Vapers Online needs to collect and process your personal data so that we can provide necessary services for you. We are committed to ensuring that your privacy is protected. Personal data provided by you will only be used in accordance with this privacy statement.
We may change the policy from time to time by updating this page; therefore you should check this page from time to time to ensure that you are happy with the changes.
This policy is effective from the 18th May 2018.
What information do we collect about you?
We may collect the following information:
We request information from you on our order form. To buy from us, you must provide contact information (like name and shipping address) and financial information (like credit card number, expiration date). This information is used for billing purposes and to fill your orders. If we have trouble processing an order, we'll use this information to contact you. We do not store any credit/debit card details, any and all purchases are dealt with by our payment gateway providers Opayo (formerly Sagepay)
How will we use the information about you?
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
Security of the Personal Data
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. This includes internal and external firewalls.
Wherever we collect sensitive information (such as credit card data), the information is encrypted and transmitted to us in a secure way. You can verify this by looking for a closed lock icon at the bottom of your web browser, or looking for "https" at the beginning of the address of the web page.
While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (e.g. billing or customer service) are granted access to personally identifiable information as well as having undergone privacy training. The computers/servers on which we store personally identifiable information are kept in a secure and monitored environment.
We add a pixel to all emails sent which are used to track opens from the recipient, we'll then use that for reporting purposes and to enhance user experience.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
How do we ensure your personal information is accurate?
All of the personal information we collect comes directly from you, in which case you are in control of its accuracy. Information that is found to be inaccurate, either through our own audits or following your request for correction, is updated.
What are your rights?
Under the General Data Protection Regulation (GDPR) and The Data Protection Act 2018 (DPA) you have a number of rights with regard to your personal data. Providing your information to us is voluntary. The purpose for collecting personal information is to enable us to provide our services to you.
If we use your personal information for sales or marketing purposes, you can ask us to stop at any time and we will do so.
At any time, you have the right to request from us access to and rectification or erasure of your personal data, the right to restrict processing, objections to processing as well as in certain circumstance the right to data portability.
Therefore, you may opt out of any future contacts from us at any time. You can do the following at any time by contacting us via the email address or phone number given on our website:
Making a request
If you would like to make a request on any of the above, please write or email us at: firstname.lastname@example.org using GDPR as the subject header.
A response will be provided within a month from when the request was brought to the attention of the company. We do have the right to refuse or charge for requests that are ‘manifestly unfounded or excessive’.
If we refuse a request, we will tell you (‘the individual’) the reasoning behind the refusal and that you do have the right to complain to the supervisory authority. We will do this within the month from which the information was requested.
We will not sell, distribute or lease your personal information to third parties under any circumstance unless we are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen.