Privacy Notice & Cookies

PRIVACY NOTICE

This Privacy Notice deals with how we collect, handle and use your data within our business. We aim to comply with the General Data Protection Regulation 2016 (GDPR) and the Data Protection Act 2018 in all respects including in the spirit of the need to treat your data with respect and to keep it safe. We will only collect and use your personal data in the ways that are described here, and in a way that is consistent with our obligations and your rights under the law.

1. Who We Are.

Business name: Armada English
Registered address:

 

19 Osborne Road, Manchester, M19 2DU
Registered number and where registered: England
Contact phone: +44 (0) 7502118169

2. Definitions 

Data subject or “you” or “your”: A data subject is an “identifiable natural living person who can be directly or indirectly identified in particular by reference to an identifier”. “Identifier” covers almost any information that we might have that could identify you as an individual. It also means that data subjects include employees/associates/ individual customers or individuals within customer organisations – any individual that our organisation holds personal data on.
Personal Data: This is any information or data relating to a data subject that can be used to identify them or is information relating to them which makes that data personal to the data subject. So, this will include names, addresses, other contact details, date of birth, driver’s license, financial information e.g. credit cards, CCTV, emails, online identifiers (provided by their devices, applications and tools such as IP addresses, cookie identifiers etc.).
Sensitive Personal Data: This includes race or ethnic origin, religion, philosophical or political opinions, health information, genetic or biometric data, sexual orientation or sex life and trade union membership. Because of the nature of Sensitive Personal Data there are special rules for lawful processing.
Data Controller: A data controller determines the purposes and means of how we process your personal data.
Data Processor: A data processor is any person other than one of our employees who processes the data on behalf of the data controller.
Data Processing: Data processing covers just about anything that we do with your personal data including both automated electronic processing and manual processing within a structured filling system including collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

3. What Does This Notice Cover?

This Privacy Notice explains how we, as the Data Controller/Data Processor, use your personal data, sensitive personal data (or special category data) and how it is collected, how it is held, how it is processed. Please note that we may at times use a third party to process your data, but they will be also bound under the rules of the GDPR that protect your personal data. This notice also explains your rights under the law relating to your data.

4. Where Do We Collect Data From?

We can collect data in the following ways from customers who purchase from us, suppliers who we deal with and from others who interact with us via:a) Face to face contact;b) Email/text/hard copy forms/telephone;c) Information from 3rd This will require your consent with the 3rd party;d) Our website. Data maybe collected in 2 ways:i) Information that you input into forms or in other ways;ii) Automated data collection via “cookie technology” in order to understand how our website is being used and to provide you with a personalised service when you visit the website. Cookies may gather information about you including details of your operating system, the type of device you are using, browser version, domain name and IP address. It may also include usage and statistics about your interaction with our website. We may then take that information and use 3rd party analytical software or services to analyse it. Cookies identify your browser and other basic information, but they do not identify you as an individual as they are not linked to any personally identifiable information that you submit. You can control the use of cookies at the individual browser level but if you choose to disable them it may limit your usage of our website and full access to some of its functions. For further information on cookies and their use please refer to our cookies policy.e) Social media. We may gather information about you from social media sites. Such information will be that which you have willingly shared on the public domain and as such will be outside of the scope of GDPR. However, we will still treat such information as we would any other personal data covered by GDPR.

 5. What Personal Data do we Process?

We may process the following Personal Data regarding you:

a) Personal Data:

i. Your name

ii. Your contact details – address, email, phone number(s)

iii. Your Skype username

iv. Your I.P. addressCustomers or potential customers:

Orders and Account Management:
    • To provide you with a quotation;
    • to process your order;
    • to help with any questions if you have started an order but not completed it;
    • to manage product downloads and refunds;
    • to manage your account;
  • Customer Relationship:
    • To keep you informed about our products/services;
    • to monitor how our customers transact with us online;
    • to contact you for your views on our products and services;
    • to publish trends and/or to improve usefulness and content of our website;
    • to track activity on our site and to provide a more personalised online experience;
    • to link with social media sites and services, for example, for advertising purposes;
    • for market research purposes, by tracking activity on our site or in store (on an anonymous basis) to identify trends and/or to improve usefulness and content.
  • Other:
    • for product liability purposes;
    • to deal with enquiries and complaints;
    • for claims management and insurance purposes;
    • for general record keeping purposes;

 

b) Sensitive Personal Data:

We will not process any Sensitive Personal (or Special Category) Data regarding yourself unless required to do so by yourself.

