PRIVACY POLICY

Berries Direct Farming Limited (“we”) are committed to protecting and respecting your privacy. This policy (together with our Terms of Use and any other documents referred to on it) sets out the basis on which we collect, use and process personal data relating to users (referred to in this policy as “you”) of the Berries Direct Farming website, www.berriesdirect.co.uk (“our site”) and related services. Please read the following carefully to understand our views and practices regarding your personal data how we will treat it.

We are the Data Controller for the purposes of the Data Protection Act 2018 (the Act), the EU General Data Protection Regulation (GDPR) and any other data protection legislation applicable in the UK from time to time. We are a registered company (registered company number – 8021810, registered address – Rumwood Green Farm, Langley, Maidstone, Kent, ME17 3ND).

Periodically we will review and update this policy. This may be to reflect a change in the goods or services we offer or to our own internal procedures or it may be to reflect a change in the law.

The easiest way to check for updates is by looking for the latest version of this policy on our website www.berriesdirect.co.uk or you can contact us (see How you can contact us) to ask us to send you the latest version of our policy.

How you can contact us

If you have any questions or comments, or if you want to update, delete, or change any personal information we hold, or you have a concern about the way in which we have handled any privacy matter, please contact us at hello@berriesdirect.co.uk. You may also contact us by post at Berries Direct Farming Ltd, Rumwood Green Farm, Langley, Maidstone, Kent, ME17 3ND, UK.

Information We May Collect from You

We collect:

  • personal data that you provide to us. In the event you contact us, we will receive any personal data which you include as part of your enquiry such as name, email, as well as any other personal data you may provide.

  • personal data about your use of our website. This includes details such as your IP address, browser, network and device, time zone setting as well as details of web pages you visited prior to coming to our website, clicks, internal links pages visited, scrolling, searches and timestamps. This information is shared with Squarespace, our website analytics and hosting provider, to learn about site traffic and activity and to protect and improve its platform and services. Squarespace evaluates the data in a de-personalised form.

Use of personal information

We use your personal data in the following ways:

  • personal data that you provide to us is used to:

    • verify your identity (if you contact us) and manage and respond to your enquiry;

  • provide you with the information, products and services that you request from us;

  • manage and administer our business;

  • review and improve our goods and service.

  • personal data about your use of our website is used to:

    • administer our website and for internal operations, including troubleshooting, data analysis, testing and statistical purposes;

  • to improve our website to ensure that content is presented in the most effective manner for you and for your computer or mobile device;

  • as part of our efforts to keep our site safe and secure.

Cookies

Our website uses cookies to allow visitors to navigate and use key features on our website and to show us how visitors interact with our site. For detailed information on the cookies we use and the purposes for which we use them see our Cookie policy.

Legal Basis and Consent for processing your personal data

We process your personal data in order to maintain a business relationship with you or to serve legitimate interests in growing our business and developing new customer relationships with you. In the day to day running of our business we may use your personal data without asking for your consent because:

  • we are entering into and carrying out a contractual relationship with you;

  • we need to use your personal data for our own justifiable purposes (such as the administration and management of our business or the billing and/or payment of services) and our doing so will not interfere with your privacy rights;

  • we are subject to legal responsibilities that require us to use your personal data in certain ways (such as disclosing information to HMRC).

In certain circumstances, we may wish to use your personal data for a different purpose which does require your consent. In these circumstances, we will contact you to explain how we wish to use your data and to ask for your prior written consent. You are not required to give consent just because we ask for it. If you do give consent you can change your mind and withdraw it at a later date.

Personal data you are legally obliged to provide

You are not under a legal obligation to provide us with any of your personal data but please note that if you choose not to provide us with your personal data we may be unable to respond to your enquiry or provide you with the information, goods or services you have requested.

Your Rights

Under the GDPR you have a number of rights in relation to your personal data.

  • The right to be informed about our collection and use of your personal data.

  • The right to access the personal data we hold about you.

  • The right to correct any inaccurate or incomplete personal data.

  • The right to erasure of your personal data.

  • The right to have your data transferred to you or a third party in a common format.

  • The right to object to direct marketing.

  • The right to object to our use of your data for our own legitimate interests.

  • The right to restrict the processing of your personal data.

  • The right not to be subject to decisions made by an automated system which produces legal effects or otherwise substantially affects you.

If you wish to make a complaint about our collection or use of your personal data, please contact us in the first instance so that we may seek to resolve your complaint (see the section on How you can contact us for details).

You have the right to lodge a complaint about our compliance to the Information Commissioner’s Office (ICO), the statutory body which oversees data protection law in the UK. Please visit the ICO website if you wish to lodge a complaint with the ICO.

When we will share your personal data with others

We do not share the personal data we hold about you with anyone outside of our business unless you specifically ask us to and/or it is a contractual requirement. We share your data with the following people in the day to day running our business:

  • other companies that are part of the Rumwood Green Farm Limited group of companies if they are better placed to respond to your enquiry, based on your location or on the content of your enquiry;

  • the business partners, suppliers and sub-contractors we work with to provide you with information, goods or services that you have requested from us;

  • internet hosting providers to host the site, analytics and search engine providers that assist us in the improvement and optimisation of our site.

Other organisations (“processors”) may have access to and may process your data during the course of their work with us. These are:

  • Electronic secure technology platform

  • Our advisors such as external lawyers and accountants

We may also share your personal information with third parties on a one-off basis, for example, if:

  • we sell or buy any business or assets (including our own), in which case we will disclose your personal data to the prospective seller or buyer of such business or assets; or

  • we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our website terms and other agreements; or to protect the rights, property, or safety of our customers, ourselves or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

Safeguarding Your Information

Your personal data is stored in electronic and physical records maintained by us and our service providers. By submitting your personal data, you agree that we may transfer, store or process your personal data.

We take reasonable and appropriate measures to protect personal information from loss, misuse and unauthorised access, disclosure, alteration and destruction, taking into account the risks involved in the processing and the nature of the personal information. Some of the security measures we take include:

  • only storing your personal data on our secure servers and technology platforms;

  • maintaining up to date anti-virus software and firewalls to minimise the risk of unauthorised access to our systems.

When we will send your personal data to other countries

Your personal data may be transferred and stored outside of the European Economic Area (EEA) where necessary for the purpose outlined in this Privacy Policy by us or by our sub-contractors. Where we, or our sub-contractors, use IT systems or software that is provided by non-UK companies, your personal data may be stored on the servers of these non-UK companies outside the EEA.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

Supplier

Description of transfer

Destination

Safeguards

Squarespace

Used to host and manage Berries Direct Farming Ltd Website.

USA

Yes – supplier follows EU – US Privacy Shield Principles.

Retention of Data

We only retain your personal data for as long as necessary to fulfil the purpose for which it was collected or to comply with legal or regulatory requirements. The retention period is the term of your (or your company’s) supply or service contract, plus the period of time until the legal claims under this contract become time-barred, unless overriding legal or regulatory schedules require a longer or shorter retention period.  When this period expires, your personal data is removed from our active systems.

If you have any questions about our data retention practices, please contact us as outlined in this Policy (see the section on How you can contact us for details).

Access

We will give an individual access to any personal information we hold about them within one month of any request for that information. Individuals may request to exercise the rights set out above by contacting us (see the section on How you can contact us for details). Unless it is prohibited by law, we will remove any personal information about an individual from our servers at your or their request. There is no charge for an individual to exercise their rights.