prevent newsletters and special offers being sent to you by email. This is next to the point where we ask you for your email address.
- click the ‘unsubscribe’ link in any marketing email communication we send you which should stop the emails immediately or you can unsubscribe from email marketing here if you wish.
- ask us not to mail you copies of our printed catalogue by clicking here or at any time in the future by emailing email@example.com. Alternatively return any unwanted catalogue to us at our expense using the contact details shown on the inside back cover of any of our recent catalogues.
- write to Customer Services at Party Pieces, Childs Court Farm, Ashampstead Common, RG8 8QT or email firstname.lastname@example.org or phone us on 01635 201844.
13. What rights do you have over your personal data held by Party Pieces?
You have the right to request:
To carry out any of these requests please contact Customer Services at Party Pieces, Childs Court Farm, Ashampstead Common, RG8 8QT (Tel: 01635 201844) or email email@example.com To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make regarding your personal data.If, in the unlikely event you should feel that your personal data has not been handled correctly by Party Pieces you can lodge a formal complaint with the Information Commissioner’s Office (ICO) whose website can be found at www.ico.org.uk.
- access to the personal data we hold about you.
- the correction of your personal data when incorrect, out of date or incomplete.
- the deletion of any personal data we hold about you provided we do not need it for other legitimate purpose eg. the invoices we raise to you for tax and VAT purposes and our marketing suppression lists.
- that we stop using your personal data for direct marketing (see Section 12)
- the withdrawal of any consent you may have previously given us to use or process your personal data
14. Terms and Conditions
To view our Terms and conditions click here