The Festive Lighting Company Ltd Privacy Notice
The Festive Lighting Company Ltd (“TFLC”) are committed to the protection of your privacy. The information contained in this privacy notice has been published to inform you of the way in which any Personal Data (as defined below) you provide us with, or we collect from you will be used. Please read this information carefully in order to fully understand how we treat such Personal Data.
We will collect, store, use and disclose Personal Data in accordance with all applicable laws relating to the protection of Personal Data, including the EU General Data Protection Regulation 2016/679, the EU ePrivacy Directive 2002/58/EC as amended by Directive 2009/136/EC, as amended, or superseded from time to time, and any national implementing legislation (“Data Protection Laws”).
This privacy notice covers the Personal Data for which we collect and use.
Personal Data we collect from you.
“Personal data” means any information relating to an identified or identifiable natural person. Personal data can be factual (for example, a name, address or date of birth) or it can be an opinion about that person, their actions and behaviour.
We may obtain and use the following Personal Data about you if you use our services:
- Marketing preferences and communications together with your email address, phone number, job title, company name and home address.
- Usage Data including information about how you use our website, products, and services.
- Technical Data including internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Cookies and IP Addresses
“Cookies” are small data files that may be placed on the hard drive of your computer when you visit the TFLC site. Cookies permit us to identify your browser whenever you interact with the TFLC website.
TFLC may obtain information about your computer, which includes your IP address, browser type and operating system where available. This accumulation of data is used to assist system administration.
We may also collect information regarding your browsing activity and interests through use of a cookie file. We use this data to help us improve the experience of users on our website and the Services, and to deliver a more personalised service with more relevant content. The collection of this data allows us to:
- Store data indicative of your preferences, allowing us to adjust our website to appeal to your individual interests; estimate the size and usage patterns of our customer base;
- Identify you upon your to the relevant website; and/or
- Increase the speed of your service and improve the products we offer.
Where We Store Personal Data
There are circumstances in which we may have to transfer your Personal Data out of the European Economic Area (“EEA”) for the purposes of carrying out the Services. Sometimes it is because we are using sub processors based outside the EEA (see below). Where the need for such a transfer arises, we will always ensure that there are appropriate safeguards in place to protect your Personal Data such as:
- the European Commission has issued a decision confirming that the country to which we transfer the Personal Data ensures an adequate level of protection for the data subjects’ rights and freedoms;
- appropriate safeguards are in place such as binding corporate rules (BCR), standard contractual clauses approved by the European Commission, an approved code of conduct or a certification mechanism;
- you have provided explicit consent to the proposed transfer after being informed of any potential risks; or
- the personal data is being transferred to a company in the US which has self-certified its compliance with the EU-US Privacy Shield which has been found by the European Commission to provide an adequate level of protection to the Personal Data of EU citizens.
How We Protect Your Personal Data
We will take reasonable steps to maintain appropriate technical and organisational measures to protect the Personal Data you provide to us against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to your Personal Data.
How We Use Your Personal Data
The Personal Data we hold about you may be used in any of the following ways:
- For research and analytics purposes (for example, to improve the quality of our products).
- To ensure security for you.
- To comply with applicable Laws, court orders, government and law enforcement agencies’ requests.
- To send you further information about our products for which we think you may have an interest. This information will be supplied only where you have given consent.
- To send you further information about our services based on a request we have received from you.
- We aggregate and anonymise your Personal Data and use and share such aggregated and anonymised Personal Data with third parties for statistical purposes and for the purpose of data analytics, product development and to improve our Products and Services.
Our legal basis for collecting and processing your Personal Data for the purposes described above will depend on the Personal Data concerned and the specific context in which we collect it. However, we will normally collect Personal Data from you only where we have your consent to do so or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you.
Disclosure of Your Information
Disclosure of your data to third parties will only occur in any of the following events:
- If we are required to disclose your Personal Data to fulfil any legal obligation, or to protect the property, rights of TFLC, users of our services or others. In such case, information may be exchanged with third party companies or organisations in order to prevent fraud.
Our service providers must follow our express instructions when processing the Personal Data, you provide and must have in place appropriate technical and organisational security measures to safeguard such Personal Data, and we do not allow them to use this information for their own commercial purposes.
Under certain circumstances, and where we act as data controller, by law you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.
- Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no legal basis for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have exercised your right to object to processing (see below).
- Object to processing of your Personal Data. You also have the right to object where we are processing your Personal Data for direct marketing purposes.
- Object to automated decision-making including profiling, that is not to be subject of any automated decision-making by us using your Personal Data or profiling of you.
- Request the restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of Personal Data about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request transfer of your personal information in an electronic and structured form to you or to another party (commonly known as a right to “data portability”). This enables you to take your data from us in an electronically useable format and to be able to transfer your data to another party in an electronically useable format.
Where we rely on consent as our legal basis for processing you may withdraw consent at any time by providing an unambiguous indication of your wishes by which you, by a statement or by a clear affirmative action, signify withdrawal of consent to the processing of personal data relating to you. If you have any queries relating to withdrawing your consent, please contact our Data Protection Officer.
Withdrawal of consent shall be without prejudice to the lawfulness of processing based on consent before its withdrawal. We may at times provide links on our Website to third party websites, including without limitation those owned or managed by our partner networks, affiliates or advertisers. These websites have separate privacy policies, and we therefore cannot accept any responsibility for the content. As such, choosing to follow these links is a choice you make at your own risk, and we advise that you check these websites’ individual privacy policies before submitting any personal data.
You may also lodge a complaint with the UK data protection regulator, the Information Commissioner should you be dissatisfied with the way that we handle your Personal Data.
How Long We Keep Your Personal Data
We will keep your Personal Data for as long as is necessary to achieve the purposes set out above or
until you withdrawn your consent. Personal data acquired with consent for marketing purposes will be kept for a maximum period of two years after a final interaction, unless consent is rescinded or we have been instructed to delete the personal data by you.
If at any time we make a change to this privacy notice, we will update this page to reflect such change. Where we feel it appropriate, we will notify you by email, however we recommend you review this page periodically to ensure you remain happy with the latest version.
Questions, Comments and Getting in Touch