Welcome to cannabidioldirect.co.uk We understand that privacy online is important to users of our Site, especially when conducting business. This statement governs our privacy policies with respect to those users of the Site (“Our Visitors”) who visit without transacting business and Visitors who register to transact business on the Site and make use of the various services offered by Health & Wellness Group Limited.
Health & Wellness Group Limited is committed to ensuring that your privacy is protected.
You have rights relating to our storage and use of your personal data including:
· The right to be forgotten – where you can ask us to delete all personal data relating to you
· The right to object – you can say no to certain data use (such as profiling for marketing purposes)
· The right to rectification – you can ask us to have incomplete data completed
· The right of access – you have the right to know what data is being processed and how.
You also have the right to raise a complaint with the ICO if you are unhappy with the way we have collected, stored, or used your personal data.
We’ll only ever store your personal information for the time we need it.
If you ask us to contact you via the contact form on our site, we will contact you by email or phone. Please inform us of any changes to your contact information. If at any point, you prefer not to receive such calls or e-mails, please let us know.
SECTION 1 – WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, postal & billing address, telephone number, and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Rewards Account (if applicable): If you sign up to a rewards account we will store your name and email address to enable us to pass on your rewards to you.
Email marketing (if applicable): With your permission, we may add your name and email address to our email marketing mailing list to send you emails about our store, new products, and other updates.
SECTION 2 – CONSENT
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
To use your personal information for a secondary reason, like marketing, we will ask you directly for your expressed consent and provide you with an opportunity to say no.
How do I withdraw my consent?
If after you opt-in, you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at any time, by submitting a contact form
You can also update your preferences or unsubscribe from the newsletter list at any time. The direct link to do this is at the end of each newsletter.
SECTION 3 – DISCLOSURE
We will not sell, distribute or lease your personal information to third parties unless we have your permission, are required to do so by law, or if you violate our terms of service.
SECTION 4 – Payment:
If you choose a direct payment gateway to complete your purchase, then Vivapay stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express, and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
SECTION 5 – THIRD-PARTY SERVICES
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third-party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So, if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.
As an example, if you are located in Canada and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
When you click on links on our store, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.
Our store uses Google Analytics to help us learn about who visits our site and what pages are being looked at.
SECTION 6 – SECURITY
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.
SECTION 7 – COOKIES
A cookie is a small file that asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes, and dislikes by gathering and remembering information about your preferences.
Here is a list of cookies that we use. We’ve listed them here so that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
PREF, persistent for a very short period, Set by Google and tracks who visits the store and from where
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies if prompted by our site. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
SECTION 8 – AGE OF CONSENT
By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site. The legal age to make purchases of CBD products is 18 years of age in all EU and UK countries.
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered, or destroyed.
If you provide us with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption. Although we cannot guarantee this as no method of transmission over the Internet or electronic storage is 100% secure, we follow all requirements which are compliant with industry standards.
What personal information do we collect from the people that visit our blog, website or app?
When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, credit card information or other details to help you with your experience.
When do we collect information?
We collect information from you when you register on our site, place an order, subscribe to a newsletter, fill out a form or enter information on our site.
How do we use your information?
We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:
- To personalize user’s experience and to allow us to deliver the type of content and product offerings in which you are most interested.
- To improve our website in order to better serve you.
- To allow us to better service you in responding to your customer service requests.
- To quickly process your transactions.
- To send periodic emails regarding your order or other products and services.
How do we protect visitor information?
Our website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to our site as safe as possible.
We use regular Malware Scanning.
Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user places an order to maintain the safety of your personal information. All transactions are processed through a gateway provider and are not stored or processed on our servers.
Do we use ‘cookies’?
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Internet Explorer) settings. Each browser is a little different, so look at your browser’s Help menu to learn the correct way to modify your cookies.
If you disable cookies off, some features will be disabled that make your site experience more efficient and some of our services will not function properly. However, you can still place orders.
Third Party Disclosure
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information unless we provide you with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety.
However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Third party links
We do not include or offer third party products or services on our website.
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users.
We use Google AdSense Advertising on our website.
We have implemented the following:
- Demographics and Interests Reporting
We along with third-party vendors, such as Google use first-party cookies (such as the Google Analytics cookies) and third-party cookies (such as the DoubleClick cookie) or other third-party identifiers together to compile data regarding user interactions with ad impressions, and other ad service functions as they relate to our website.
Users can set preferences for how Google advertises to you using the Google Ad Settings page. Alternatively, you can opt out by visiting the Network Advertising initiative opt out page or permanently using the Google Analytics Opt Out Browser add on.
California Online Privacy Protection Act
According to CalOPPA we agree to the following:
Users can visit our site anonymously
Users are able to change their personal information:
- By emailing us
- By logging in to their account
How does our site handle do not track signals?
We honor do not track signals and do not track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.
Does our site allow third party behavioral tracking?
It’s also important to note that we do not allow third party behavioral tracking
COPPA (Children Online Privacy Protection Act)
When it comes to the collection of personal information from children under 13, the Children’s Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, the nation’s consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children’s privacy and safety online.
We do not specifically market to children under 13.
Fair Information Practices
The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.
In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:
- Within 7 business days
We will notify the users via in site notification
- Within 7 business days
We also agree to the individual redress principle, which requires that individuals have a right to pursue legally enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or a government agency to investigate and/or prosecute non-compliance by data processors.
CAN SPAM Act
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.
We collect your email address in order to:
- Send information, respond to inquiries, and/or other requests or questions.
- Process orders and to send information and updates pertaining to orders
- We may also send you additional information related to your product and/or service.
- Market to our mailing list or continue to send emails to our clients after the original transaction has occurred
To be accordance with CANSPAM we agree to the following:
- NOT use false, or misleading subjects or email addresses
- Identify the message as an advertisement in some reasonable way
- Include the physical address of our business or site headquarters
- Monitor third party email marketing services for compliance, if one is used.
- Honor opt-out/unsubscribe requests quickly
- Allow users to unsubscribe by using the link at the bottom of each email
If at any time you would like to unsubscribe from receiving future emails, you can
- Follow the instructions at the bottom of each email.
and we will promptly remove you from ALL correspondence.
Age of Consent
By using this site, you confirm that you are at least the age required in your country of residence required to purchase CBD Products.
Our site may contain links to other 3rd party websites. Please note that when you click on one of these links, you are moving to another website. We encourage you to read the privacy statements of these linked sites as their privacy policies may differ from ours.
Questions and Contact Information
To register a complaint, or if simply want more information please contact our Customer Support team HERE