6. Data Protection Principles:

The GDPR sets out 6 principles governing how we must process your personal data – it must be:a) Processed lawfully, fairly and in a transparent way.b) Only collected for specific legitimate purposes and processed for those purposes only.c) Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.d) Accurate and kept up to date.e) Not kept for longer than necessary for its purpose.f) Processed securely and confidentially to ensure it is not lost or damaged or destroyed.

7. What Are Your Rights Concerning Personal Data?

Under the GDPR, you have the following rights, which we will always aim to uphold:a) The right to be informed about how we collect and use your personal data – this Privacy Notice should tell you everything that you need to know but if you have any further questions then please contact us using the contact details below;b) The right of access to your personal data and the right to verify the lawfulness of the processing;c) The right to have your personal data rectified to correct inaccurate information or to have it completed if it is incomplete – please contact us using the contact details below;d) The right to erasure of your personal data – sometimes known as “the right to be forgotten”. That is the right to have us delete or otherwise dispose of any of your personal data – please contact us using the contact details below;e) The right to restrict the processing of your personal data;f) The right to data portability so that they can take and use their personal data for their own purposes across different services;g) The right to object to use processing your data on for a particular purpose or purposes;h) Rights concerning automated decision making and profiling. Please note that we do not use your personal data in this way.You can obtain further information about your rights from the Information Commissioner’s Office. If you have any cause for complaint about our use of your personal data, you also have the right to lodge a complaint with the Information Commissioner’s Office.

8. What Are The Lawful Justifications for Processing Personal Data?

The GDPR requires us to have a lawful justification to process data. The following is a summary of the possible lawful justifications:

a) Consent of the data subject. Consent under the GDPR requires it to be:i) Freely given;ii) Specific;iii) Informed;

b) Processing the data is necessary for the performance of a contract between us and the data subject. This allows the lawful processing of your personal data:i) To fulfil our contractual obligations to you: orii) Because you have asked us to do something before entering into a contract e.g. providing a quotation for goods or services.

c) Processing the data is necessary for compliance with a legal obligation. This requires that the legal obligation must be laid down by either UK or EU law.

d) Processing the data is necessary for the purposes of our “legitimate interests” or those of a 3rd party including wider benefits to society. This requires us to review our legitimate interests and to ensure that they do not conflict with the fundamental rights and freedoms of the data subject.

e) Processing the data is necessary to protect the vital interests of the data subject or someone else. This is used where we would need to process your personal data to protect either your or another person’s life or wellbeing.

f) Processing the data is in the public interest.

9. What Are The Additional Justifications For Processing Sensitive Personal Data?

In addition to the justifications given in section 7 for ordinary personal data the GDPR lays down more stringent requirements regarding the processing of your personal sensitive data. In this regard we will only process your sensitive personal data if:

a) You have freely given us your explicit consent;

b) Processing is necessary to comply with any legal obligations that we may have;

c) Processing is necessary to protect your vital interests or those of another living person where you are physically or legally incapable of giving consent;

d) Processing relates to sensitive personal data which has been manifestly made public by you e.g. posting it on social media;

e) Processing is necessary for the purposes of preventative or occupational medicine, medical diagnosis or the provision of health and social care.

10. What Justification Do We Have For Processing Your Personal Data?

Under the GDPR, we must always have a lawful justification for using personal data. Your personal data may be used for one of the following purposes:

  • Providing and managing your account.
  • Supplying our products AND/OR services to you. Your personal details are required in order for us to enter into a contract with you.
  • Personalising and tailoring our products AND/OR services for you.
  • Communicating with you. This may include responding to emails or calls from you.
  • Supplying you with information by email that you have opted-in to (you may unsubscribe or opt-out at any time by clicking “unsubscribe” from our email list within any of our newsletter emails.

