Business to Business Privacy Policy
Your privacy is important to us. Taste of Bath take security and privacy seriously for both our direct consumers and business clients:

·         We keep to a minimum the amount of information we hold about your business / customers
·         We delete your data when it is no longer needed.
·         We apply appropriate security mechanisms to protect your personal and business data.

This Privacy Notice explains when and why we collect information about businesses, clients, consumers and people who work with us, visit our website or enquire about our Services via other means. It also outlines how we use this information, the conditions under which we may disclose it to others and how we keep it secure. It also explains how we use the information when you become one of our clients.

The Information We Collect:

This notice applies to all information collected or submitted on our website as well as via other channels such as phone or email.
On some pages of our website, you can contact us via e-mail, or via our contact us form. The types of personal and business information collected in this manner are:
• Name
• Address
• Company
• Email address
• Phone number

On some pages, you can submit information about other people. For example, if you order a gift online and want it sent directly to the recipient, you will need to submit the recipient’s address. In this circumstance, the types of personal information collected are:

• Name
• Address
• Phone Number
Information you submit via our Contact Us and Online Application form on our website is sent to us via email. All the information you submit is transferred using SSL which is the standard security technology for establishing an encrypted link between a web server and a browser. This ensures that all data passed between the web server and browsers and then with us remains private.

When working with business clients, in some cases we are given lists of data about their customers to process orders and gifts on behalf of our business clients. This customer information we collect is limited to personal data such as:
• Name
• Address
• Phone Number

As above, this information is stored securely and remains private and once is no longer required will be deleted. More details about our data processing is outlined below.

The Information We DON'T Collect:

We do not store credit card details, nor do we share customer details with any 3rd parties.  Card payments are handled by PayPal and Shopify Payments powered by Stripe who are compliant with the latest Privacy and GDPR regulations.   

With our business clients, payments can also be processed via invoices which can be paid via Pay Pal or direct transfer and no account or card details are stored.

The Way We Use Information:

• We use the information you provide about your business when placing an order only to complete that order. We do not share this information with outside parties except to the extent necessary to complete that order.
• We use the information you provide about your customers when placing an order only to ship the product and to confirm delivery. We do not share this information with outside parties except to the extent necessary to complete that order.
• We use return email addresses to answer the email we receive. Such addresses are not used for any other purpose and are not shared with outside parties.
• We never use or share the personally identifiable information provided to us online in ways unrelated to the ones described above.

Our Commitment to Data Security and Processing

To prevent unauthorised access, maintain data accuracy, and ensure the correct use of information, we have put in place appropriate physical, electronic, and managerial procedures to safeguard and secure the information we collect online and via other channels as outlined below.

Our policy on data processing, storage and use outlines how all employees of Taste of Bath, whether in a full-time or freelance capacity, are expected to work. Anyone who works with us directly must adhere to the regulations below:

• The only people able to access data covered by this policy should be those who need it for their work.
• Data should not be shared informally. When access to confidential information is required, employees / freelancers can request from the line manager.
• Employees / freelancers should keep all data secure, by taking sensible precautions and following the guidelines below.
o In particular, strong passwords must be used, and they should never be shared.
o Personal data should not be disclosed to unauthorised people, either within the company or externally.
o When not required, the paper or files should be kept in a locked drawer or filing cabinet.
o Data printouts should be shredded and disposed of securely when no longer required.

When data is stored electronically, it must be protected from unauthorised access, accidental deletion and malicious hacking attempts:
o Data should be protected by strong passwords that are changed regularly and never shared between employees.
o Data should only be stored on designated drives and servers and should only be uploaded to an approved cloud computing services.
o Data should be backed up frequently. Those backups should be tested regularly, in line with the company’s standard backup procedures.
o Data should never be saved directly to laptops or other mobile devices like tablets or smart phones.
o All servers and computers containing data should be protected by approved security software and a firewall.
o When working with personal data, employees should ensure the screens of their computers are always locked when left unattended.
o Personal data should not be shared informally. It should never be sent by email, as this form of communication is not secure.
o Employees / freelancers should not save copies of personal data to their own computers. Always access and update the central copy of any data.

How You Can Access or Correct Your Information

You can access all your identifiable information on your company, your customers and you that we collect online and maintain by calling us or sending us an email. We use this procedure to better safeguard your information.

You can correct factual errors in your identifiable information by sending us a request that credibly shows error.

To protect your privacy and security, we will also take reasonable steps to verify your identity before granting access or making corrections.

Newsletter Sign-up

If you or your customers sign-up to received newsletters from Taste of Bath via our website, the data is stored in our Mailchimp database, who are compliant with the latest Privacy and GDPR regulations.  We only ask for name and email address, once submitted, we will send an email to confirm the request to be on our mailing list.  This is called a 'Double Opt-in', making sure we are protecting data and privacy.  By confirming the subscription from the email we send, we take that as an opt-in for us to send newsletters from there on.  One won't be subscribed if the confirmation link is not clicked in the email we send.  One can unsubscribe at any time using the links at the bottom of any newsletter via our contact form or email sales@taste-of.co.uk.

Use of Business Software

For the purpose of business related activity and processing of such things as payments and invoicing, Taste of Bath uses third party software programmes such as Quickbooks for invoicing as well as Shopify, Stripe Payments and PayPal for payments. Each of these software companies are compliant with the latest Privacy and GDPR regulations and are subject to their own privacy policies which can be found on their website. How To Contact Us

Should you have other questions or concerns about these privacy policies, please contact us.

d