Privacy Policy

Privacy Policy

Last Updated: 17/11/2020

Data Protection Officer: David MacLeod - privacy@stoney-racing.co.uk

We take Privacy concerns very seriously and we are committed to protecting your privacy both online and offline. This policy sets out how and why we use, store and process your data, and who we may pass this data onto in the normal course of managing your account and processing your orders and payments.

We store, process and pass on your data only in accordance with both the UK Data Protection (Charges and Information) Regulations 2018 and the EU General Data Protection Regulation, and we only pass data to third parties that are also compliant with these regulations.

Protecting Personal Data

We take every possible precaution to protect the personal information supplied by you to us when placing an order or opening an account with us. Whichever method you choose to place your order with us all payments and account creation/maintenance forms are encrypted using secure 128bit or better SSL software. This is the industry standard level of security which encrypts all information before it is sent to us to prevent it from being intercepted. We have implemented strict security procedures in relation to the storage and disclosure of the information you provide us, in order to prevent theft of data and unauthorised access to your details.

Cookies

Cookies are small pieces of data that websites store on your computer which enable our website to provide features such as keeping users signed in and storing items in your Shopping Cart for later checkout. Cookies can be turned off in your browser or you can be notified when you receive a cookie so you choose whether to accept it or not. Please contact your browser provider for instructions if you wish to do this. Disabling cookies may prevent you from taking advantage of some features on our site.

Collection and Sharing of Data

We do not transfer your personal data to any third party other than those set out below, and only do so to enable us to manage your account and/or newletter subscription and process and deliver your orders and payments. We will never sell, trade or rent your personal data to any other party. Please note that if you hold an account of your own with one of the parties below you should contact them of refer to their own Privacy Policies linked below to find complete information about how they use and store your data as the information below only refers to how they handle your data in relation to your order(s) with us.

  • BigCommerce Pty. Ltd - Privacy Policy.
    An online store software provider that we use to manage our online shopping cart and newsletter. If you place an order through our website BigCommerce will collect and store your full name, company name (if provided), billing and shipping addresses, telephone number (if provided), email address and IP address for the purposes of processing your order and providing customer service. If you choose to register an account before or during the checkout process then for the purpose of supplying and maintaining that account BigCommerce will collect and store the above information as well as the password you enter during the registration process, which will be encrypted and not accessible by us or BigCommerce staff. If you sign up to our newsletter BigCommerce will collect and store your name and email address for the purpose of distributing the newsletter. BigCommerce does not collect or store payment details, the payment method you choose will determine who collects and processes your payment details.
  • PayPal (Europe) S.à r.l. et Cie, S.C.A. - Privacy Policy.
    An online payment processor that we use to collect payments. If you choose to pay by PayPal your payment details (which may include bank account or debit/credit card details depending on how you choose to fund the payment) as well as your order information such as full name, company name (if provided), billing and shipping addresses, telephone number (if provided), email address and IP address will be collected, processed and stored by PayPal for the purpose of taking payment, and maintaining your PayPal account if you choose to register for one. If you pay with another method none of your information will be shared with PayPal.
  • Squareup International Ltd trading as Square - Privacy Policy.
    An online payment processor that we use to collect payments. If you choose to pay by Credit/debit card your card details will be collected, processed and stored by Squareup International for the purpose of taking payment, providing customer service and maintaining your Square account if you choose to register for one. If you pay with another method none of your information will be shared with Squareup International.
  • Amazon EU S.à.r.l. - Privacy Policy.
    A sales channel and online payment processor that we use to advertise and sell our products, and collect payments. If you choose to pay for an order on our website with Amazon Pay, or you place an order with us through Amazon's own website, your payment details (which may include bank account or debit/credit card details depending on how you choose to fund the payment) along with your order details such as full name, company name (if provided), billing and shipping addresses, telephone number (if provided), email address and IP address will be collected, processed and stored by Amazon for the purpose of taking payment, processing the order, providing customer service and maintaining your Amazon account. If you pay with another method none of your information will be shared with Amazon.
  • eBay Inc. - Privacy Policy.
    A sales channel that we use to advertise and sell our products. If you place an order with us through eBay your order details such as full name, company name (if provided), billing and shipping addresses, telephone number (if provided), email address and IP address will be collected, processed and stored by eBay for the purpose of processing the order, providing customer service and maintaining your eBay account. If you do not order through eBay none of your information will be shared with eBay.
  • Linn Systems Limited - Privacy Policy.
    A multi-channel inventory management software that we use to syncronise our stock and process, manage and book deliveries for our orders. Whether you order on our BigCommerce store or through a sales channel such as eBay or Amazon, the order details and personal information outlined above for that sales channel will be passed to Linn Systems for the purpose of processing your order and booking delivery of your item(s).
  • Royal Mail Group - Privacy Policy.
    A post and parcel carrier. If your order is to be sent by Royal Mail the information required for delivery, such as name, delivery address and telephone number, will be passed to Royal Mail to allow them to complete the delivery. For international deliveries (outside the UK) Royal Mail may use a local carrier in your country for the final delivery in which case they will pass these details on to that carrier in order to complete the delivery. A list of the delivery partners Royal Mail uses for each country is available here with a link to each partners website where you can find their own Privacy Policy.
  • Yodel Delivery Network Limited - Privacy Policy.
    A parcel carrier. If your order is to be sent by Yodel the information required for delivery, such as name, delivery address and telephone number, will be passed to Yodel to allow them to complete the delivery. Yodel use Parcel2go Limited to process orders on their behalf so they may pass this information on to Parcel2go Limited to facilitate the booking, please see Yodel's own Privacy Policy linked above for details.
  • Interparcel Ltd - Privacy Policy.
    A parcel booking website we use to book courier shipments. If your order is to be sent by courier the information required for delivery, such as name, delivery address and telephone number, will be passed to Interparcel to allow them to book the shipment with the relevant courier. Interparcel will then pass these details on to the courier to complete the delivery of your parcel. The courier will be one of DPD (Privacy Policy), Parcelforce (Privacy Policy), TNT (Privacy Policy), Fedex (Privacy Policy) or UPS (Privacy Policy).
  • Xero Limited - Privacy Policy.
    An online accounting system we use to prepare our tax records and accounts. When you place an order with us through any channel some of your order details, including name and address, will be passed to Xero for the purposes of creating invoices and storing them for tax records and aftersales customer services.

