WE SECURELY STORE INFORMATION ABOUT YOU IN ORDER TO PROVIDE YOU WITH THE BEST POSSIBLE SERVICE.
To ensure that we can provide you with a positive experience we securely capture and store information about you.
We are W.D. Coe Limited, registered to 20-28 Norwich Road, Ipswich, Suffolk, IP1 2NH, United Kingdom and we are a ‘Data Controller’ registered with the UK Information Commissioner’s office with the registration number Z5762231. Our ‘Data Protection Officer’ is The DPO Centre LTD, 50 Liverpool Street, London, EC2M 7PY, United Kingdom and is contactable on firstname.lastname@example.org.
Post: W.D. Coe Ltd, 20-28 Norwich Road, Ipswich, Suffolk, IP1 2NH
Telephone: 01473 256061
- Your name, title, gender, date of birth and other relevant personal demographic details.
- Your contact details such as billing address, delivery address, email address and telephone (including mobile) numbers.
- Your purchase and order information.
- Your usage experience regarding our website, products and services.
- Your marketing and communication preferences.
- Your correspondences and communications with us.
- Your job application information.
- Your device and browser information including IP address.
- Your transaction data including payment card details and details about payments to and from you.
- Your user profile data including usernames, marketing preferences and order history.
- Your image data such as CCTV images and photography during events where you have not objected to us using it.
This list is not definitive, however comprises of the most common data types and you are under no statutory or contractual requirement or obligation to provide us with your personal information; however, to help provide you with customer service in an efficient and effective manner we collect the above data.
We do not knowingly collect “special category” personal data. This is a special type of sensitive data to which more stringent processing conditions apply, and comprises data concerning your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life or sexual orientation, and genetic data and/or biometric data.
We also do not collect information about criminal convictions or offences.
We obtain personal data from sources as follows:
- Create a Wardrobe card account or a Coes Option or Coes Subscription account
- Buy our products in a store or online
- Sign up to our mailing lists
- Request information
- Write to us
- Phone our customer services team
- Enter a competition
- Take part in a survey
- Give us feedback or post comments or reviews
- Apply for a job or send a CV
- Attend external local events
- Indicate on a form that you would like to receive communication from us.
- If they provide your details in relation to an order. Please note if you are providing another person’s details, ensure you have that person’s explicit consent to do so.
- To provide our products and services.
- To verify your identity.
- To assist you with customer service enquiries and requests.
- To manage any accounts, you may have with us (financial, loyalty, customer or other).
- To personalise your website or shopping experience.
- To comply where necessary with a legal or regulatory obligation.
- To provide you with personalised marketing communications.
- To carry out billing and administration activities, including refunds and credits.
- To review for analysis or research purposes so that we can provide a better customer experience.
For the purposes of marketing communications, we use your personal data to provide you with information on products, services, promotions or events that we consider may be of interest to you. We only do this where we have been provided your active consent and shown interest in receiving these marketing communications. These communications may be via online, email, post, social media, review sites and advertisers.
- Other companies within the trading group, currently: Coes, Golding of Newmarket, Goddards.
- Service providers such as logistics providers, technical and support partners and recruitment service providers.
- Law enforcement, public or government agencies and officials, regulators including any other person or entity that has the appropriate legal authority to request personal data.
- Any specific parties where we have your active consent to do so.
- Third parties if we need to provide personal data to establish, exercise or defend our legal rights (including preventing fraud and reducing credit risk).
We will never sell or rent your personal data to other organisations for any purpose.
To process personal data, we must have a lawful basis to do so. We always ensure that this is the case, and we set out our lawful basis below. However, please note that more than one may apply at any given time, for example, if we inform you of changes to our privacy notice, we may process your personal data on the ground of complying with legitimate interests, where we will always carry out a legitimate assessment prior to the processing.
We will use your personal data only for the purposes for which we collected it, unless we fairly consider that we need it for another reason that is compatible with the original purpose.
Please contact us if you would like more information, and on situations in which more than one lawful basis applies.
We process your personal information for our legitimate business purposes, which include the following:
Whenever we process your personal data for these purposes, we ensure that your interests, rights and freedoms are carefully considered, and we will carry out a Legitimate Interest Assessment prior to the processing of your data.
Compliance with laws
We may process your personal data in order to comply with applicable laws (for example, if we are required to co-operate with an investigation pursuant to a court order).
You are responsible for informing us of any changes in your details such as change of address. You have a right to ask us to correct any inaccuracies in the information we hold about you.
If you are under 16 please do not provide us with any personal information unless you have the permission of your parent or guardian to do so.
Please note that we're not responsible for the content of external websites.
Coes have security measures in place designed to prevent data loss, to preserve data integrity, and to regulate access to the data. Only authorised Coes employees and third parties processing data on our behalf have access to your personal data.
Coes employees who have access to your personal data are required to adhere to the Coes Privacy Notice and we have in place contractual safeguards with our third-party data processors to ensure that your personal data is processed only as instructed by Coes.
The security measures we have in place include:
We carefully consider the personal data that we store, and we will not keep your information in a form that identifies you for longer than is necessary for the purposes set out in this notice or as required by applicable law. In some instances, we are required to hold data for minimum periods: for example, UK tax law currently specifies a six-year period for retention of some of your personal data.
Although we are based in England, we may transfer your personal information to a location (for example, to a secure server) outside the European Economic Area, if we consider it necessary or desirable for the purposes set out in this notice.
In such cases, to safeguard your privacy rights, transfers will be made to recipients to which a European Commission “adequacy decision” applies (this is a decision from the European Commission confirming that adequate safeguards are in place in that location for the protection of personal data), or will be carried out under standard contractual clauses that have been approved by the European Commission as providing appropriate safeguards for international personal data transfers, or by the adoption of EU-US Privacy Shield.
We draw your attention to your following rights under data protection law:
We may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
These rights are subject to certain limitations that exist in law. Further information about your information rights is available on the ICO’s website: https://ico.org.uk/.
To form a contract with you, we will need some or all the personal data described above so that we can perform that contract or the steps that lead up to it: this is set out above in this notice. If we do not receive the data, the contract could not be performed.
If you sign up to our mailing list, you will have to provide certain personal data. Of course, you may decide to stop receiving our mailings at any time.
We hope that you will be satisfied with the way in which we approach and use your personal data.
Should you find it necessary, you have a right to raise a concern with the information regulator, the Information Commissioner’s Office: https://ico.org.uk/.
However, we do hope that if you have a complaint about the way we handle your personal data, you will contact us in the first instance using the contact details in section 1 above, so that we have an opportunity to resolve it.
Last Modified: 24th May 2018