CAMBRIDGE CHOCOLATE TECHNOLOGIES LTD ("We")

are committed to protecting and respecting your privacy.

This policy (together with our terms of use and any other documents referred to on it) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

CAMBRIDGE CHOCOLATE TECHNOLOGIES LTD of MCCLINTOCK BUILDING GRANTA PARK, GREAT ABINGTON, CAMBRIDGE, CAMBS, ENGLAND, CB21 6GP is a controller of Your personal data in the course of the operating of online store (Data Controller).

We are committed to complying with the Regulation (EU) No 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as "the GDPR".

We will notify You any updating of This Policy on our website. If you need to contact us, please write to:

  • CHOCOLATE TECHNOLOGIES LTD of MCCLINTOCK BUILDING GRANTA PARK, GREAT ABINGTON, CAMBRIDGE, CAMBS, ENGLAND, CB21 6GP;
  • via e-mail : contact@esthechoc.com

This Policy was last updated on 25 May 2018.

Information we may collect from you

We may collect and process the following data about you:

  • Information you give us.
    You may give us information about you by filling in forms on our site //www.esthechoc.com/ (our site) or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use our site, subscribe to our service, search for a product, place an order on our site, participate in discussion boards or other social media functions on our site, enter a competition, promotion or survey and when you report a problem with our site. The information you give us may include your name, address, e-mail address and phone number, financial and credit card information, personal description.

  • Information we collect about you.
    With regard to each of your visits to our site we may automatically collect the following information:

    • technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;

    • information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.

  • Information we receive from other sources.
    We may receive information about you if you use any of the other websites we operate or the other services we provide. In this case we will have informed you when we collected that data that it may be shared internally and combined with data collected on this site. We are also working closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.

Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For detailed information on the cookies we use and the purposes for which we use them see our Cookie policy.

Uses made of the information

Purposes for which we will use the information about you

Legal Basis

Relevant information about you

Information you give to us

to carry out our obligations arising from any contracts entered into between you and us

Article 6.1.b of the GDPR

Country, first name, surname, address, e-mail address

to provide you with the information, products and services that you request from us

Article 6.1.b of the GDPR and Article 6.1.f of the GDPR

e-mail address

to provide you with information about other goods and services we offer that are similar to those that you have already purchased or enquired about

Article 6.1.f of the GDPR

e-mail address

to provide you by electronic means with information about goods or services we feel may interest you, but only if you consented for this (if you do not want us to use your data in this way, please do not tick the relevant box situated on the form on which we collect your data (the order form))

Article 6.1.f of the GDPR

e-mail address

to permit selected third parties to use your data and to contact you by electronic means for the purposes of their own products marketing, but only if you have expressly consented to this (if you do not want us to use your data in the ways described above, please do not tick the relevant box situated on the form on which we collect your data (the order form) )

Article 6.1.a of the GDPR

e-mail address

to notify you about changes to our service

Article 6.1.b of the GDPR

e-mail address

to ensure that content from our site is presented in the most effective manner for you and for your computer

Article 6.1.f of the GDPR

Information we collect about you

to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes

Article 6.1.b of the GDPR, Article 6.1.f of the GDPR

Country, first name, surname, address, e-mail address

to improve our site to ensure that content is presented in the most effective manner for you and for your computer

Article 6.1.f of the GDPR

to allow you to participate in interactive features of our service, when you choose to do so

Article 6.1.b of the GDPR, Article 6.1.f of the GDPR

to keep our site safe and secure

Article 6.1.c of the GDPR

to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you

Article 6.1.f of the GDPR

to make suggestions and recommendations to you and other users of our site about goods or services that may interest you or them

Article 6.1.f of the GDPR

Information we receive from other sources

Data retention period

The length of time that we will store your data will depend on the ‘legal basis’ for why we are using that data, as follows:

Legal basis

Length of time

Where we use/store your data because it is necessary for the performance of the contract between you and us

We will use/store your data for as long as it is necessary for the performance of the contract between you and us

Where we use/store your data because it is necessary for us to comply with a legal obligation to which we are subject

We will use/store your data for as long as it is necessary for us to comply with our legal obligations

