It applies to our website, www.arch2order.com (our Sites). It also applies if the site is accessed by any other means. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
WHO WE ARE
We are Arch Order Ltd., an English company (Co. No. 12756951) with a registered office at 5 Merchant Square, London, W2 1AY, United Kingdom (“we”, “us”, “our”). We are the data controller in relation to the personal data you provide to us, so we determine the purposes and the manner in which your data is processed.
We will use the following terms in this policy to cover the different categories of individuals who interact with our Sites and use our services or products:
Business Contact: means an individual employee, consultant or agent of an entity that we sell products to;
Consumer: means an individual customer we sell to via our Sites;
User: means any person accessing any of our Sites.
HOW WE COLLECT PERSONAL DATA
There are a number of ways we can collect data from and about you, such as:
Direct interactions. You may give us personal data by filling in forms or corresponding with us via email, phone, post or in person. This includes when you create an account with us and request marketing communications to be sent to you.
Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources (e.g. analytics providers like Google).
INFORMATION WE MAY COLLECT FROM YOU
Personal data or personal information means any information about an individual from which that person can be identified. We may collect, use, store and transfer different kinds of personal data about you, such as:
Account Data. When you set up an account with us, the information you provide may include your name, address, e-mail address and phone number.
Correspondence Data. If you contact us, we may keep a record of such correspondence.
Marketing Data. If you agree to receive updates about us, new products or other changes, we may use your name and email address to keep you informed.
Payment Data. If you are an existing customer, we will ask you if you would like us to store your payment card information to speed up the transaction process.
Technical Data. When you visit our Sites, we automatically collect some technical information about your visit, such as the IP address used to connect your computer to the internet, browser types and version, and operating system.
Transaction Data. This is the data that we have relating to purchases by Customers who use our Sites.
Visitor Data. This is the information that we collect about your visit, such as data and time, products you viewed or searched for, page response times, and page interactions.
We may also collect, use and share aggregated, anonymised data, derived from your personal data in order to improve our services to you.
If we need to collect personal data by law or in order to provide you with services, and you do not provide the data request, then we may not be able to perform the services for you. It is important that any data we hold about you is accurate. Please keep us informed if this information changes during your relationship with us.
What are cookies?
A cookie is a text file containing a small amount of information that is sent to your browser when you visit a website. The cookie is then sent back to the originating website on each subsequent visit, or to another website that recognises it. Cookies are an extremely useful technology and do lots of different jobs.
A Web beacon is an often-transparent graphic image, usually no larger than 1 pixel x 1 pixel, that is placed on a website or in an email that is used to monitor the behaviour of the user visiting the website or sending the email. It is often used in combination with cookies.
What cookies do we use?
We have listed below all the cookies that we use. These fall into the following categories:
Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to login to secure areas of our Sites.
Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our Sites when they are using them. This helps us to improve the way our Sites work, for example, by ensuring that users are finding what they are looking for easily.
Functionality cookies. These are used to recognise you when you return to our Sites. This enables us to personalise our content for you, greet you by name and remember your preferences.
Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our Sites and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
You can find more information about the individual cookies we use and the purposes for which we use them in the table below:
Third party cookies
|We use Google Ads to deliver targeted advertisements to individuals who visit our websites.||https://policies.google.com/privacy|
|Google Analytics||We use Google Analytics to help measure how users interact with our websites.||https://policies.google.com/privacy|
|Hubspot||We use Hubspot as our CRM||https://legal.hubspot.com/cookie-policy|
|Facebook Custom Audiences||We use Facebook Custom Audiences to deliver targeted advertisements to individuals who visit our websites.||https://www.facebook.com/policy.php|
Important information about cookies
You block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our Sites.
USES MADE OF THE INFORMATION
We will only use your information when the law allows us to, and typically in the following circumstances:
Where we need to perform the contract with you (such as when you purchase something from us)
Where it is necessary for our legitimate interests (or those of a third party), and your interests and fundamental rights do not override those interests.
