GENERAL DATA PROTECTION REGULATION (2018) AND PRIVACY & ELECTRONIC COMMUNICATIONS REGULATION 2003/2011)
WHO ARE SCOTMART?
Established in 2023, SCOT MART LIMITED is a small, a family-run company committed to preserving the honorable customs of both Scotland and the surrounding nations. With our headquarters in Scotland and an online store there as well, we offer a wide selection of premium goods in every kind and range, with the goal of providing everyone with all they need in one place. We also work hard to guarantee that the majority of our items are manufactured in Scotland. This is done to uphold the highly valued Made in Scotland Ethos, which supports decades of customs and workmanship, as well as to guarantee a standard of excellence in our products. Our commitment to excellence and our solid foundation in the culture and history of Scotland are what motivate us and give our products a genuine feeling of authenticity. You see and sense a link to the spirit and heart of friendly nations as well as Scotland within them.The stunning views that this lovely country has to offer inspire us, and we want to convey that inspiration to our clients. From the chilly peaks of the Highlands to the rugged yet stunning west coast beaches, to the tranquil glens and lochs scattered throughout the nation, including some from Dubai. Our dedication to excellence is demonstrated by the fact that every item in our catalog is handmade in Scotland
For the purpose of this policy “Scot Mart”, “We”, “Us”, “Our”, “Company” or “Group” refer to Scot Mart Limited and any/all of their trading names and/or sub-brands.
OUR DATA COMPLIANCE
We, Scot Mart Limited, as per the EU General Data Protection Regulation (GDPR) 2018 and Privacy & Electronic Communications (EC Directive) Regulations (PECR) 2003/2011 certify, that to the best of our knowledge and understanding of the aforementioned legislation. we have taken the necessary technological and organisational measures for the purpose of Data Compliance, including: data minimisation, de- identification (wherever possible), privacy by design, additional transparency, restricted access, opt-out options and other technical security measures where applicable.
As is our organisational responsibility as a data controller, we have also taken steps to ensure that all relevant data processors are equally GDPR compliant.
Please find below, full details of our GDPR compliant privacy policy and how we will respectfully collect, treat and use your personal data, why we use it, with whom we share it, the rights to which you may be entitled and your choices about our use of your personal information.
COLLECTING PERSONAL INFORMATION
When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support. In this Privacy Policy, we refer to any information that can uniquely identify an individual (including the information below) as “Personal Information”. See the list below for more information about what Personal Information we collect and why.
Device information
- Examples of Personal Information collected: version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the Site.
- Purpose of collection: to load the Site accurately for you, and to perform analytics on Site usage to optimize our Site.
- Source of collection: Collected automatically when you access our Site using cookies, log files, web beacons, tags, or pixels.
- Disclosure for a business purpose: shared with our processor Shopify.
Order information
- Examples of Personal Information collected: name, billing address, shipping address, payment information (including credit card numbers), email address, and phone number.
- Purpose of collection: to provide products or services to you to fulfill our contract, to process your payment information, arrange for shipping, and provide you with invoices and/or order confirmations, communicate with you, screen our orders for potential risk or fraud, and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
- Source of collection: collected from you.
- Disclosure for a business purpose: shared with our processor Shopify.
Customer support information
- Examples of Personal Information collected: name, surname, phone number, email address, address, order number,
- Purpose of collection: to provide customer support.
- Source of collection: collected from you.
MINORS
The Site is not intended for individuals under the age of 18. We do not intentionally collect Personal Information from children. If you are the parent or guardian and believe your child has provided us with Personal Information, please contact us at the address below to request deletion.
HOW WILL WE USE YOUR INFORMATION
We share your Personal Information with service providers to help us provide our services and fulfill our contracts with you, as described above. For example:
- We use Shopify to power our online store. You can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy.
- We may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
BEHAVIOURAL ADVERTISING
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:
- We use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://policies.google.com/privacy?hl=en. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
- We share information about your use of the Site, your purchases, and your interaction with our ads on other websites with our advertising partners. We collect and share some of this information directly with our advertising partners, and in some cases through the use of cookies or other similar technologies (which you may consent to, depending on your location).
WHY WE COLLECT AND HOW LONG WE KEEP YOUR INFORMATION
We collect and use your information for a variety of reasons. We need some information to enter into and perform our contract – for example, your contact and payment details.
Some information processing is required by law due to our anti-fraud screening obligations or in the public interest such as making sure we verify our customers’ identities.
We will keep your information for as long as it is reasonably necessary. It will depend on factors such as whether you have any outstanding purchases or an account with us or have interacted with recent offers or recently stayed with us or hosted an event or wedding with us. We will also routinely refresh our information to ensure we keep it up-to-date.
PROCESSING DATA UNDER LEGITIMATE INTEREST
As a customer or client of Scot Mart Limited, under article 6 – Legitimate Interest, we will use any information provided by you, to us, for the purpose of direct, online and any other relevant marketing activities, however; you may opt-out (unsubscribe) or amend your contact preferences with us at any time, by visiting contact page.
Under Legitimate Interests, we may use your data to contact you regarding similar/related products and services, based on your previous relationship with our company, as set out in ‘How we will use your information’.
LEGAL REQUIREMENTS
We need to collect certain types of information for compliance with legal requirements relating to our obligations as a registered company and limited company.
Your personal information may also be processed if it is necessary on reasonable request by a law enforcement or regulatory authority, body or agency or in the defense of a legal claim. We will not delete personal information if relevant to an investigation or a dispute. It will continue to be stored until those issues are fully resolved.