These companies are not permitted by us to use this information for any other purposes or send it to any other third party unless you give them permission to do so when you register an account with them, in which case they should make it clear exatly how they will use your data. As a business providing services to the European Economic Area they are also required to process any such data in accordance with the EU General Data Protection Regulation. All of our service providers above are carefully selected and we ensure they have their own privacy policy and security measures in place, available on the links above, before using such services to handle your data.

Transfer of Data Outside the European Economic Area

Some of the third parties that we use outlined above are based outside the European Economic Area so your data may be transferred outside the European Economic Area for the purposes of processing your order and maintaining your account with us. These companies are still required to store and processs your personal data securely and in compliance with the EU General Data Protection Regulation.

Data Breaches & Notification

In the event that a security breach leads to your personal data being unlawfully accessed, disclosed, lost, destroyed or altered, we will contact the individual(s) whose data may be affected and report the indicent to the UK Information Commissioner's Office where required to do so.

Access to Information (Data Subject Access Requests)

You may request details of all the personal information we hold on you, and which of our 3rd Party providers also hold information about you, by e-mailing privacy@stoney-racing.co.uk. Our Data Protection Officer will respond within 14 working days.

For data security purposes we may need to verify you are the subject before we can give out such information.

We do not charge a fee for providing this information, unless the requests are more than once per month in which case a fee of £12 will be charged for each separate request.

Data Portability

You have the right to be provided with the personal data we hold about you in an easily portable format, such as a Comma Separated Values (CSV) file, to aid in the transfer of this data elsewhere.

Data Retention & The Right to be Forgotten

We will not keep data for longer than is necessary, though in some cases data will be kept indefinitely unless we are notified otherwise. For example, if you open an account with us your account details such as name, address, email address, telephone number etc will be stored so that you can use them for future orders, unless you close that account.

We can delete all personal data we hold about you on request at any time, and also provide assitance with having your data deleted by any of the third parties listed above should you need it. Please email us on privacy@stoney-racing.co.uk to request this.

Comments & Concerns

If you have any questions or concerns over our Privacy Policy or your data please don't hesitate to email us - privacy@stoney-racing.co.uk.

If you with to make a complaint or have concerns about our personal data practices that we have not been able to address you can also contact the ICO - https://ico.org.uk/concerns/