Introduction
Baker & Black (“the Company”) is a private company duly incorporated in accordance with the laws of the United Kingdom.
The Company is committed to maintaining the privacy and security of customers’, suppliers’, associates, and any data subjects’ personal information, which includes information that identifies or relates specifically to a person such as, but is not limited to, their names, email addresses, physical addresses, mobile phone numbers, date of birth, any medical-related information, and gender (“customer information“). For purposes hereof, customer information includes any personal information of third parties that a user may submit to the Company on behalf of such third party (for example, the personal information of the user’s employees or partners).
The Company is committed to complying with the General Data Protection Regulation (“GDPR”) applicable to individuals within the UK and European Economic Area (EEA).
The Company also receives third-party suppliers’ personal information and is committed to maintaining the privacy and security of such third-party suppliers (“suppliers’ information“).
The security of such customer information submitted by a customer (or allowing another person to do so on your behalf) and suppliers’ information submitted to the Company (including via the Company website (known herein as “the website“)) is dealt with as set out in this policy (“Policy“), read together with the applicable Section 18 Consent available on the Website.
This policy sets out the following:
What customer information and suppliers’ information the Company collects and holds;
Why the Company collects that information;
To whom the Company discloses customer information and/or suppliers’ information;
How long the Company holds customer information and/or supplier information for;
How the Company safeguards customer information and supplier information;
Transfer of customer information and/or suppliers’ information inside and outside the UK;
Customers’ and suppliers’ rights to access and correct such information;
The Cookies policy of the Company;
Changes to this policy;
By using the Company website and providing personal information, the customer and/or supplier agrees to the terms and conditions stated in this policy and consents to the Company collecting, using, and disclosing customer information and/or supplier information as detailed herein. Should a user not agree with this policy (or any part), please do not provide such personal information to the Company. Withholding of personal information may affect the services the Company can provide. Any term used in this policy that does not have a specifically defined definition must be interpreted in accordance with the use thereof and definition given thereto in GDPR.
What customer information and suppliers’ information the Company collects and holds:
Where practical, the Company will collect customer information directly from the customer and/or supplier. This will normally take place when you deal with the Company directly, by emailing the Company, when visiting this website, telephonic conversation, by visiting the Company’s premises, or any other way of communication and connection with the Company.
We may also collect customer information directly from the customer when the customer subscribes to receive marketing material and/or when requesting information from the Company.
Should the customer directly submit a request for a quotation and/or information via this website and/or to the Company via email, or request to be part of the Company mailing list, the customer is indicating that he/she has read this policy and is willing for the Company to deal with such customer’s customer information as set out in this policy.
In some cases, customers are represented by a third party. In this instance, it may be necessary for the Company to collect customer information from such a third party. In such instances, we understand that the third party has the customer’s consent for providing the Company with the customer information, and the customer has consented to the Company processing the customer information as set out in this policy. Should it be necessary as solely determined by the Company, the Company may request a copy of such customer consent.
Should a customer become aware that customer information has been provided to the Company by a third party without the customer’s consent, please let the Company know immediately by emailing the Company at admin@bakerandblack.co.uk
The Company may require the following customer information from a customer in order to facilitate requests and to provide services to the customer:
Name;
Physical/residential address;
Email address;
Identity/passport details and numbers;
Mobile phone number;
Gender;
Date of birth;
Dietary requirements;
Medical and health information;
Credit card details, including card number, CVV number, and expiry date;
Emergency contact details (next of kin), used solely for emergency purposes;
Any and all company information affiliated with the customer (e.g., company registration number, company addresses, company contact details, and company directors);
Any other information required by us, suppliers, and contractors to provide customers with accurate assistance.
By providing the emergency contact details of a next of kin, the customer is acknowledging and representing to the Company that the emergency contact has read this policy and consents to the Company dealing with their personal information as set out in this policy.
In some instances, it may be necessary for the Company to collect sensitive customer information. Sensitive customer information includes racial or ethnic origin, religious beliefs or affiliations, criminal record, and health information (i.e., pregnancy). The Company only collects sensitive customer information when it is reasonably required for purposes of delivering the requested services. By providing sensitive customer information to the Company, the customer (or allowing another person to do so on the customer’s behalf), is indicating that he/she has read this policy and consents for the Company to deal with such customer’s sensitive customer information as set out in this policy.
The Company has also entered into contracts with third-party operators who process customer information and/or supplier information on behalf of the Company. In circumstances where a third-party operator may provide services to the Company whereby such operators would need to access customer information and/or supplier information, such operators enter into an agreement to uphold the Company’s privacy undertakings as set in this policy.
