Privacy Policy

IMPORTANT INFORMATION

This Privacy Notice aims to give you information on how we collect and process your personal data using this website, including any data you may provide through this website when you purchase a product or otherwise interact with us.

This website is not intended for children and we do not knowingly collect data relating to children.

It is important that you read this Privacy Notice together with any other Privacy Notice or Fair Processing Notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are truly aware of how and why we are using your data. This Privacy Notice supplements the other notices and is not intended to override them.

WHO WE ARE

SM Group (Europe) Ltd is a company registered in England and Wales (company number 01306320, VAT number: GB 291 4596 30) with a registered office at Mercator House, 22 Brest Road, Plymouth PL6 5XP. (referred to as “SMG”, “us”, “our” or “we” in this statement).

When you use our services, you’ll share some information with us. We want to be upfront about the information we collect, how we use it, who we share it with and the choices we give you to control, access and update your information. For the purposes of data protection legislation, we are the data controller of your personal data

If you have any comments, questions or requests regarding this privacy policy please address to Privacy, SM Group (Europe) Ltd, Mercator House, 22 Brest Road, Plymouth PL6 5XP or email us at: [email protected]

THE PERSONAL INFORMATION WE COLLECT AND USE

Information collected by us

If you have registered with us, or ordered items from us, we will have your email address, telephone number, postal address and the method you chose to make your purchase with. We also collect information about how you use our services, such as the types of content you view or engage with or the frequency and duration of your activities.

In addition, our servers, logs, and other technologies automatically collect certain information (see below) to help us administer, protect, and improve our services; analyse usage; and improve users’ experience. We share personal information with others only as described in this policy, or when we believe that the law permits or requires it.

Information we collect automatically

Cookies: We may use cookies and other technologies such as web beacons, web storage and unique advertising identifiers to collect information about your activity, browser and device. This data helps us to build a profile of our users. Some of this data will be aggregated or statistical, which means that we will not be able to identify you individually. If you prefer, you can remove or reject browser cookies through the settings on your browser or device. However, rejecting or removing cookies could affect the availability and functionality of our services.

Device information: We may also collect information about your device each time you use a site. If you have an account with us, we may collect information from or about the computers, phones or other devices where you log into our services. We may associate the information we collect from your different devices, which helps us provide consistent services across your devices. Here are some examples of the device information that we collect:

  • Attributes such as the operating system and hardware version.
  • Browser type and IP address

Log information: We also collect log information when you use our website. That information includes, among other things:

  • Details about how you’ve engaged with us.
  • Device information, such as web browser type and language.
  • Access times.
  • Pages viewed.
  • IP address.
  • Identifiers associated with cookies or other technologies that may uniquely identify your device or browser.
  • Pages you visit before or after navigating to our website.

How we use your personal information

Marketing

We would like to send you information by post, email, telephone or text message (SMS) about our products and services, events, competitions and special offers which may be of interest to you.  We will only ask whether you would like us to send you marketing messages when you tick the relevant boxes when you submit your contact details to us or update your data preferences. If you have consented to receive such marketing from us you can opt out at any time by clicking on the link in every email or updating your preferences.

We use your information in several different ways and the table below sets this out in detail, showing what we do, and why we do it.

Category of personal data Purpose for processing Legal basis under the GDPR
Name and contact details Deliver your purchase to you Performance of a contract
Send you service messages by email or text, such as order updates Performance of a contract
Send you information by email or post about our new products or services Consent
Fraud prevention and detection Legal obligation
Showing you SMG adverts as you browse the web Consent
Payment information - We do not store this information, see below Take payment and give refunds Performance of a contract
  Fraud prevention and detection Legal obligation
Contact history with SMG e.g. over the phone, email, support tickets, or on social media Provide customer service and support Performance of a contract
  Train our staff  Legitimate interests
Information about your phone or laptop, and how you use our website Improve our website and set default options for you (such as language and currency) Legitimate interests
  Fraud prevention and detection Legal obligation
Purchase history and operating device model Provide customer service and support Performance of a contract

 

Payment information
We operate a secure site for card payments. Card payments are processed via third-party payment providers who undertake card security validation checks and authorisation from the card issuer. If you select at checkout, the payment provider will also store your credit card details securely for faster checkout on future orders. We do not receive or store your card details at any time whilst using this site.

Who we share your personal information with

We share your data with the following categories of companies as an essential part of being able to provide our services to you:

  • Companies that get your order to you, such as payment service providers, warehouses, order packers, and delivery companies
  • Professional service providers, such as marketing agencies, advertising partners and website hosts who help us run our business
  • Credit reference agencies, law enforcement and fraud prevention agencies, so we can help tackle fraud
  • Companies approved by you, such as social media sites

Some of those third-party recipients may be based outside the European Economic Area — for further information including how we safeguard your personal data when this occurs, see ‘Transfer of your information out of the EEA’.

We will not share your personal information with any other third party.

How long your personal information will be kept

We will hold on to your information for as long as you have your account, or as long as is needed to be able to provide the services to you, or (in the case of any contact you may have with our Customer Care team) for as long as is necessary to provide support-related reporting and trend analysis only.

If reasonably necessary or required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions, we may also keep hold of some of your information as required, even after you have closed your account or it is no longer needed to provide the services to you.

TRANSFER OF YOUR INFORMATION OUT OF THE EEA

Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is attached to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
  • Where we use certain service providers, we may use specific countries approved by the European Commission which give personal data the same protection it has in Europe.
  • Where we use service providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between Europe and the US.

CONTROL OVER YOUR INFORMATION

Under the General Data Protection Regulation, you have several important rights available to you for free. In summary, those include rights to:

  • be informed about how your personal information is being used (hopefully this privacy policy explains it all)
  • Access the personal information we hold about you
  • Request that we transfer elements of your data to another service provider
  • Request us to correct any mistakes in your information which we hold
  • Request the erasure of personal information concerning you in certain situations
  • Receive the personal information concerning you which you have provided to us, in a structured format
  • Stop any direct marketing
  • Object to processing of your personal data

For further information on each of these rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.

If you would like to exercise any of these rights, please:

  • email, call or write to us at Privacy, SMG Group (Europe) Ltd, Mercator House, 22 Brest Road, Plymouth PL6 5XP or email [email protected], or call 01752 241000
  • let us have enough information to identify you;
  • let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and
  • let us know the information to which your request relates

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made many requests. In this case, we will notify you and keep you updated.

KEEPING YOUR PERSONAL INFORMATION SECURE

We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.

HOW TO COMPLAIN

We hope that we can resolve any query or concern you raise about our use of your information. If you are not happy with how we manage your personal data, you have the right to lodge a complaint with a supervisory authority. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/.

CHANGES TO THIS PRIVACY NOTICE

This privacy notice was published on 08/05/2018 and last updated on 22/05/2018.

Any changes we make to this notice will be posted on this page.

HOW TO CONTACT US

If you wish to contact us please send an email to [email protected] or write to Privacy, SMG Group (Europe) Ltd, Mercator House, 22 Brest Road, Plymouth PL6 5XP or call 01752 241000

GLOSSARY

Lawful Basis

Legitimate Interest means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).

Performance of Contract means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.

Comply with a legal or regulatory obligation means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.