This privacy statement was last updated on 08/11/2024 and applies to citizens and legal permanent residents of the United Kingdom.
In this privacy statement, we explain what we do with the data we obtain about you via https://theforbiddenfruitbar.co.uk. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:
- we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
- we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
- we first request your explicit consent to process your personal data in cases requiring your consent;
- we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
- we respect your right to access your personal data or have it corrected or deleted, at your request.
If you have any questions, or want to know exactly what data we keep of you, please contact us.
1. Purpose, data and retention period
We may collect or receive personal information for a number of purposes connected with our business operations which may include the following: (click to expand)1.1 Contact - Through phone, mail, email and/or webforms
1.1 Contact - Through phone, mail, email and/or webforms
For this purpose we use the following data:
- Account name or alias
- A home or other physical address, including street name and name of a city or town
- A first and last name
- An email address
- A telephone number
The basis on which we may process these data is:
Upon the provision of consent.
Retention period
We retain this data upon termination of the service for the following number of months: 6
1.2 Payments
1.2 Payments
For this purpose we use the following data:
- A first and last name
- Account name or alias
- A home or other physical address, including street name and name of a city or town
- An email address
- A telephone number
- Financial information such as bank account number of credit card number
The basis on which we may process these data is:
Upon the provision of consent.
Retention period
We retain this data until the service is terminated.
1.3 Registering an account
1.3 Registering an account
For this purpose we use the following data:
- A first and last name
- Account name or alias
- An email address
- IP Address
The basis on which we may process these data is:
Upon the provision of consent.
Retention period
We retain this data until the service is terminated.
1.4 To support services or products that a customer wants to buy or has purchased
1.4 To support services or products that a customer wants to buy or has purchased
For this purpose we use the following data:
- A first and last name
- Account name or alias
- A home or other physical address, including street name and name of a city or town
- An email address
- IP Address
- A telephone number
- Financial information such as bank account number of credit card number
The basis on which we may process these data is:
Upon the provision of consent.
Retention period
We retain this data upon termination of the service for the following number of months: 72
1.5 To be able to comply with legal obligations
1.5 To be able to comply with legal obligations
For this purpose we use the following data:
- A first and last name
- IP Address
- Account name or alias
- An email address
- A telephone number
The basis on which we may process these data is:
Upon the provision of consent.
Retention period
We retain this data upon termination of the service for the following number of months: 72
1.6 To be able to offer personalised products and services
1.6 To be able to offer personalised products and services
For this purpose we use the following data:
- A first and last name
- Account name or alias
- An email address
- A telephone number
The basis on which we may process these data is:
Upon the provision of consent.
Retention period
We retain this data upon termination of the service for the following number of months: 72
1.7 Deliveries
1.7 Deliveries
For this purpose we use the following data:
- A first and last name
- A home or other physical address, including street name and name of a city or town
- A telephone number
The basis on which we may process these data is:
Upon the provision of consent.
Retention period
We retain this data upon termination of the service for the following number of months: 72
2. Sharing with other parties
We only share this data with processors and with other third parties for which consent must be obtained.
3. Cookies
Our website uses cookies. For more information about cookies, please refer to our Cookie Policy.
4. Disclosure practices
We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.
If our website or organisation is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.
5. Security
We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorised access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.
The security measures we use consist of:
- Vulnerability Detection
- Website Hardening/Security Features
- (START)TLS / SSL / DANE Encryption
- Login Security
- DKIM, SPF, DMARC and other specific DNS settings
- HTTP Strict Transport Security and related Security Headers and Browser Policies
6. Third-party websites
This privacy statement does not apply to third-party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.
7. Amendments to this privacy statement
We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.
8. Accessing and modifying your data
If you have any questions or want to know which personal data we have about you, please contact us. You can contact us by using the information below. You have the following rights:
- You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
- Right of access: You have the right to access your personal data that is known to us.
- Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
- If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
- Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
- Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.
Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person.
9. Submitting a complaint
If you are not satisfied with the way in which we handle (a complaint about) the processing of your personal data, you have the right to submit a complaint to the Information Commissioner's Office:
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
10. Data Protection Officer
Our Data Protection Officer has been registered with the Information Commissioner's Office. If you have any questions or requests with respect to this privacy statement or for the Data Protection Officer, you may contact Sam Deighan, or via gdpr@tffhastings.co.uk.
11. Children
Our website is not designed to attract children and it is not our intent to collect personal data from children under the age of consent in their country of residence. We therefore request that children under the age of consent do not submit any personal data to us.
12. Contact details
The Forbidden Fruit Bar LTD
The Forbidden Fruit
22 Grand Parade
St Leonards on Sea
TN37 6DN
United Kingdom
Website: https://theforbiddenfruitbar.co.uk
Email: gdpr@tffhastings.co.uk
Phone number: 01424864184
13. Data Requests
For the most frequently submitted requests, we also offer you the possibility to use our data request form
Annex
WooCommerce
We collect information about you during the checkout process on our store.
What we collect and store
While you visit our site, we’ll track:
- Products you’ve viewed: we’ll use this to, for example, show you products you’ve recently viewed
- Location, IP address and browser type: we’ll use this for purposes like estimating taxes and shipping
- Shipping address: we’ll ask you to enter this so we can, for instance, estimate shipping before you place an order, and send you the order!
We’ll also use cookies to keep track of basket contents while you’re browsing our site.
Note: you may want to further detail your cookie policy, and link to that section from here.
When you purchase from us, we’ll ask you to provide information including your name, billing address, shipping address, email address, phone number, credit card/payment details and optional account information like username and password. We’ll use this information for purposes, such as, to:
- Send you information about your account and order
- Respond to your requests, including refunds and complaints
- Process payments and prevent fraud
- Set up your account for our store
- Comply with any legal obligations we have, such as calculating taxes
- Improve our store offerings
- Send you marketing messages, if you choose to receive them
If you create an account, we will store your name, address, email and phone number, which will be used to populate the checkout for future orders.
We generally store information about you for as long as we need the information for the purposes for which we collect and use it, and we are not legally required to continue to keep it. For example, we will store order information for 6 years for tax and accounting purposes. This includes your name, email address and billing and shipping addresses.
We will also store comments or reviews, if you choose to leave them.
Who on our team has access
Members of our team have access to the information you provide us. For example, both Administrators and Shop Managers can access:
- Order information like what was purchased, when it was purchased and where it should be sent, and
- Customer information like your name, email address, and billing and shipping information.
Our team members have access to this information to help fulfil orders, process refunds and support you.
What we share with others
We share information with third parties who help us provide our orders and store services to you; for example - payments are processed via Stripe Processing.
Really Simple SSL
Really Simple SSL and Really Simple SSL add-ons do not process any personal identifiable information, so the GDPR does not apply to these plugins or usage of these plugins on your website. You can find our privacy policy here.
Complianz | The Privacy Suite for WordPress
This website uses the Privacy Suite for WordPress by Complianz to collect and record Browser and Device-based Consent. For this functionality, your IP address is anonymized and stored in our database. This service does not process any personally identifiable information and does not share any data with the service provider. For more information, see the Complianz Privacy Statement.
Stripe
Information shared with a payment provider to process payments includes:
- Name
- Address
- Phone
- City/State/Zip
- Unique payment identifier
- Payment provider identifier
- Stripes Privacy Policy can be viewed here: https://stripe.com/gb/privacy
Akismet
We collect information about visitors who comment on sites that use our Akismet Anti-spam service. The information we collect depends on how the user sets up Akismet for the site, but typically includes the commenter's IP address, user agent, referrer, and site URL (along with other information directly provided by the commenter such as their name, username, email address, and the comment itself).