WE RESPECT YOUR PRIVACY
We at Worcester Computers respect the privacy of our visitors and are committed to preserving your online safety and privacy at any time you visit or communicate with our site. Worcester Computers are the ‘data controller’ of the personal data that you provide to us.
Please feel free to contact us with queries, requests, or comments you may have about our Privacy Information. We welcome any communication.
You can also contact us at Worcester Computers, 140 Ombersley Road, Worcester, WR3 7JD
This Privacy Information is updated from time to time; therefore, it should be reviewed occasionally. Last update: 12-March-2022
Purposes of Processing
Personal data is collected and processed during the operation of our website, we only store personal data for as long as required. We may use third party service providers to help with this processing, they act as a ‘data processor’ on our behalf and only use the data collected in ways we specify for our own purposes. The categories of third parties which we work with include IT service providers, Delivery Agents, Payment Service Providers and Marketing Companies.
We only process the minimum personal data necessary and use industry standard data masking techniques where possible (pseudonymisation / anonymisation). We have outlined some of this activity and the parties involved (data processors unless otherwise stated) below:
IMPROVING THE USABILITY OF OUR WEBSITE
We process data such as online identifiers and behavioural data in order to measure performance and improve the user experience of our website.
Our website uses Webtrends to provide A/B testing functionality. This lets us see the impact of changes to our website by measuring things like number of clicks on a button. We aggregate the data and use statistical analysis to decide which change performed better. We don’t use this data to identify you directly.
TRAFFIC & SECURITY
When you browse our website the requests are sent via the Cloudflare network. Cloudflare will process online identifiers in order to ensure that our traffic is genuine and prevent cyber-attacks such as a Denial of Service attack. We will also keep logs of requests to our website, the data collected may include your IP addresses.
CREATING AN ONLINE ACCOUNT
When you create an online account with us you provide us with information that we use to remember you and enable you to check out faster. This also gives you access to features such as Order History, Saved Baskets.
We do not have the ability to recover the password you specify and read it in plain text. This is stored in a one-way hashed format which is computed using the key derivation function PBKDF2, using a randomly generated salt and very high number of iterations.
When you contact us we will process the data you provided, our agents may access information on your account in order to serve you and handle your query.
PLACING AN ORDER
When you place an order with us we may need to share your data with third parties in order to process that order.
We will need to provide your delivery and contact information to the delivery agent that you have chosen at checkout (e.g. DPD, UPS).
The payment information you provided will be used by our payment service providers in order to complete the transaction. Any credit card details are securely stored with our Payment Service Provider (Takepaymenst / Klarnal). For display purposes, we store your credit card number (PAN) in a masked format in line with PCI standards.
We will contact you by email to provide you with order status updates, when you give us your mobile telephone number we may send you SMS messages for important information about your order.
When necessary, we may introduce limits on the number of items you may purchase. We will use the information that has been provided or collected at checkout to uphold those restrictions. This will result in subsequent order attempts to be declined. In extreme cases we may perform further additional checks and cancel orders which have breach the terms of sale but have not been flagged at checkout, these checks may involve use of publicly available data sources e.g. companies house, listings on online marketplaces. This can happen at any point up until delivery.
After your order has been delivered we may contact you to ask you to provide feedback or leave a review of the products you purchased.
We send our email newsletters (‘Mailchimp Newsletters’) to our customers who have given their consent to receive them. We also send these to existing customers who have previously “soft” opted-in and have not unsubscribed. We make it very easy to unsubscribe or set your preferences. You can:
- Unsubscribe by using the link provided in any email you receive
- Press “unsubscribe” in your email client (supported email clients only)
We make every effort to ensure you are still interested in receiving these emails and may automatically unsubscribe you if you do not read the emails, or we experience errors sending them to you. We recommend you add us to your safe senders list to prevent this.
We share data which has undergone pseudonymisation about the products you have viewed or items that you have added to your basket with trusted third party advertisers such as Criteo. We act as joint data controllers for this processing. This allows us to show you relevant ads that may be of interest to you. You can opt-out of this processing using the if you do this you will still see advertisements online but they will be less relevant to you.
If you would like to opt-out of processing by third party advertisers in general please visit http://www.youronlinechoices.com/uk/your-ad-choices and https://www.google.com/settings/ads
Lawful Basis for Processing
We process personal data under the following lawful bases:
We will process your personal data in order to fulfil our contractual obligations to you. For example when processing an order you have placed with us.
We may process your personal data under legal obligation where we are required to do so by common law or statutory obligation.
We may process your personal data in order to meet our legitimate interests, when doing so we have considered whether that processing is necessary and balanced it against your interests, rights and freedoms. In some cases you have the right to object.
Some of our legitimate interests are:
- Improving customer experience with our website
- To measure and analyse the performance of our website
- To prevent fraudulent activity on our website
- To prevent multiple purchases of products that have purchase limits in place
- To protect data & network security and ensure data integrity
- To prevent cyber attacks
- To market our goods and services to our customers
In some cases, we process your personal data when you have given us consent to do so. If you have given us consent then you can contact us at any time to withdraw it.
Under data protection law and GDPR you have a number of rights:
- The right to access
- The right to rectification
- The right to erasure (please be aware this right is not absolute)
- The right to restrict processing
- The right to data portability
- The right to object
If you wish to exercise any of these rights you can contact us, we will endeavour to respond to you as soon as possible and within one calendar month.
Personal Data Storage
Locations outside the European Economic Area may be used for transferring data we collect about you, e.g. with third-party data processors that rely on cloud services hosted in the US. We take all reasonable action to ensure the safety of your personal data in agreement with this Privacy Information and ensure appropriate safeguards are in place. Any information we are provided will be stored on secure servers. We take all reasonable action to protect information sent to us electronically. Where applicable you may be given access to sections of our site that require a password. You are responsible for the passwords safety and confidentiality.
Right to Complaint
If you are unhappy about the way we handle your personal data then you have the right to lodge a complaint with the supervisory authority. In the UK this is the Information Commissioner’s Office (ICO), you can contact them via their website https://ico.org.uk/