Where we have your prior consent to use your personal data (such as if you have consented to receive product updates or marketing)
Where we need to comply with a legal obligation.
|Purpose/Activity||Type of Data||Lawful Basis|
|To administer our website and for internal operations||Technical Data
|Legitimate interests (to run our business and improve our Sites)|
|To improve our Site and products||Correspondence Data
|Legitimate interests (to improve customer experiences)|
|To respond to your enquiries||Contact Data||Consent (as you are requesting us to respond to you) and Legitimate Interests|
|To send you marketing emails||Marketing Data||Consent|
|To liaise with you if you are a Business Contact||Contact Data||Legitimate interests (to grow our business)|
|For audit, record keeping and management purposes||Transaction Data||Legitimate Interests (to run our business in a professional manner)|
DISCLOSURE OF YOUR INFORMATION
We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries.
We may also share your information with selected third parties including:
- Business partners, suppliers and subcontractors for the performance of any contract we enter into with you.
- Analytics and search engine providers that assist us in the improvement and optimisation of our site.
- Professional advisers, including lawyers, auditors and insurers.
We may disclose your personal information to third parties:
in the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets
if Arch Order Ltd or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets
We require all third parties to respect the security of your personal data and treat it in accordance with applicable law. We do not allow our third-party service providers to use your data for their own purposes, and they can only process your personal data for specific purposes and in accordance with our instructions.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data or at any time by contacting us at firstname.lastname@example.org.
In general, the third party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
However, certain third party service providers, such as payment gateways and other payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions. For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
Remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. As an example, if you are located in the UK and your transaction is processed by a payment gateway located in the United States, then your personal information used in completing that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
If you live in a jurisdiction outside the United Kingdom, you may have additional rights regarding the collection and sale of your personal information.
We will ensure a similar degree of protection to your data when we must transfer it outside the United Kingdom or EEA with at least one of the following safeguards:
The country has been deemed to have an adequate level of protection for personal data by the European Commission.
If we use certain service providers based outside the EEA, we may use specific contracts approved by the European Commission which gives personal data the same protection it has in the U.K or EEA.
In any other case, we will obtain your explicit consent before any transfer occurs.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
To protect your personal information, we take reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed.
Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. We have put in place procedures to deal with any suspected personal data breach, and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes that we collected it for, including for any legal, regulatory or other reporting requirements. If we believe there is a prospect of litigation regarding our relationship with you, we may also retain your data for a longer time period.
In order to determine what is an appropriate retention period for your personal data, we will consider the amount, nature and sensitivity of the data we hold, the potential risk of harm from a breach of the data, the reason we process your data and if we can achieve those purposes through other means, and other legal, regulatory or tax requirements.
YOUR LEGAL RIGHTS
You have the right to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
You may also request correction of the data we hold about it if it is incomplete or inaccurate.
You can request that we delete or remove your personal data where there is no good reason for us to continue to process it (subject to any specific legal reasons otherwise, which we will inform you of at the time of your request).
You may object to the processing of your personal data if we are relying on a legitimate interest if you feel it impacts your fundamental rights and freedoms.
You may ask us to suspend or restrict the processing of your personal data if you want us to establish its accuracy, our use of such data is unlawful but you do not want us to erase it, where you need us to hold the data even if we no longer require it for purposes of you establishing, exercising or defending legal claims, or you have objected but we need to verify if we have legitimate grounds to use it.
You can request that we transfer your personal data to you or a third party in a structured, commonly used, machine readable format (where we used the information we have to perform services for you).
You may also withdraw consent at any time where we are relying on your consent to process data.
You will always have the right to lodge a complaint with a supervisory body. In the UK, this is the Information Commissioner’s office. If you do have a complaint, we would appreciate the opportunity to address your concerns before you approach the ICO, so please contact us in the first instance where possible.