PROCESSING DATA UNDER OPT-IN CONSENT
If you have previously opted-in or choose to opt-in in the future, the same rights to be forgotten and to amend how you are contacted and the details we hold about you, also apply. In this instance, the information held will be that which was/is entered during the opt-in/subscription process.
Cookies and Tracking
In order to help make your experience on our website as relevant and pleasant as possible, we utilise cookies and tracking tools, such as Google Analytics, to anonymously track your interaction with our websites. This information is then used to help us improve our website, services, products, or for the purpose of benchmarking and user experience. If you would prefer not to be tracked, you can choose to disable cookies in your own web browser. Alternatively, you can access our website through ‘Incognito Mode’ or ‘Private Browsing’; also managed via your own browser settings.
PROFILING AND PSEUDONYMISATION
In order to improve our products and services, we may use your data for the purpose of profiling and/or pseudonymised (anonymous) benchmarking. Profiling allows us to target our marketing initiatives, so that we only send you products, services and information which we think, or you have selected to be relevant or of interest.
Pseudonymisation, such as anonymous data captured via online tracking services, or collated through data analysis, helps us to understand our customer’s journey and other important insights, to ensure that our business meets both our customer expectations and our company goals.
You can opt-out or amend your profiling preferences at any time, here. To be removed from anonymous internal benchmarking, you will need to contact us using our contact details below, however please see the section – Cookies and Tracking for more information regarding removing yourself from online tracking.
THIRD PARTY WEBSITES
While we do not share your data with third-party websites, we do use online email marketing and client relationship management software to power our outward marketing initiatives. These are known as Data Processors. This information is only accessible by qualified Scot Mart Limited employees and is not accessible to any other companies or persons outside of our group. We will never share your personal information with third parties, without your prior, express permission. An example of this would be a competition with a partner company or third party, where you would also be given the explicit option to consent to sharing your personal information, for the purpose of the specified competition, with the named third-party and/or Scot Mart.
CHANGES AND UPDATES TO OUR PRIVACY POLICY
In line with our business and legislative changes, our privacy policy will be updated from time to time, as appropriate. This will always be accessible via our website and a printed copy can be requested at the email or postal address above.
YOUR RIGHTS
You may have certain rights in relation to your information including a right to access or to correct the information we hold on you. We’ve listed the rights you have over your information and how you can use them below.
These rights will only apply in certain circumstances. They will generally not be available if there are outstanding contracts between us, if we are required by law to keep the information or if the information is relevant to a legal dispute.
You can remove consent, where you have provided it, at any time. You can ask us to confirm if we are processing your information. You can ask for access to your information.
You can ask to correct your information if it’s wrong. You can ask us to delete your information.
You have a right to be forgotten and you can ask that our systems stop using your information. You can ask us to restrict how we use your information.
You can ask us to help you move your information to other companies. To help with that, you have a right to ask that we provide your information in an easily readable format to another company.
You can ask us to stop using your personal information, but only in certain cases. You have the right to complain to the relevant supervisory authority.
WHERE YOUR DATA IS STORED?
All data is stored either on our Scot Mart internal servers or on UK-based cloud hosting services. These services are provided by GDPR compliant third-party data processors, with whom GDPR compliant contracts are in place to secure your data. Access to data at Scot Mart is managed and monitored using password protected logins and recorded, authorised access only.
At present, we do not transfer any of our customer data outside of the European Economic Community. Should this change, we will update this policy accordingly and ensure that the correct legislative protections are put in place accordingly.
CONTACT DETAILS
Registered Address: 1/2, Canada Court, 81 Miller Street, G1 1EB..
If you would like to contact us, please submit any request in writing via email to: Syed@scotmart.com or info@thescotmart.com or alternatively by post at above address. If you have any questions or anything in this policy is unclear, please get in touch at Syed@scotmart.com
Whilst we will always aim to reply and action all requests in a timely manner, responses may take up to 21 days.
COMPACT POLICY SUMMARY
The compact policy which corresponds to this policy is:
CP=”NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT”
The following table explains the meaning of each field in the compact policy.
Field | Meaning |
NOI | No identifiable information is collected, so no access is possible. |
CURa | The data is used for completion of the current activity. |
ADMa | The data is used for site administration. |
DEVa | The data is used for research and development. |
TAIa | The data is used for tailoring the site. |
OUR | The data is given to ourselves and our agents |
BUS | Our business practices specify how long the data will be kept. |
IND | The data will be kept indefinitely. |
UNI | Unique identifiers are collected. |
COM | Computer information is collected |
NAV | Navigation and clickstream data is collected |
INT | Interactive data is collected. |
The compact policy is sent by the Web server along with the cookies it describes.
POLICY EVALUATION
Microsoft Internet Explorer 6 has a feature where it evaluates a website’s cookie policy whenever a cookie is used. The actions it takes are based on the privacy level that the user has chosen in their browser settings. These levels can be Low, Medium, Medium High, or High, with Medium being the default setting.
The browser also checks whether the cookie’s policy is satisfactory or not, whether the cookie is a session cookie (expires when the browser is closed) or a persistent cookie (remains after the browser is closed), and whether the cookie is used in a first-party context (set by the website you are visiting) or a third-party context (set by a website other than the one you are visiting). These factors all influence how Internet Explorer 6 handles the cookie.