PRIVACY POLICY

This Privacy Policy sets out how we will treat all personal information that arises out of your use of the website (www.onlinespyshop.co.uk), (the “Site”).

We are OSS Technology Limited t/a Online Spy Shop, a company registered in England and Wales (Company No. 06986542) with its registered accounts office at 76 Manchester Road, Denton, Manchester, M34 3PS. Our main trading address is Landmark House, Station Road, Cheadle Hulme, SK8 7BS, UK. Our VAT number is GB 916 6388 94. (“we”, “our”, “us”, “the Company”).

We are a “Data Controller” for the purposes of the Data Protection Act 2018 and the General Data Protection Regulation ((EU) 2016/679) (“GDPR”) whilst undertaking our business services.

The Online Spy Shop web site Privacy Policy is a live document and will evolve and change to meet changes in technology and new business practices and as such we reserve the right to make changes, amendments and updates at any time.

If you have any questions regarding the Privacy Policy of Online Spy Shop or any information that we hold on you, then you may contact us at:

OSS Technology Ltd
Landmark House
Station Road
Cheadle Hulme
Cheshire
SK8 7BS
United Kingdom

Tel: 0161 537 0550
International: +44 (161) 537 0550

IN SUMMARY:

We only use your personal information when you purchase through our website to package and dispatch the product/s to you. We never sell, rent, share or otherwise distribute or make public your personal information. Furthermore, we do not, nor have we ever, marketed directly to our customers about our services and/or products without express permission. We may periodically promote ourselves via opt-in newsletters, of which we send very few. Customers that do opt-in to our newsletters can opt-out just as easily by unsubscribing through any newsletter received.

We believe the buying process should be made easy to navigate, easy to understand, be transparent on pricing and delivery and that your personal data should only be used to fulfil an order. Any personal data that we lawfully retain is securely held and is processed for legitimate business purposes that are not outweighed by your rights, including identifying you in the event of product support should you need to contact us.

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard the information we collect online

1. DATA PROTECTION PRINCIPLES

We will comply with data protection law and principles, which means that your information will be:

  • Used lawfully, fairly and in a transparent way;
  • Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
  • Relevant to the purposes we have told you about and limited only to those purposes;
  • Accurate and kept up to date;
  • Kept only as long as necessary for the purposes we have told you about; and
  • Kept securely.
2. PERSONAL INFORMATION THAT THIS WEBSITE COLLECTS

If you purchase products from us or communicate with us, we will collect personal data about you. We will collect, store and use the following types of personal information about you:

  • First name, surname;
  • Company name;
  • Billing and delivery address;
  • Telephone number;
  • Email address;
  • Bank and transaction details such as details about payments to and from you and other details of product/s and service/s you have purchased from us;
  • Technical information such as IP address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website;
  • Information about our service to you, including username and password (if applicable), purchases or orders made by you, your preferences and any feedback you give us; and
  • Records of your correspondence with us if you contact us.
3. HOW IS IT COLLECTED

We collect your personal information through different methods, including:

  • Direct interactions with you by telephone, email or through the contact form of the site; and Automated technologies or interactions.
  • As you interact with our Website, we may automatically collect technical information about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies.
4. HOW WE USE YOUR INFORMATION

We will only use your personal information when the law allows us to. Most commonly, we will use your personal data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you;
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; or
  • Where we need to comply with a legal or regulatory obligation.

Generally, we do not rely on consent as a legal basis for processing your personal information other than sending third-party direct marketing communications to you via email. You have the right to withdraw consent to such marketing at any time

5. WHY IT IS COLLECTED

This website collects and uses personal information that you provide to us for:

  • Fulfilling an order placed by you on the website;
  • Our verification process;
  • To complete the dispatch and delivery of product/s to your specified address; and
  • To correctly identify you to provide customer support to you when requested.

If you fail to provide certain information when requested either by law or under the terms of a contract we have with you, and you fail to provide that information when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods).

6. SHARING YOUR INFORMATION

We may need to share your delivery details (name and address) with any of our product suppliers and the courier services we use to fulfil an order and ensure that you are kept informed of the delivery status and that products arrive at your delivery destination promptly.

