Who we are
Our website address is: https://www.seaspringseeds.co.uk
The Sea Spring Seeds website is operated by Sea Spring Farm.
To contact us please email firstname.lastname@example.org or write to us at:
Sea Spring Farm, West Bexington, Dorchester, Dorset, DT2 9DD United Kingdom
What personal data we collect and why we collect it
We will collect and use your personal data (this means any information which identifies you, or which can be identified as relating to you personally, such as your name, address, phone number or email address). We’ll only collect the personal data we need to fulfil your order.
We collect personal data when you visit the Sea Spring Seeds website, place an order or contact us via email or any other channel.
Personal data may also include personal account preferences; transactional data, such as purchase information; and technical data, such as information about cookies. Personal data is also generated from technical processes such as contact forms, comments, cookies and Google Analytics.
Transactional data is also collected by PayPal or NoChex for the purposes of collecting payment and completing your order.
Through our contact form we capture name, email and your message. Messages are kept for six months but we do not use the information submitted through them for marketing purposes.
If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
We use Google Analytics to monitor and record visits to this website. This anonymous data helps us understand how people use our website and where they came from eg. a search engine or another website. You can read Google Analytics privacy policies here … https://support.google.com/analytics/answer/6004245
Who we share your data with
We will not sell or share your personal information to a third party for marketing or promotional purposes.
We may share your data with trusted 3rd party companies where this is necessary or beneficial in order to provide you with services. We will only provide the information required in order for companies to perform their specific services. These companies include:
- Payment gateway providers (PayPal/NoChex) who process payments for orders on our behalf.
- Royal Mail who deliver orders for us.
- Analytics providers (Google Analytics), in order to see how users interact with our website and ensure we’re bringing you the best possible experience.
We may share information about fraudulent or potentially fraudulent activity where this is required – for example, sharing data about individuals with law enforcement bodies.
How long we retain your data
We won’t keep your data any longer than is necessary. If you’ve given us any personal information, we’ll retain this for as long as we need it to continue providing you with a service or complete your order, or as required for our record keeping and accounts.
Web usage information (sent to Google Analytics to analyse traffic and user behaviour) is retained for a period of 26 months, and may include data like IP address, geographical information, browser usage and operating system. Any personal data older than this is automatically deleted/anonymised.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
Where we send your data
Your data may be transferred to 3rd party data processors outside the EEA (European Economic Area). If we do this, we ensure data is granted the same protection that it would if it were processed within the EEA, and that any 3rd party data processors are fully GDPR compliant.
Visitor comments may be checked through an automated spam detection service.
How we protect your data
We treat information security as a matter of utmost importance, and it’s vital to us that your data is properly taken care of. All payments are taken via secure connections, using trusted 3rd party payment providers who conform to all necessary PCI and DSS security standards, and no payment details are retained or held by us. Payment information is taken securely over a ‘https’ secure connection, and access to any of your personal data is password protected and restricted solely to individuals who require it. Our website is hosted on servers using security and encryption best practices, with restricted access.
We accept card payments through PayPal or NoChex. When processing payments, some of your data will be passed to PayPal or NoChex, including information required to process or support the payment, such as the purchase total and billing information.
You have many rights pertaining to your personal data and how we use it, including:
- The right to access to the personal data we hold about you
- The right to access information about how your personal data is used
- The right to request correction of inaccurate, out of date or incomplete information
- The right to request deletion of your data, or that we stop processing or collecting it
- The right to opt-out of marketing messages if you withdraw consent
- The right to request transfer of your personal data to another service provider
- The right to submit a complaint to the ICO (Information Commissioner’s Office)
If you want to exercise any of these rights, please contact us.