Privacy Policy
Last updated: 14/09/24
​
At Thornit (www.thornit.co.uk), we are committed to protecting and respecting your privacy. This Privacy Policy outlines how we collect, use, and protect your personal information when you interact with us via our website or purchase our products. By using our website, you agree to the terms of this policy.
​
1. Information We Collect
We may collect and process the following personal data:
1.1. Information You Provide
-
Contact Details: Your name, email address, postal address, and phone number when you place an order or subscribe to our mailing list.
-
Payment Information: Payment details (such as credit/debit card information) provided during a transaction. Payment processing is handled by third-party providers, and we do not store your card details on our servers.
-
Account Information: When you create an account, we may collect your username, password, and other relevant registration details.
1.2. Information We Collect Automatically
-
Usage Data: We automatically collect information such as your IP address, browser type, device information, and your activity on our website (e.g., pages viewed and time spent).
-
Cookies and Tracking Technologies: We use cookies to enhance your experience, analyse site traffic, and personalise content. For more details, please see our Cookie Policy.
1.3. Information from Third Parties
If you interact with us via third-party platforms (e.g., social media, payment processors), we may collect information from these sources based on your consent and their privacy policies.
2. How We Use Your Information
We use your personal data for the following purposes:
-
To Process Orders: This includes using your contact and payment information to process, fulfil, and ship your order, and provide customer support.
-
To Improve Our Website: We use usage data to optimise our website’s performance, security, and user experience.
-
To Communicate with You: We may send transactional emails (order confirmations, delivery updates) and marketing emails (offers, new product updates), where you have consented.
-
Legal Compliance: We use your data to comply with legal obligations, such as record-keeping and responding to lawful requests.
3. How We Share Your Information
We do not sell or rent your personal data to third parties. We may share your data in the following circumstances:
3.1. Service Providers
We work with third-party service providers to facilitate the operation of our website and business. These may include:
-
Payment providers: For secure payment processing.
-
Delivery services: To ship your orders.
-
IT providers: For website hosting and maintenance.
3.2. Legal Obligations
We may disclose your information if required to do so by law, or to enforce our legal rights (e.g., responding to a court order or regulatory request).
3.3. Business Transfers
In the event of a merger, sale, or other business transfer, your data may be transferred as part of the business assets.
4. Your Rights
Under the UK General Data Protection Regulation (UK GDPR) and Data Protection Act 2018, you have the following rights regarding your personal data:
-
Right to Access: You have the right to request access to the personal data we hold about you.
-
Right to Rectification: You can request correction of any inaccurate or incomplete personal data.
-
Right to Erasure: You have the right to request that we delete your personal data, subject to certain legal or contractual obligations.
-
Right to Restrict Processing: In certain circumstances, you can request that we limit the processing of your personal data.
-
Right to Data Portability: You have the right to request a copy of your data in a structured, commonly used format.
-
Right to Object: You can object to the processing of your personal data for marketing purposes.
To exercise any of these rights, please contact us at [Insert email address]. We will respond to your request within one month, in accordance with applicable law.
5. Security of Your Data
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or alteration. However, please be aware that no internet-based platform is 100% secure, and we cannot guarantee the absolute security of your data.
6. Data Retention
We retain your personal data only for as long as necessary to fulfil the purposes outlined in this Privacy Policy or to comply with legal obligations. Once the retention period expires, we will securely delete or anonymise your data.
​
7. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance your browsing experience and monitor website performance. Cookies are small text files stored on your device that help us remember your preferences and improve functionality.
You can manage or disable cookies via your browser settings. However, please note that disabling cookies may affect your ability to use certain features of our website.
For more detailed information, please see our Cookie Policy.
​
8. Children's Privacy
Our website is not intended for children under the age of 16. We do not knowingly collect personal data from children. If you believe we may have inadvertently collected data from a child, please contact us immediately at thornituk@gmail.com, and we will take steps to delete the information.
9. International Data Transfers
If we transfer your personal data outside the UK or European Economic Area (EEA), we will ensure that appropriate safeguards are in place to protect your data, in accordance with UK GDPR requirements.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Any changes will be posted on this page, and the "Last updated" date will be revised accordingly. Your continued use of our website after any updates signifies your acceptance of the new terms.
11. Contact Us
If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us at:
-
Email: thornituk@gmail.com
-
Phone: 07701097071
-
Address: Daleiden House Annexe, Lower Village, Blunsdon, SN26 7BJ
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK’s data protection regulator, if you believe we have not complied with applicable data protection laws.