Third-party providers include the following:

  • Newsletters
  • eKomi Customer Feedback
  • Paid on Results Affiliation
  • Sagepay, Worldpay, Stripe, ApplePay and PayPal Payment Processors
  • Royal Mail, DPD, DHL, Interparcel, FedEx, UPS) Delivery Couriers

Any third parties will be bound by contractual provisions with us and only have access to personal data to perform the described purposes and not use it for other purposes. Further, they must process the personal data under this Privacy Policy and as permitted by the GDPR and the Data Protection Act 2018, the Privacy and Electronic Communications (EC Directive) Regulations 2003 and the E-Privacy Regulations when it comes into effect.

We will disclose your information if we are required to so by law. We may disclose your information to enforcement authorities if they ask us to, or to a third party in the context of actual or threatened legal proceedings, provided we could do so without breaching data protection laws.

If this business is sold or integrated with another business, your details may be disclosed to our advisers and any prospective buyer/s and their advisers and will be passed on to the new owners of the business. In this case, you will be informed of any change in ownership in our business.

7. PAYMENT PROCESSING

When you place an order with us, any data you provide is encrypted using a Secure Socket Layer (SSL) session. SSL is industry-standard and widely used as a measure to guard against Internet messages being intercepted. The use of older browsers do not use SSL; therefore, please use Netscape (version 4.05) or above, Microsoft Internet Explorer (version 4) or above, or any similar updated and modern browser, for example, Firefox or Opera.

We do not store or have access to full credit card details on our server. The card details we can view are the last four digits of your card and the fraud score generated by the associated third party card vendors. Credit and debit cards are processed in strict compliance by third-party vendors (depending on your chosen purchase transaction method). All payment vendors we use have the highest level of card data security (PCI DSS Level 1 compliant), and security and fraud reduction are two top priorities to keep your data secure, which is why thousands of business already entrust the security.

8. SITE VISITATION TRACKING

The Site uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies to help us analyse how users use the Site. The information generated by the cookie about your use of the Site (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information to evaluate your use of the Site, compiling reports on Site activity for operators, and provide other services relating to website activity and internet usage.

Google may also transfer this information to third parties required to do so by law or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. Google lists the cookies used by its analytics service on the following web page: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage.

Using this Site, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

9. COOKIES

Our site uses cookies to distinguish you from other users of our Site. This helps us to provide you with a good experience when you browse our Site and also allows us to improve our Site. By continuing to browse the Site, you agree to our use of cookies.

A “cookie” is a piece of information stored on your computer, tablet or phone to recognise your browser and records how you have used a website. This means that when you revisit that website, it can give you tailored options based on the information it has stored about your last visit. You can normally alter the settings of your browser to prevent it from accepting cookies.

9.1 HOW DO WE USE COOKIES?

We may use cookies to improve the Site works and monitor how people use our Site. This helps us understand how people use our Site to develop and improve the Site's design, layout, and function.

The cookies we use are explained below:

9.2. NECESSARY COOKIES:

These are cookies that are required for the operation of our website and are completely anonymous. Below are examples of when or why we will use these cookies:

  • To help the website to function and enhance the look and feel of the website;
  • To ensure you are always provided with a quick and responsive browsing experience;
  • Our web servers respond to your actions on the website or browsing the website. The website would not be able to work without it; and
  • They also help to improve navigation around our website and allow you to return to pages you have previously visited.
9.3. FUNCTIONALITY COOKIES:

These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences. Below are examples of when we will use these cookies:

  • As soon as you visit the website, a cookie on your device will identify you have returned to the website and record your preferences;
  • Remembering your choice of language or region; and
  • When submitting a comment to one of our blogs, the information you enter is remembered to make it easier for you to comment next time.
9.4. THIRD-PARTY COOKIES:

Third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies. You can block cookies by activating your browser's setting that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies), you may not be able to access all or parts of our site. This clause should be read in conjunction with the terms and conditions of our Site's use, which also appear on our Site.

Payment processors, which you access or use through the site to place an order with us, may also send cookies to your browser to properly track and identify you when you use their services. These cookies would only be used to ensure secure and reliable identification. At the same time, you follow any payment or money-related procedures or services and would always be deleted upon completing an order. Please check you agree with any such payment processor’s cookies policy if you are concerned.

