Privacy Policy

Privacy and Transparency Notice

Data Controller – Bermuda watch company ltd of Sladenwood Mill, Todmorden Road, Littleborough OL15 9EW, is the data controller. Further contact details are available from www.bermudawatchcompany.com

Purposes of Processing – Your data will be processed in order to: 

·  Market Bermuda Watch Company Limited services to you;

·  Provide services under contract to you;

·  Provide services to others (in so far as this does not breach client confidentiality);

·  Comply with regulatory and other legal obligations; and

·  Protect Bermuda Watch Company Limited against potential claims.

Legal basis – Your data will be processed on the basis that Bermuda Watch Company Limited has a legitimate interest in being able to achieve the aims of processing set out above. Where special category data is provided, the provider of the data warrants that they consent to Bermuda Watch Company Limited processing that data or that they have obtained written consent from the data subject.  

Personal Data Held – AS a minimum, Bermuda Watch Company Limited is required to positively identify its clients. This also includes positively identifying a director in the case of a corporate client. In addition, Bermuda Watch Company Limited holds whatever information is provided to it by its clients and others. This will rarely include special category data.

Failure to Provide Data – Bermuda Watch Company Limited obtained most personal data from its clients and those who have indicated that they have an interest in Bermuda Watch Company Limited services. Bermuda Watch Company Limited also obtains some personal data from other correspondents. Bermuda Watch Company Limited also collects some data from publicly available sources (e.g. Companies House). 

Recipients – Any data provided by a client is treated as confidential to that client and will only be shared with others in so far as this is necessary in order to provide the services contracted for by the client, to comply with regulatory and other legal obligations and to protect Bermuda Watch Company Limited against a potential claim. In order to provide its services, Bermuda Watch Company Limited relies on the services of certain data processors. These include secure cloud storage for files and emails. In each case, Bermuda Watch Company Limited ensures that data is processed in compliance with its policy.

Third Countries and Safeguards – Other than when required in order to provide services as required in individual matters, data is rarely sent to third countries. Where it is, the relevant devices are password protected and equipped with tracking and remote wipe software. The devices are personally accompanied. 

Retention Period – Data is held for six years from the end of the relevant matter or for six years where not associated with a particular matter. 

Data Subjects Rights – Where relevant, you have the right (subject to client confidentially) to: 

· Withdraw consent to the processing of your data;

· Complain to a supervisory authority regarding the processing of your data (https://ico.org.uk/); and

· Obtain a copy of the data held on you and to correction of any errors in that data.

Automated Decision Making – None.


Security Policy:

Our Payment Service Provider is Shopify. Shopify provides a secure payment gateway (Level 1 PCI DSS), processing payments for thousands of online businesses, including ours. Shopify’s compliance covers all six PCI standard categories including maintaining a secure network, protecting card holder data, maintain a vulnerability management program, Implement strong access control measures, Regularly monitor and test networks and Maintain an information security policy.

It is Shopify’s utmost priority to ensure that transaction data is handled in a safe and secure way.  Shopify uses secure methods including annual on-site assessments validating compliance to continuous risk management. Once on the Shopify systems, all sensitive data is secured, Shopify is PCI DSS (Payment Card Industry Data Security Standard) compliant to the highest level and maintains regular security audits. 

You know that your session is in a secure encrypted environment when you see https:// in the web address, and/or when you see the locked padlock symbol alongside the URL.  So when buying through our site, you can be sure that you are completely protected.

 

PAYMENT CARD NUMBER, EXPIRY DATE, ISSUE NO AND NAME OF CARD HOLDER – WHEN YOU PURCHASE A PRODUCT WE NEED THESE DETAILS SO WE CAN COLLECT THE PAYMENT.

 

CORRESPONDENCE - IF YOU CONTACT US WE MAY KEEP A RECORD OF THAT CORRESPONDENCE.