Why the Company collects that information and how information is used
The Company collects the above information about the customer and/or supplier solely for the following purposes:
Providing related products, services, and event information to you and to carry out your requests;
To fulfil a customer’s particular requests and to enable the Company to invoice the customer for fees payable to the Company and/or the supplier;
To improve customer service;
To improve the Company’s website (the companies strive to improve its website offerings based on the information and feedback received from customers and suppliers); and/or
Conduct credit reference search, if needed;
Confirming, verifying, and updating your details;
For the detection and prevention of fraud, crime, money laundering, or other malpractice;
For audit and record-keeping purposes;
We also collect and process personal information for marketing purposes to ensure our products and services remain applicable to you and potential customers;
To comply with applicable laws;
For the purpose of this policy, customers (also referred to as you) include potential and existing customers.
Legal bases for processing for EEA users:
If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have a legal basis for doing so under the GDPR. The legal basis depends on the Services you use and how you use them. This means we collect and use your information only where:
We need to provide you with the services, including operating the Services, provide customer support and personalised features and protecting the safety and security of the services provided by us;
It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services and to protect our legal rights and interests;
You give us consent to do so for a specific purpose; or
We need to process your data to comply with a legal obligation.
If you have consented to the use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party (e.g., your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.
To whom the Company discloses customer information and/or suppliers’ information to:
The Company collects customer information for its own purposes (i.e., to issue a quotation, provide goods and services, etc.) and for the suppliers which provide the goods or services to the Company.
By providing customer information to the Company, the customer (or allowing another person to do so on the customer’s behalf), is indicating that he/she has read this policy and consents for the Company sharing customer information with the suppliers to enable service delivery.
The Company discloses customer information to its suppliers. The Company only discloses certain customer information to the suppliers to enable the supplier to deliver the goods and services that the customer has selected and purchased.
The Company does not exercise control over the supplier’s privacy policies, and each customer should refer to the privacy policy of any such supplier to see how such supplier protects a customer’s privacy.
The Company also discloses the supplier’s information to customers. The Company only discloses supplier information to the customers to enable the customer to know the details of their goods/services which the customer has selected and purchased.
In addition, the Company will only disclose customer information and supplier information if: required by applicable law; the Company has a public duty to disclose the information; the Company’s legitimate interests require disclosure or the customer’s and/or the supplier’s legitimate interests require disclosure; or the customer and/or the supplier has agreed that the Company may disclose his/her customer information or supplier information (as the case may be), including but not limited to marketing communications.
How long the Company holds customer information and/or supplier information for:
The Company retains the customer information and/or supplier information while the services/goods are being provided and/or the account is in existence in respect of a customer, or for the purposes of after-sales support, or for as long as is necessary if legally required even after the services are completed and/or account is fully paid.
How the Company safeguards customer information and supplier information:
The Company is dedicated to safeguarding information and as such takes reasonable safety measures to protect customer information and supplier information and prevent the misuse of such information, as supplied to the Company.
The Company implements a variety of security measures to maintain the safety of customer and supplier information. The Company offers the use of a secure server. All supplied sensitive information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database, only to be accessible by those authorised with special access rights to such systems. Such authorised personnel are required to keep the information confidential.
Where the Company provides hyperlinks to any third-party internet websites, such links are not an endorsement by the Company of any products or services on such websites. The Company has not verified the truth or accuracy of any content of such websites. If a customer uses such hyperlinks, the customer does so entirely at the customer’s own risk, and we accept no responsibility or liability for the content, use, or availability of such websites. This website may also contain material provided by third parties, and we accept no responsibility or liability for the accuracy of such material.
If the customer uses a hyperlink to a third-party website, please note that these websites have their own privacy policies and use of cookies. We do not accept responsibility for customer information provided to a third-party website.
Transfer of customer information and/or suppliers’ information inside and outside the UK:
The customer information and/or supplier information that the Company collects may be transferred to and stored at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating outside the EEA who works for the Company or one of the Company’s operators. By submitting customer information to the Company (on this website or otherwise), the customer, hereby consents to the transfer of their customer information both inside and outside the European Union and/or the UK. Unfortunately, the transmission of information via the Internet is not completely secure. The Company will do its best to protect customer information submitted to it via the website, but cannot guarantee the security of data transmitted to the website; any transmission is at your own risk.
Customers’ and suppliers’ rights to access and correct such information:
The customer or supplier has a right to request access to the information that the Company holds in respect of such customer or supplier. Should any customer or supplier request access to customer information or supplier information the Company holds in respect of such customer or supplier respectively, or if the customer or supplier wishes to update or correct any of its information held by the Company, the customer or supplier (as the case may be) can contact the Company to update and correct their information themselves by emailing admin@bakerandblack.co.uk
Changes to this policy:
The Company reserves the right, in its sole discretion, to amend this policy at any time by posting the amended policy on our website. Unless otherwise stated, the current version will apply each time a user accesses our website.
Users agree to review this policy whenever users visit the website for any such amendments.
Save as expressly provided to the contrary in this policy, the amended version of this policy shall supersede and replace all previous versions thereof.
How to contact the Company:
Should a user wish to contact the Company regarding the customer information that it holds in respect of the customer, the way in which customer information is being used or this policy, please contact the Company at admin@bakerandblack.co.uk
This privacy notice was last updated on 1 January 2024.