Where we use/store your data because it is in the public interest

We will use/store your data for as long as it remains a matter of public interest for us to do so. The law sets out what matters are considered to be in the public interest, and we will use/store your data in accordance with those requirements

Where we use/store your data because it is necessary for our legitimate business interests

We will use/store your data until you ask us to stop. However, if we can demonstrate the reason why we are using/storing your data overrides your interests, rights and freedoms, then we will continue to use and store your data for as long as it is necessary for the performance of the contract between you and us (or, if earlier, we no longer have a legitimate interest in using/storing your data)

Where we use/store your data because you have given us your specific, informed and unambiguous consent

We will use/store your data until you ask us to stop

To determine the appropriate retention period for personal information, we consider the amount, nature and sensitive of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

Disclosure of your information

We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.

We may share your information with selected third parties including:

  • Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.
  • Advertisers and advertising networks that require the data to select and serve relevant adverts to you and others, but if it does not relate to our products advertising - only if you gave us an explicit consent to transfer your data for that purpose.
  • Analytics and search engine providers that assist us in the improvement and optimisation of our site.
  • Credit reference agencies for the purpose of assessing your credit score where this is a condition of us entering into a contract with you.

We may disclose your personal information to third parties:

  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
  • If CAMBRIDGE CHOCOLATE TECHNOLOGIES LTD or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use or terms and conditions of supply and other agreements; or to protect the rights, property, or safety of CAMBRIDGE CHOCOLATE TECHNOLOGIES LTD our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

You will be informed about any kind of reorganisation of our business which could require disclosure of your personal data to third parties.

You will be informed whenever we are about to transfer your personal data outside the EU.

Where we store your personal data

The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

How we secure your data

We deploy security and monitoring tools that restrict access and alert us to any unauthorised behaviour on our network and systems. All data transfers are carried out using multi-layered security measures to ensure data integrity and privacy. We apply industry-standard firewall protection and use up to date, not compromised, encryption technology. We carry out regular penetration testing and employ ethical hackers to ensure our infrastructure is secure and any intrusion would be quickly detected. Access to our premises where we store your data are monitored with on-site security and CCTV traceability. We ensure our employees are trained in the importance of data security. Whenever we will transfer your personal information outside the EU, we will ensure a similar degree of protection is afforded to it by ensuring that we apply appropriate safeguards (either by transferring data only to recipients in the European Union, to recipients in countries approved by the European Commission, to recipients that are party to the EU-US Privacy Shield, or by using specific contracts approved by the European Commission).

Your rights

You have various legal rights in relation to the information you give us, or which we collect about you, as follows:

  • You have a right to access the information we hold about you free-of-charge, together with various information about why and how we are using your information, to whom we may have disclosed that information, from where we originally obtained the information and for how long we will use your information.
  • You have the right to ask us to rectify any information we hold about you that is inaccurate or incomplete.
  • You have the right to ask us to erase the information we hold about you (the ‘right to be forgotten’).
  • You have the right to ask us to stop using your information where: (i) the information we hold about you is inaccurate; (ii) we are unlawfully using your information; (iii) we no longer need to use the information; or (iv) we do not have a legitimate reason to use the information. Please note that we may continue to store your information, or use your information for the purpose of legal proceedings or for protecting the rights of any other person.
  • You have the right to ask us to transmit the information we hold about you to another person or company in a structured, commonly-used and machine-readable format. Please note that this right can only be exercised in certain circumstances and, if you ask us to transmit your information and we are unable to do so, we will explain why not.
  • Where we use/store your information because it is necessary for our legitimate business interests, you have the right to object to us using/storing your information. We will stop using/storing your information unless we can demonstrate why we believe we have a legitimate business interest which overrides your interests, rights and freedoms.
  • Where we use/store your data because you have given us your specific, informed and unambiguous consent, you have the right to withdraw your consent at any time.
  • You have the right to object to us using/storing your information for direct marketing purposes.

You can exercise your right to prevent the processing you do not want us to perform by checking certain boxes on the forms we use to collect your data. You can also exercise any of the above rights at any time by contacting us at contact@esthechoc.com.

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

Changes to our privacy policy

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to contact@esthechoc.com.

Buy esthechoc online