Our contact details
Name: Shop@PhysioWorld Ltd
Address: Unit G6 Castle Vale Enterprise Park, Park Lane, Birmingham, B35 6LJ
Phone Number: 0121 629 0330
The type of personal information we collect
We currently collect and process the following information:
- Personal identifiers, contacts and characteristics (for example, name and contact details)
- Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
- Information about your visit, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call our customer service number.
- If you consent to receiving marketing communications, we will use the following information to communicate on a regular basis:
- First Name
- Last Name
- Email Address
How we get the personal information and why we have it
Most of the personal information we process is provided to us directly by you for one of the following reasons:
- Web analytics
- Email marketing
We use the information that you have given us in order to:
- Contact you regarding delivery
- Communicate with you regarding future orders
- Inform you of latest offers and product information
Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:
- Your consent. You are able to remove your consent at any time. You can do this by contacting firstname.lastname@example.org
- We have a contractual obligation.
- We have a legitimate interest
How we store your personal information
Your information is securely stored.
We keep order information obtained when you place an order for a minimum period of six years following the end of the financial year in which you placed your order.
If you have only signed up to receive marketing, and you have never ordered or purchased anything from us, then we would not generally retain your personal information for that long, and usually we will only retain it for 2 years after you last used any account you have with us or confirmed you wish to continue to receive direct marketing from us. Whichever time period normally applies, in some cases we may need to keep your personal information for longer, for example if it is still relevant to a dispute or legal case or claim.
We will not retain your personal information for longer than necessary for the purposes for which it was collected and it is being used. We do not guarantee to retain your personal information for the whole of the periods set out above; they are usually the maximum period, and in some cases we may keep your personal information for a much shorter period.
We will then dispose your information by deleting your whole record from our dataset. This includes any backup copies of data that may exist both in a live environment and in a backup environment.
Your data protection rights
Under data protection law, you have rights including:
Your right of access - You have the right to ask us for copies of your personal information.
Your right to rectification - You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing - You have the the right to object to the processing of your personal information in certain circumstances.
Your right to data portability - You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
Please contact us at email@example.com or 0121 629 0330 if you wish to make a request.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
Payment: If you choose a direct payment gateway to complete your purchase, then Shop@PhysioWorld Ltd stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted. All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us at firstname.lastname@example.org or 0121 629 0330.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk