PRIVACY POLICY

The privacy policy explains what personal information we collect when you visit the brightchilli.com website and how we use your data.

Please read this Privacy Policy carefully and ensure that you understand it. Your acceptance of this Privacy Policy is deemed to occur upon your first use of Our Site. If you do not accept and agree with this Privacy Policy, you must stop using Our Site immediately.

ABOUT US
Our Site is owned and operated by Bright Chilli Limited, a Limited Company registered in Scotland under company number SC302114.

  • Registered address: 69 Dalkeith Road, Dundee, DD4 7HF, Scotland.
  • Address: 69 Dalkeith Road, Dundee, DD4 7HF, Scotland.
  • VAT number: GB 886 3536 79
  • Our Data Protection Register Number is Z9565739.  We are registered as a  Data Controller under Bright Chilli Limited.  You can contact us by email hello@brightchilli.com, telephone 0844 736 5611 or by post at 69 Dalkeith Road, Dundee, DD4 7HF.

WHAT IS PERSONAL DATA?
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.

Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

HOW WE USE YOUR PERSONAL INFORMATION
·         Supplying our products or services to you. Your personal details are required in order for us to enter into a contract with you.

·         Personalising and tailoring our products/ services for you.

·         Communicating with you. This may include responding to emails, calls or text messages from you.

·         Supplying you with information by email or post that you have opted-in to (you may unsubscribe or opt-out at any time by pressing unsubscribe link on email)

·         Analysing your use of Our Site and gathering feedback to enable us to continually improve Our Site and your user experience.

With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email, telephone, text message or post with information, news, and offers on our products or services. You will not be sent any unlawful marketing or spam.

WHAT PERSONAL DATA WE COLLECT
Some data will be collected automatically by Our Site (for further details, please read Our Cookie Policy.  Other data will only be collected if you voluntarily submit it and consent to Us using it for the purposes for example, when signing up for our email newsletter.

Depending upon your use of Our Site, We may collect some or all of the following data:

Visitors to our Website
We record information about how visitors interact with our website and use this data with a 3rd party service, Google Analytics.  We use Google Analytics to help us to better understand what content and products visitors want. We do not use analytics data to attempt to track or identify individuals.

Customers
When you create an enquiry via our website you may provide us with your name, company name,  address, email address and telephone number so that we can contact you, in relation to your enquiry, if the need arises (i.e.to fulfil our contract with you).

We will only send you marketing material with your consent and you can opt out at any time by:
·         changing your marketing preferences on our website, or
·         clicking the ‘unsubscribe’ link in one or our marketing emails,  or
·         by sending us an email. 

Sensitive Data
We do not gather sensitive personal data (e.g. health, genetic, biometric data; racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sexual orientation, and criminal convictions). We expressly request that you do not provide any such sensitive data to us.

Children’s Data
Our service does not address anyone under the age of 13 (“Children”). If you are a parent or guardian and you are aware that your child or children have provided us with personal data, please contact us. If we become aware that we have collected personal data from children without verification of parental consent, we will take steps to remove that information from our servers.

DO WE SHARE YOUR DATA?
We may contract with third parties to supply products and services to you on Our behalf. These may include payment processing, advertising and marketing. In some cases, the third parties may require access to some or all of your data. Where any of your data is required for such a purpose, We will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, Our obligations, and the obligations of the third party under the law.

We currently contract with following third parties:

Website Administration
Third Party - SquareSpace
Personal Data – Name, Email Address, IP Address
Purpose Website Hosting
Lawful Basis – Legitimate Interest

Third Party - Google Analytics
Personal Data-  Anonymised website browsing information
Purpose - To improve website content and performance
Lawful Basis- Legitimate Interests

HOW LONG WILL YOU KEEP MY PERSONAL DATA?

We will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected. Your personal data will therefore be kept for the following periods (or, where there is no fixed period, the following factors will be used to determine how long it is kept):

·         7 years to comply with UK tax law, or as long as we have your permission to keep it.  Your data will be deleted if we no longer need it.

How and Where Do You Store or Transfer My Personal Data?

Some or all of your data may be stored or transferred outside of the European Economic Area (“the EEA”) (The EEA consists of all EU member states, plus Norway, Iceland and Liechtenstein). You are deemed to accept and agree to this by using Our Site and submitting information to Us. If We do store or transfer data outside the EEA, We will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the EEA and under the GDPR. Such steps may include, but not be limited to, the use of legally binding contractual terms between Us and any third parties We engage and the use of the EU-approved Model Contractual Arrangements.

Where we transfer your data to a third party based in the US, this may be protected if they are part of the EU-US Privacy Shield. This requires that third party to provide data protection to standards similar to those in Europe. More information is available from the European Commission

Data security is of great importance to Us, and to protect your data We have put in place suitable physical, electronic and managerial procedures to safeguard and secure data collected through Our Site.

Notwithstanding the security measures that We take, it is important to remember that the transmission of data via the internet may not be completely secure and that you are advised to take suitable precautions when transmitting data to Us via the internet.

WHAT HAPPENS IF OUR BUSINESS CHANGES HANDS?

We may, from time to time, expand or reduce Our business and this may involve the sale and/or the transfer of control of all or part of Our business. Data provided by users will, where it is relevant to any part of Our business so transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this Privacy Policy, be permitted to use the data for the purposes for which it was originally collected by Us.

In the event that any of your data is to be transferred in such a manner, you will be contacted in advance and informed of the changes.

DATA SUBJECT ACCESS REQUESTS
If you want to see a copy of any personal data we hold about you, or exercise any of your other rights, please send your request to:-

By post – to Bright Chilli, 69 Dalkeith Road, Dundee, DD4 7HF (not open to the public)

By email – to hello@brightchilli.com

You also have a right to lodge a formal complaint the relevant supervisory authority (the ICO) if you think we've breached your rights.

HOW TO CONTACT US
If you have any questions or complaints about our data privacy policy or personal data that we may hold about you please contact us us by email hello@brightchilli.com, telephone 0844 736 5611 or by post at 69 Dalkeith Road, Dundee, DD4 7HF.

THIRD PARTY LINKS
This privacy policy does not extend to any websites that are linked from Our Site (whether we provide those links or whether they are shared by other users). We have no control over how your data is collected, stored or used by other websites and We advise you to check the privacy policies of any such websites before providing any data to them.

CHANGES TO THIS PRIVACY POLICY
We may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our my business in a way that affects personal data protection.

Any changes will be immediately posted on Our Site and you will be deemed to have accepted the terms of the Privacy Policy on your first use of OurSite following the alterations. We recommend that you check this page regularly to keep up-to-date.

UPDATES
Updates to our data policy will be published here.  This policy was reviewed and updated May 2018.