Who are “we”?
This website is owned by Nairn’s Oatcakes Limited, 90 Peffermill Road, Edinburgh, EH16 5UU
The shop section of the site, shop.nairns-oatcakes.com, is managed by our distribution partner, CLF Distribution Ltd. Payment is made by the customer, direct to CLF Distribution, who will then pack the customers’ order and pass to the selected courier to deliver.
SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?
When you purchase something from our store, as part of the buying and selling process, we collect the personal information you give us such as your name, address and email address.
When you browse our store, we also automatically receive your computer’s internet protocol (IP) address in order to provide us with information that helps us learn about your browser and operating system.
Email marketing (if applicable): With your permission, we may send you emails about our store, new products and other updates.
SECTION 2 - CONSENT
How do you get my consent?
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will ask you directly for your expressed consent.
SECTION 2A – MARKETING CONSENT
During the checkout process, customers will be given an option to opt in to receive marketing. This email marketing may include special offers, new products, competitions, and exciting news relating to the products listed for sale on this website. We will not share, or sell your data to any company, or individual for the purposes of marketing.
If the customer decides at a later date to opt out of marketing based emails, the easiest way to do this is to click the Unsubscribe link at the footer of all our email marketing emails.
SECTION 3 - DISCLOSURE
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
SECTION 4 - SHOPIFY
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If the customer chooses to pay via credit or debit card, they will be taken to the SagePay website where all sensitive data is secured using the same internationally recognised 256-bit encryption standards. The encryption keys are held on state-of-the-art, tamper proof systems in the same family as those used to secure VeriSign's Global Root certificate, making them all but impossible to extract. The data they hold is extremely secure and are regularly audited by the banks and banking authorities to ensure it remains so.
If the customer chooses to pay with Paypal, the customer then enters the payment details on a secure, PCI-compliant template hosted by PayPal. Paypal uses it’s market-leading PCI DSS compliant payment gateway solutions, industry certified fraud and risk management and merchant onboarding services which make payment transactions simple and secure for all.
In general, the third-party providers used by us will only collect, use and disclose your information to the extent necessary to allow them to perform the services they provide to us.
For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.
SECTION 5 – COOKIES
Here is a list of cookies that we use. We’ve listed them here so you that you can choose if you want to opt-out of cookies or not.
_session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
_shopify_visit, no data held, Persistent for 30 minutes from the last visit, used by our website provider’s internal stats tracker to record the number of visits
_shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
_secure_session_id, unique token, sessional
storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
This Policy replaces all previous versions and is correct as of 9th May 2018
If our store is acquired or merged with another company, your information may be transferred to the new owners so that we may continue to sell products to you.
If you would like to access, correct, amend or delete any personal information we have about you, or to register a complaint, or simply want more information, please contact Nairn’s Oatcakes Limited, 90 Peffermill Road, Edinburgh, EH16 5UU, Tel: +44 (0) 131 620 7000