Cathedral Baits is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.
Cathedral Baits may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 25th May 2018
New laws introduced in the UK / EU on May 25th 2018 introduces new policies and procedures all companies in the UK need to follow. We need to review where we use, store and protect personal data which we collect from you. We need to classify which Lawful basis for processing personal data we are using and provide more transparency into how we use it. These fall into these categories:
- Legal Obligation
- Vital Interests
- Public Task
- Legitimate Interests
We've Identified These Areas of Personal Data Collection
E-Mail Marketing, (Consent - double opt in)
- We always ask for your consent before adding your email & name to their system.
- We only use this information to send you relevant promotional announcements.
- You are able to opt-out / unsubscribe / remove yourself from this list at anytime using the link at the bottom of any emails you've received. You can also unsubscribe when you have logged into your account on the website.
- Please note that in order to record your opt out your email address will be kept in the system in an un-subscribed state. We are unable to send you emails when in this state.
- You do have the right to complete deletion of your details should you want this please inform the office by email : email@example.com
- We review activity on our list and remove any inactive accounts after 1 year of inactivity
Analytical Statistics, (Legitimate Interest)
- You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
- We use this information internally for IT Security purposes
- We use this information to track some personally identifiable information
- We pass usage data externally to Google Analytics for historical analytics
- Personal data collected by this method will include but is not limited to: User IP address, pages visited, forms submitted, sales revenue, product purchases.
- We use this information to help identify areas where we can improve our service
- We use this information to help improve our product availability
- We use this information to identify unusual or malicious behaviour
- We use this information to improve our security and detect security holes
- We use IP information to help protect your account from malicious activity
- We use server log information to monitor service up time and make sure website is operating within normal parameters
Account Sign Up, (Legitimate Interests)
- When processing a new account for use on the site we will ask you for personal details. Which will include Name, Address, Email and personal password.
- Passwords are encrypted in our database and are only known to you.
- These will be stored for as long as you have an account with us.
- Not an exhaustive list but, these details will be used when placing orders, managing your notifications, viewing past orders and amending any information we have on file for you.
- After 1 year of inactivity we will remove your account from the system
- To be clear, to remain active you must have logged into your account with in 1 calendar year
- If you have made any purchases this personal information will be retained for legal obligation reason as outlined in the Orders / Sales section.
- You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website. This may prevent you from placing orders.
- You do not have to sign up to place and order however, data will be stored for legal obligation reason as outlined in the Orders / Sales section
Orders - Sales Invoicing, (Legal Obligation)
- When processing an order you agree to us holding your personal information in the form of a sales order / invoice.
- This will include, but not limited to: Name, Address, Products Ordered, Discounts Given, Sales Total.
- This information will be stored for 7 years to comply with HRMC tax & VAT law in the UK
- After 7 years personal data will be removed / obfuscated so it cannot be connected to you personally. Obfuscated data may be retained longer than this for statistical / historical purposes.
Orders - Despatch & Delivery, (Legitimate Interest)
- We collect your name, address, phone number, email required items at the point an order is processed
- We use this information to process the order.
- This means we will use the items you have ordered to generate pick lists. Enabling us to pick and pack your order
- We will use your address and contact information to generate shipping labels.
- We will use your email information to send you a dispatched notification.
- We pass your address and contact information to delivery companies. This could include TNT / DHL / Royal Mail but may from time to to include other providers.
- Data passed to shipping companies is only held while it is needed then is removed from the system.
- Data is held on record for order processing
- Data is held on record for order auditing purposes
Payment Processing, (Legitimate Interest)
- When completing your order you are passed to our 3rd party payment provider PayPal.
- We use this information to process payment for your order.
- We use this information for accounting purposes
- We do not store your payment card information on Cathedral Baits owned systems.
- We are fully complient with the PCI DSS and contunue to monitor our servers and policies to stay inline with their guidelines.
- We have access on PayPal's secure site to old payments which have been processed. This allows, along with other functions, to process refunds if required. It also allows us to confirm payment for goods you have ordered.
- Information is stored in the PayPals system for up to 7 years to comply with UK tax accounting laws.
Contact Forms, (Legitimate Interest)
- Our website uses RSA Encryption with a 2048 bit key providing secure communication between you and our corporate website.
- You can confirm this by clicking the padlock in your browser and verifying you are connected to cathedralbaits.com
- You can communicate with us by using our contact form. At this point we collect your email & name information for use in communicating back to you.
- We will only use this information to reply to you regarding your query or future queries
- We may keep your communication on file for historical purposes. So we know what we have communicated and what has been agreed upon in the past.
Subject Access Requests
To comply with GDPR you have the right to obtain a copy of your personal data as well as other supplementary information. Much of this information will already be accessible from your account which will have been submitted to us on sign up.
If you believe that any information we are holding on you is incorrect or incomplete, you can log into your account online and amend your details. Alternatively please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.
Should you have any queries relating to your data on our system, or wish to be removed from our system completely please contact us
By email: firstname.lastname@example.org
Cathedral Baits and Tackle
Right To Be Forgotten
Should you wish to remove from our system completely please contact the office by email: email@example.com or by post to the address above. We aim to remove your details from the system within 30 days.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
LAST UPDATED MAY 2018