Please read the following privacy notice carefully.
This notice (together with our terms of website use) sets out the basis on which any personal data we collect from you (our customers, potential customers and contacts and users of our website) will be processed by us and how we comply with our responsibilities under applicable data protection legislation.
For the purpose of applicable data protection legislation The Leith Silver Company Ltd is the data controller.
Please contact us at:
The Leith Silver Company Ltd
Muir of Ord
Phone: 01463 871707 or 07850658921
Categories of personal data we may collect and process
We may collect, use, store and transfer different kinds of personal data about you. This could include the following types of information:
Identity data which includes: first name; surname; maiden name*; marital status*; title*; username or similar identifier.
Contact data which includes a billing address, delivery address, email address and telephone numbers.
Financial data which includes bank account and payment card details.
Transaction data which includes details about payments to and from you and other details of products and services you have purchased from us.
Technical data which may include internet protocol (IP) address, operating system, browser type and version, time zone setting and location, browser plug-in types and versions, platform and other technology on the devices you use to access our website.
Usage data includes information about how you use our website, products and services, and jewellery sizes (where you have given them to us).
Marketing and communications data includes your preferences and consent in receiving marketing from us and your communication preferences.
How do we collect personal data about you?
Directly from you when you provide it to us:
through our website at leithsilver.com or any other website we operate
through social media channels
Indirectly, from third parties including for example:
credit reference agencies
How we use your personal data
We use personal data held about you in the following ways:
To register you as a customer.
To administer and manage our relationship with you.
To fulfil orders you have placed with us.
To obtain payment for goods and services purchased from us
To provide you with the information, products and services that you request from us.
To provide you with information about the products and services we offer where we think this may be of interest to you and to notify you of any changes to our services.
To administer our sites and to ensure that content from our sites is presented in the most effective manner for you and for your computer.
Legal basis for processing your personal data
We will only use your personal data as the law permits. By law, we are required to tell you the legal bases upon which we rely in processing your personal data. The legal bases we principally rely upon are these:-
It is necessary for the performance of a contract between us for the provision of goods or in order to take steps at your request prior to entering into such a contract.
It is necessary for the purposes of the legitimate interests of pursuing and developing our business, where such interests are not overridden by your rights or interests.
We may also rely upon the following legal bases for processing:-
You have given your consent to the processing.
It is necessary for us to comply with a legal obligation on us.
Where we rely on consent to process your personal data, you may withdraw that consent at any time by contacting us using our contact details or by emailing us at email@example.com
Sending marketing material to you
We will only send marketing communications to individuals where you have given your consent. We obtain consent by you signing up to our e-newsletter.
Please note, you can ask us to stop sending you marketing communications at any time by emailing firstname.lastname@example.org or using our contact details.
How do we store and protect your personal data?
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We limit access to your personal data to those employees, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. The Leith Silver Company is designated as the data controller in respect of your personal data.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Sharing your personal data
We do not share the personal data we hold about you with any third party, except that we may disclose some data, where appropriate, as follows:-
to third parties who provide services to us;
to credit reference agencies and debt collection agencies ;
to professional advisers including lawyers, bankers, auditors and insurers;
to HM Revenue & Customs, regulators and other authorities who require it
as required by law (which may include disclosing for anti-money laundering reporting purposes and/or exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction).
in the event that we sell any business or assets, we may disclose personal data we hold about you to the prospective or actual buyer.
Please note that we do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
How long do we keep your personal data for?
We will only retain your personal data for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.
We have developed a retention policy which sets out our policy on retention of the different types of personal data we hold. The sections of this relating to your personal data can be made available on request.
In some circumstances you can ask us to delete your personal data: see under Your data protection rights for further information.
We will take all reasonable steps to destroy, or erase from our systems, all the personal data we hold about you when it is no longer required.
Your data protection rights
Under data protection legislation, you have rights including:
Your right of access - You have the right to ask us for copies of your personal data and to check that we are processing it lawfully. This is known as a [Data] Subject Access Request.
Your right to rectification - You have the right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete data you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal data in certain circumstances. This is not an absolute right; we may be obliged to retain some personal data by law.
Your right to withdraw consent – You have the right to withdraw consent at any time, where we are relying on consent to process your personal data.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal data in certain circumstances.
Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstances.
Your right to data portability - You have the right to ask that we transfer personal data you gave us to another organisation, or to you, in certain circumstances.
You are not normally required to pay any charge for exercising your rights, however, if your request if unfounded, repetitive or excessive, we may charge a fee. We may also refuse to comply with your request.
If you make a request, we have one month to respond to you. If it is likely to take longer, we will inform you immediately.
Please contact us or email email@example.com if you wish to make a request.
Failure to provide your personal data when requested
Where we need to check or collect your personal data by law (for example, under the Money Laundering regulations) or under the terms of a contract we have with you (for example, to provide you with products you have ordered, or to take payment for those items), and you fail to provide that data when requested, we may not be able to perform or fulfil the contract.
Changes to our privacy notice
We may need to make changes to this Privacy Notice from time to time to take account of changes in law or the needs of our business. Please refer back to this page regularly to see any changes or updates to this Notice.
If you have any concerns, or wish to complain, about the way in which we collect and process your personal data please contact us using our contact details set out above.
If you are not satisfied with our response to any queries or complaints you raise with us or believe we are not processing your personal data in accordance with applicable data protection legislation, you have the right to lodge a complaint at the Information Commissioner’s Office (ICO) (https://ico.org.uk/).