Data protection law is changing. On 25 May 2018 the EU’s General Data Protection Regulation (GDPR), the successor to the Data Protection Act, becomes enforceable across Europe, including the UK. The Smiddy takes data protection seriously and has set out our policy below to make sure everything is transparent and compliant.
Information we may collect
Some services on this website allow us to collect personal information from you for the purpose of email marketing or getting in touch with you. To comply with the new GDPR rules we have a duty to tell you how we store the information we collect and how it is used. If you have opted into to our newsletter, we have stored your first name, second name and your email address through a double opt-in process.
If you opt in to our newsletter, we have stored your first name, second name and your email address through a double opt-in process to send you quarterly emails about news, offers, recipes and seasonal products in the shop.
If you opt in to our Reward Card program, we have stored your first name, second name, email, address and postcode through a double opt-in process. We use this information to send you news, offers and discounts relating to our products and reward program.
If you have contacted us via the online contact form, the information collected is used in response to your query only and isn't stored for marketing purposes. We periodically delete these massages from our systems once the query has been resolved.
Any information you do submit will be stored securely and will never be passed on or sold to any third party or used for anything other than sending you our emails. This database is maintained by our data protection officer and kept secure.
Cookies and website analysis
When users enter The Smiddy website their computers will automatically be issued with 'cookies'. Cookies are text files which identify users' computers to The Smiddy server. The website then creates "session" cookies to store some of the preferences of users moving around the website. Cookies in themselves do not identify individual users but identify only the computer used and they are deleted on departure from the website.
We will strive to make sure we are GDPR compliant and protect our customers data. In the unlikely event of a data breach, we will do our upmost to address the issue and inform you and the ICO but we cannot give guarantees for third parties systems like MailChimp, Facebook or Google.