Privacy & Security
Updated GDPR 2nd May 2018
Dragons fully respect your right to privacy with regard to the information you supply to us as a result of visiting this website or one of our stores. We take your privacy seriously and will only use our information to administer your account and provide products and services you have requested from us.
In order for you to make an informed decision about using this site or purchasing from Dragons, we recommend you read this policy, which outlines our practices regarding any information we obtain about users of the Dragons of Walton Street website.
Contact details and financial information
In the course of doing business with us we will collect the following information: Your name and any other related names you provide in the course of the transaction, postal address, delivery address, email address(es), telephone number(s) and bank / credit card details.
Information collected from this website and how it is used
The information you provide enables Dragons and its agents and data processors (see below) to complete transactions you request through the Dragons of Walton Street website or in store. Dragons store physical credit card details and transaction amounts from telephone and in store orders for 6 years in accordance with UK record keeping rules. After this date all records are destroyed. Electronic storage of credit and debit card details are stored indefinitely online to be used for future online transactions.
When you register with Dragons, we will require your email address. Dragons may also use the contact details supplied by you for marketing purposes, such as mailshots and email updates but only with your permission. Dragons and/or its agents do not sell or rent information about its customers to third parties.
We may also profile your web activity so that we can gain a better understanding of our users. This could include, for instance, compiling lists of the most popular search terms, based on individual searches. This will help us to continually improve our service and may also be used for marketing purposes.
Agents
| Data Processor | What data do they receive? | What do they do with it? |
| Capsule CRM | Names, postal and delivery addresses, email, telephone, fax numbers, historical financial transactions, any other information you give to us | Capsule store this information for us to use for future transactions or to contact you about our products and services. On the basis that you do not request to be forgotten, we will store this data indefinitely for the above purposes. |
| Kashflow | Names, postal and delivery addresses, email, telephone, fax numbers, historical financial transactions, any other information you give to us | Kashflow store this information for us to use for future transactions or to contact you about our products and services. On the basis that you do not request to be forgotten, we will store this data indefinitely for the above purposes. |
| Mailchimp | Names , company names and email addresses | Mailchimp store this information for us to contact you about our products and services. On the basis that you do not request to be forgotten, we will store this data indefinitely for the above purposes. If you unsubscribe from a mailing list your details will be removed from the associated mailing list. |
| Teamgaant | Names, postal and delivery addresses, email, telephone, fax numbers, historical financial transactions, any other information you give to us | Teamgaant store this information for us to use for internal project management and to aid us in future transactions with you specifically. On the basis that you do not request to be forgotten, we will store this data indefinitely for the above purposes. |
| Google Suite | Names, postal and delivery addresses, email, telephone, fax numbers, historical financial transactions, any other information you give to us | Google Suite (Google Drive and Gmail and Google Calander) store this information for us to use for future transactions or to contact you about our products and services. On the basis that you do not request to be forgotten, we will store this data indefinitely for the above purposes. |
| Tawk | Names, company name(s), email addresses and telephone numbers | Tawk is a live messaging service which we use to chat to clients who have questions they wish to ask us whilst browsing. Tawk store this information for us to use to contact you about our products and services. On the basis that you do not request to be forgotten, we will store this data indefinitely for the above purposes. |
| Shopify | Names, postal and delivery addresses, email, telephone numbers, historical financial transactions, credit/debit card details and any other information you give to us | Shopify store this information for us to use for future transactions or to contact you about our products and services. On the basis that you do not request to be forgotten, we will store this data indefinitely for the above purposes. |
Cookies
The Dragons of Walton Street website uses cookies to keep track of your orders. A cookie is a small piece of text data, which is placed on your hard drive by our web server. This enables us to recognise your registration details automatically and serves to make your browsing experience more comfortable. The cookie received by your computer is unique to you and can only be read by the originating web server. We do not use cookies to examine your surfing behaviour before or after leaving the Dragons of Walton Street website. In order to access your account on the Dragons of Walton Street website, you will need to use a browser that accepts cookies (please ensure that this feature is enabled).
Security
The Dragons of Walton Street website includes security features which are designed to protect the accuracy and confidentiality of the information under our control. This includes encrypting all payment information using Secure Socket Layer (SSL) technology. Your username and password will remain confidential to you and the system administrators. This information is kept in a separate secure database and is not accessible via the Internet. We undertake a regular review of security measures, in order that our website remains safe for your privacy and protection.
Data Breaches
The General Data Protection Regulation 2018 (GDPR) mandates Dragons to report certain types of personal data breach to The ICO (Information Commissioners Office). We will do this within 72 hours of becoming aware of the breach.
If the breach is likely to result in a high risk of adversely affecting an individuals’ rights and freedoms, we will inform those individuals without undue delay.
Right to Be Forgotten
If you request to be forgotten The Dragons GDPR Officer will remove your personal details from Dragons and any data processors within 72 hours of the request, with the exception of any financial information that we are required by law to keep for a period of 6 years. Dragons will retain the necessary information for these records and after a period of 6 years (i.e. the end of the financial year that transaction was a part of) remove all personal data relating to it from our systems and third party data processors.
The Data Protection Act 1998
Dragons complies with the Data Protection Act 1998. As stated above, any information that you supply to Dragons via the website or in store will be used only for our administrative, marketing and accounts/record-keeping purposes. We update our database records on a regular basis and are committed to keeping all client information confidential, current and accurate.
Payment Security
We use Secure Hosting for all credit card transactions. Secure Hosting offers peace of mind by providing protection from misuse of your credit card or other details related to your purchases from us, and it provides both you and us with protection from fraudulent use of your cards. As soon as any customer begins the order process, all of the information that is transferred is encrypted using SSL encryption. Even if this data could be intercepted over the Internet it would be useless, due to the encryption.