top of page

Privacy Policy

Data Security

We are committed to protecting the security of your personal data. We use appropriate technical and organisational measures to protect your personal data from unauthorized access, use, disclosure, alteration, or destruction.

 

Some of the measures we take to protect your personal data include:

​ - Encryption: We use encryption to protect your personal data while it is in transit to and from our website. This includes using secure socket layer (SSL) technology to encrypt data transmitted over the internet.
 - Access control: We limit access to your personal data to only those employees, contractors, and service providers who have a need to access it. We also require them to be subject to strict confidentiality obligations and we monitor their access.
 - Incident response: We have a data breach response plan in place to respond to any security incidents involving personal data quickly and effectively. This includes promptly investigating and remedying the cause of the incident and notifying you and any relevant regulatory authorities as required by law.

​

In the event of a personal data breach, we will promptly notify the Information Commissioner's Office (ICO) and any affected individuals within 72 hours, as mandated by the General Data Protection Regulation (GDPR).
While we take reasonable steps to protect your personal data, no method of transmission or storage is completely secure, and we cannot guarantee its absolute security. You are responsible for keeping your login credentials, if any, confidential and for not sharing them with anyone.

Data Sharing

We do not share your personal data with third parties for marketing purposes. However, we may share your personal data with service providers who help us fulfill your orders and provide our products and services to you. These service providers are bound by data protection agreements and are not permitted to use your personal data for any other purposes.
We may also share your personal data with law enforcement or other government agencies when required by law or in response to a valid legal request.

Your Rights

Chayel UK would like to make sure that you are fully aware of all your data protection rights.

 

You are entitled to the following:

- Right to be informed: You have the right to be informed about how your personal data is being used and processed.
- Right of access: You have the right to request access to the personal data that a company holds about you.
- Right to rectification: You have the right to request that any inaccurate or incomplete personal data be corrected or updated.
- Right to withdraw consent: You can withdraw your consent to the processing of your personal data at any time if the legal basis for collecting the information is consent. We will stop processing your personal data as soon as we receive your withdrawal of consent.
- Right to erasure: You have the right to (under certain circumstances) ask for your personal data to be erased where:
- Your personal data is no longer necessary in relation to the purpose for which it was collected/processed;

- You withdraw your consent or object to the processing and there is no overriding legitimate interest to continue processing;

- You object to the processing and there are no overriding legitimate grounds for the processing;
- You object to the processing and your personal data was processed for direct marketing purposes.

- Right to restrict processing: You have the right to request that the processing of your personal data is restricted under certain circumstances.
- Right to data portability: You have the right to request a copy of your personal data in a structured, commonly used, and machine-readable format.
- Right to object: You have the right to object to the processing of your personal data in certain circumstances.
- Rights related to automated decision-making and profiling: You have the right to not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.
- Right to Lodge Complaint: You also have the right to lodge a complaint with a supervisory authority if you believe that your data protection rights have been violated. The supervisory authority in the UK is the Information Commissioner’s Office (ICO).

​

If you make a request, we have one month to respond to you. Please see our contact details below.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes to this Privacy Policy by posting a notice on our website or by sending you an email.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us. If you would like to exercise any of these rights, please contact us by email: sales@chayel.co.uk

 

 

Last update: 12/11/2024

bottom of page