 

In order to do this, we justify such processing of ordinary personal data on the basis of:

a) Your consent for opt in to Armada English’s email newsletter and marketing;

b) It is necessary for the performance of a contract between us

c) Because it is in our legitimate interests to process itIf you require further information on these justifications, then please contact us using the contact details below.

With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email with information, news, and offers on our products AND/OR services. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications Regulations 2003, and you will always have the opportunity to opt-out.

11. How Long Will We Keep Your Personal Data?

We will not keep your personal data for any longer than is necessary for the purposes for which it was initially collected. Please refer to our Data Retention and Destruction Policy for more information.

12. How and Where Do We Store or Transfer Your Personal Data?

We will only store your personal data in the UK or the European Economic Area which means that your data will be fully protected under the GDPR or the equivalent jurisdictional law.

13. Sharing Your Personal Data

We will not share any of your personal data with any third parties for any purposes unless:

  • We are required to do so by law;
  • We may contract with the following third parties to supply products AND/OR services to you on our behalf. These may include payment processing, delivery, and marketing. In some cases, those third parties may require access to some or all of your personal data that we hold.

 

All our website financial transactions are handled through our payment services provider, PayPal. You can review their privacy policy at: https://www.paypal.com/us/webapps/mpp/ua/privacy-full

We will share information with PayPal only to the extent necessary for the purposes of processing payments you make via our website, refunding such payments and dealing with complaints and queries relating to such payments and refunds.All of our appointment bookings and product downloads are handled through Woo Commerce Appointments and Woo Commerce which are owned by Automattic. You can review their privacy policy at: https://automattic.com/privacy/

We will share information with Woo Commerce only to the extent necessary for the purposes of processing orders you make through our website for products AND/OR services.If any of your personal data is required by a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the GDPR.We may contract with third parties (as described above), and those third parties are located outside of the UK or the European Economic Area. If any personal data is transferred to a third party outside of the EEA, we will take suitable steps (including seeking your explicit consent) in order to ensure that your personal data is treated just as safely and securely as it would be within the UK and under the GDPR.

14. Accessing Your Personal Data?

In accordance with the GDPR you are entitled to know:

  • If we have any personal data concerning you; and if so
  • What data we hold.

Accessing such data or finding out if we have any data concerning you is known as a “subject access request” (SAR). SARs should be made in writing and sent via either email or post to the contact details given below. We have a standard Subject Access Request form for you to use which can help in making the request clear. However, you do not have to use this form if you do not wish to.There is normally no charge for a subject access request. However, the law allows us to make a reasonable charge to cover our administrative costs if your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests).We will respond to your subject access request within 1 calendar month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.

15. Cookies Policy

Cookies are small text files that we store on your computer whilst you are visiting our website. There are 4 basic types of cookie:

i) Session cookies – allow websites to link your actions during a specific session – these cookies expire when the session is ended.

ii) Persistent cookies – these are stored on your device between sessions and they allow your choices and browsing history across the site or across multiple sites to be recorded. These cookies can be used to target advertising. They will remain on your device unless you either delete them or they time expire

iii) First party cookies – these are cookies set by our website.

iv) Third party cookies – these are cookies set by a domain different from our site whilst you are using our site.

Since 2011 there has been a requirement for us to obtain subscribers’ or users’ consent to the use of certain types of cookie. There are 4 categories of cookie that can be used:

“Strictly necessary” cookies – these are normally first party session cookies that are essential for you to be able to use all the features of our website. These cookies enable the services that you have requested and as such consent is not required for these. However, the law narrowly defines “strictly necessary” and restricts them to those cookies that store a unique identifier that manages and identifies you in respect of other current users of the site so that a consistent and accurate service can be provided. These cookies will not be used for marketing purposes or for remembering your preferences and ID outside of the current session. Cookies falling into this category on this site are:

Cookie Name Purpose/functionality Duration of operation
PHPSESSID A session cookie is required to follow your progress through the website. It is essential to ensure that any information you enter or routes you take are remembered by the website. Without this cookie, every page you visited would treat you as a completely new visitor. This cookie does not identify you personally and is not linked to any other information we store about you.

 

Session
wfwaf-authcookie, wordpress_logged_in, wordpress_sec, tk_tc

 

wp-settings-1,

wp-settings-time-1,

 

intercom-id

Cookies used by our Content Management System (WordPress) to enable the site to function Session

 

wp-settings-1 and wp-settings-time-1 cookies = 1 Year

 

intercom-id cookie = 20 Years

WordPress-test-cookie Used to check if the user’s browser supports cookies. Session
eu cookie law Cookie law banner placement on site 1 month

 

“Performance” cookies – these are cookies that may be either first or third party, session or persistent and are used to collect information about how you use the site but they do not collect any personal information that could identify you. The information is made anonymous by aggregating it together so that we can improve the performance of the site. Examples may include web analytics, advertising response rates, affiliate tracking, and error management but they should not be used to retarget adverts – if they do then they will need to be classified under category 4 as well. We need your consent for the use of these cookies during your session. Cookies falling into this category on this site are:

Cookie Name Purpose/functionality Duration of operation
_ga Google Analytics – Registers a unique ID that is used to generate statistical data on how the visitor uses the website. 2 Years
APISID, HSID, NID, SAPISID, SID, SIDCC, SSID, Cookies used to manage interactivity with webpages that feature either Google maps and/or YouTube videos Ranging from 3 months to 2 years for those cookies that include ‘SID’
CONSENT Unknown 3rd party cookie from Google.com and Gstatic.com 20 Years

“Functionality cookies” – these are cookies that may be either first or third party, session or persistent and will generally be the result of your actions where they will remember the choices that you have made. They may also be used to deliver a service that you have not explicitly requested but is being offered to you. They can also be used to prevent you being offered a service that you have previously rejected. These cookies should not be used to retarget adverts – if they do then they will need to be classified under category 4 as well. We need your consent for the use of these cookies during your session. Cookies falling into this category on this site are:

Cookie Name Purpose/functionality Duration of operation
Woocommerce_cart_hash, Woocommerce_items_in_cart, wp_woocommerce_session The first two cookies contain information about the cart as a whole and helps WooCommerce know when the cart data changes. The final cookie (wp_woocommerce_session_) contains a unique code for each customer so that it knows where to find the cart data in the database for each customer. No personal information is stored within these cookies.

 

Session
Viewed_cookie_policy Remembers users acceptance of Cookies 1 Year
pypf PayPal cookie enabling payments using this merchant Session

“Targeting or advertising” cookies: these are cookies that are normally 3rd party persistent (but time limited) cookies that are used to deliver adverts that are more relevant to you by collecting information about your browsing habits. Where these are being used as part of an advertising network that collects browsing habits in order to target relevant adverts to you we will advise you of such. We need your consent for the use of these cookies during your session. Cookies falling into this category on this site are:

Cookie Name Purpose/functionality Duration of operation
DSID, _ct_rmm, cto_lwid, OGPC Used by Google DoubleClick for re-targeting, optimisation, reporting and attribution of online adverts. 2 Years
IDE, 1P_JAR Used by Google to register and report the website user’s actions after viewing or clicking one of the advertiser’s ads with the purpose of measuring the efficacy of an ad and to present targeted ads to the user.

 

1 Year

You are in control of the use of cookies. With regards to cookies then you can normally control these via your browser. Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third-party cookies. Blocking all cookies will, however, have a negative impact upon the usability of many websites, including this one.If you are happy to continue with our use of cookies as detailed above on this site, then we require your informed consent as we do not rely on “implied consent” as some other sites do. You will therefore have to “Accept Cookies” in order to have full use and functionality of our site. 

16. Contact Information

If you wish to contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details:

For the attention of: Samantha Elliott

Email address: armadaenglish@hotmail.com

Telephone number: 07502118169

Postal Address: 19 Osborne Road, Manchester, M19 2DU, UK.

17. Changes to this Privacy Notice

We may change this Privacy Notice from time to time to accommodate changes in the law or if we change the way we do business in a way that affects personal data protection.