Please find an explanation of how we use your data in accordance with the General Data Protection Regulations (GDPR).
Our lawful basis for storing your personal data is contractual. We process personal data to enable us to sell our goods, and to maintain our own accounts and records. The personal data we store is provided voluntarily when you place an order on our website, this comprises:
- Your full name
- Your address
- Your telephone number
- Your email address
We store the above data on our SAGE accounting system and records for up to 6 years to comply with HMRC tax regulations.
We sometimes share your data with suppliers and couriers but only for the purpose of delivering goods.
If you place an order by telephone with a credit or debit card, we share your data including your card details with Paypal for processing your payment. Our procedure for processing/transmitting cardholder data is PCI DSS compliant. We DO NOT store your credit card data, it is destroyed as soon as the payment has been processed.
We do not use your data for marketing or direct mail
We do not share, sell or lease your data to third party marketing companies.
We take security seriously: Our website is secured by an SSL certificate and we are PCI DSS Compliant via Trustwave (see certificates bottom of page).
You may request details of the personal data that we hold about you. You can request that we erase your data. If you believe the data we hold for you is incorrect, you can ask us to rectify it. Changes will be made within one month. You can contact us by phone on 0115 920 2810 (outside of the UK +44 115 920 2810) or in writing to the address below:
J & J Lewis
Nottingham NG5 4JR