10. HOW TO DISABLE COOKIES

If you do not wish to receive cookies that are not strictly necessary to perform our Site's basic features, you can set your browser to reject cookies or tell you when a website tries to put a cookie on your computer.

Most web browsers will accept cookies, but if you would rather that we did not collect data in this way, you can choose to accept all or some or reject cookies in your browser’s privacy settings. Rejecting all cookies means that certain features on the Site cannot then be provided to you, and accordingly, you may not be able to take full advantage of all our Site’s features. The “Help” menu in the bar of most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie and how to disable cookies altogether. Additionally, you can disable or delete similar data used by browser add-ons, such as Flash cookies, by changing the add-on's settings or visiting its manufacturer's website.

10.1 FURTHER INFORMATION:

For more general information on cookies and how to disable them, please go to the Information Commissioner’s webpage on cookies: https://ico.org.uk/for-the-public/online/cookies.

11. SOCIAL MEDIA

Any social media posts or comments you make (on the Online Spy Shop Facebook page, for instance) will be shared under the terms of the relevant social media platform (e.g. Facebook / Twitter) on which they are written and could be made public.

Other people, not us, control these platforms. We are not responsible for this kind of sharing. We recommend reviewing the terms and conditions and privacy policies of the associated social media platforms you use. That way, you will understand how they will use your information, what information relating to you they will place in the public domain, and how you can stop them from doing so if you are unhappy about it.

Any review, post or comment you make about us, our products and services on any social media platform, or user community services will be shared with all other members of that service and the public at large. Any comments you make on these services and social media, in general, must be not offensive, insulting or defamatory. You are responsible for ensuring that any comments you make comply with any relevant policy on the acceptable use of those services.

12. BLOG

Should you leave a comment to any post/s published on our blog, the details that you leave with your comment will be saved to this website’s database along with your computer IP address and the time and date you submitted the comment. This information is only used to identify you as a contributor to the comment section for the respective blog post and is not passed to any third party data processors. Only your name will be shown on the public-facing website.

Your comment and its associated personal data will remain on this site until we see fit to either remove the comment or remove the blog post. Should you wish to have the comment and its associated personal data deleted, please email us at [email protected]

If you are under the age of 16, you must obtain parental consent before posting a comment on our blog. Regardless of age, you should avoid entering personally identifiable information to the actual comment field of any blog post comment/s that you submit on this website.

13. LINKS TO THIRD PARTY WEBSITES

If we have included links on this site to any other sites, it is for your personal use and references only. We are not responsible for the privacy policies on these websites. Online Spy Shop has no control of any linked web site's content and is not responsible for these websites or their content or availability. You should be aware that the privacy policies of these sites may differ from our own.

14. EMAIL NEWSLETTERS

If you choose to join our email newsletter, the email address submitted to us will be forwarded to the MailChimp who provide us with email marketing services. We consider MailChimp to be a third party data processor. The email address submitted will not be stored within this website’s own database or in any of our internal computer systems.

Your email address will remain within MailChimp’s database for as long as we continue to use MailChimp’s services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links in any email newsletters we send you or requesting removal via email. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.

If you are under 16 years of age, you must obtain parental consent before joining our email newsletter. While your email address remains within the MailChimp database, you will receive periodic newsletter-style emails from us.

15. CUSTOMER FEEDBACK

If you choose to submit feedback about your experience using the Online Spy Shop website and/or products, the comments you leave are collected by eKomi and transparently displayed for other viewers to read on our website. eKomi is an independent feedback company and provider of transaction-based reviews and ratings. eKomi is a Google worldwide partner with over 250+ employees with headquarters in Berlin, Germany, Los Angeles, California, and offices in London, Paris, Madrid, and San Francisco.

eKomi receives no PII End customer information from the database of the company via the interface. Only an anonymous order transaction ID will be transmitted. In case that eKomi is providing the service of sending the review invitation email, the necessary personal information will be transmitted and used only for this exact purpose. After the expiry of the retention period set out in section 18, this data will be deleted.

16. LIVE CHAT

Our website uses a live chat service to provide you with relevant information about our products and/or services before purchasing or providing product support when requested. When the live chat is enabled, and you visit our website, we can view information relating to your navigation; however, we cannot identify you. A random Visitor ID is assigned to you that displays geographic location, web browser, duration, web page, referrer (e.g., Google) and the number of previous visits. Should you choose to correspond with us through the live chat, any correspondence between you and ourselves is temporally stored in the live chat history and erased after 7 days on a regular rolling basis.

17. PAID ON RESULTS

We use a third-party affiliation program to promote ourselves through verified and accepted businesses that sign up with Paid on Results. When a business/company explicitly signs up through the Paid on Results affiliation program and is then accepted by ourselves, that registered business/company then places graphic banners or URL links on their own website encouraging their customers to click through to our website to browse our product range and potentially make a purchase. Successful purchases result in a 5% commission of the overall sale value of the product/s (excluding VAT) to that associated affiliation business/company.

Paid on Results use cookies that remain for up to 30 days on the user's computer, tablet or phone when they click through to our website from the associated affiliation website, enabling Paid on Results to verify the business/company to who we pay our commission.

We do not collect or store any information on our servers from any business/company that signs up with the Paid on Results affiliation program; however, we can see the Order Number of any purchaser through the Paid on Results dashboard. This allows us to cross-reference with our customer database to verify the purchase was successful and that no returns have been requested to pay the commission.

18. SECURITY

Amazon Web Services (AWS) hosts this website within its cloud infrastructure to provide a secure, resizable compute capacity in the cloud and the broadest and deepest compute platform with the fastest processors and the most powerful GPU instances any other cloud technology.

All traffic between this website and your browser is encrypted and delivered over HTTPS.

19. HOW LONG WE KEEP YOUR INFORMATION

To make sure we meet our legal data protection and privacy obligations, we only hold on to your information for as long as we actually need it for the purposes we acquired it for in the first place. This means we will keep your information for as long as you continue to use our services and provide customer support and a reasonable period of time afterwards if you stop doing so. After that, we will delete it other than where we lawfully can keep any data for audit or legal reasons, i.e. for a period of 7 years.

We shall keep data on our prospect database for not longer than 3 years from receipt subject to an individual’s right to unsubscribe or to be forgotten at any time.

20. INDIVIDUAL’S RIGHTS

The personal information we hold about you must be accurate and current. Please keep us informed if your personal information changes during your business relationship with us.

Under certain circumstances, by law, you have the right to:

a) Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and check that we are lawfully processing it.

b) Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

c) Request erasure of your personal information. This enables you to delete or remove personal information where there is no good reason for us to continue to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).

d) Object to processing your personal information where we rely on a legitimate interest (or those of a third party), and there is something about your particular situation that makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.

e) Request the restriction of processing your personal information. This enables you to ask us to suspend the processing of personal information about you, for example, if you want us to establish its accuracy or the reason for processing it.

f) Request the transfer of your personal information to another party.

g) If you want to review, verify, correct, or request erasure of your personal information, object to the processing of your personal data or request that we transfer a copy of your personal information to another party, please contact us at [email protected] Please note, there are some specific circumstances where these rights do not apply, and we can refuse to deal with your request.

You will not have to pay a fee to access your personal information (or exercise any of the other rights). However, we may charge a reasonable fee if your access request is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

We may need to request specific information from you to confirm your identity and ensure your right to access the information (or exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.

21. ACCESS TO YOUR INFORMATION

When opening a customer account with us, you have full access to your account at any time to keep track of your purchases; furthermore, you can anonymise data, request the information we hold about you, and delete your customer account. You can also email or write to us at any time to obtain details of the personal information we may hold about you. Please email: [email protected] or write to the Data Protection Officer, OSS Technology Ltd, Landmark House, Station Road, Cheadle Hulme, SK8 7BP.

22. DATA BREACHES

We will report any personal data breach, including any breach of this website’s database or the database(s) of any of our third-party data processors to affected data subjects and the ICO within 72 hours of the breach if it is apparent that there is a risk that data subject’s rights and freedoms have been affected.

Last updated: 23rd March 2021.