Privacy & Cookies Policy

Blue Seal Privacy & Cookies Policy


We, Blue Seal Limited (a company registered in England and Wales with registration number 343726 and registered address Unit 67 Gravelly Industrial Park, Erdington, Birmingham, West Midlands, B24 8TQ) are committed to compliance with our obligations under relevant data protection laws.  This means the Data Protection Act 2018 (UK only), Data Protection Act 2018 (Republic of Ireland only) and the General Data Protection Regulation (2016/679) (UK and Republic of Ireland) (together Data Protection Laws”).

Please take a moment to read this Privacy and Cookies Policy as its purpose is to set out our information handling practices and to explain how Blue Seal Limited uses, discloses, transfers and otherwise processes your personal data collected through your use of the website at www.blue-seal.co.uk (the “Website”), and how we use cookies in the operation of the Website.  Except where otherwise indicated, all references in this Policy to “we”, “our” and “us” means Blue Seal Limited.
We are a data controller of your personal data (the categories are as detailed below) which is collected through the Website and we process it to fulfil orders placed through the Website (including the sales platform on the Website). We are registered as a fee payer with the Information Commissioner’s Office (“ICO”) (www.ico.org.uk) (the UK’s data protection authority).  Our ICO registration number is ZA195833.

1. What personal data we collect from you

For the purpose of this Privacy and Cookies Policy, "personal data" means any information relating to an identified or identifiable natural person.  An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to a an identifier such as a name, an identification number, location data, an online identified or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person,

The type of personal data collected by us may differ depending on the information you provide to us when you place an order or submit an enquiry through the Website. The type of personal data we may collect (or otherwise process) includes:

Contact details:
  • your title, forename and surname;
  • your personal or work related e-mail address (depending on which you choose to submit and on whether you are a consumer customer or representative of a business customer);
  • your other personal or work related contact details (depending on which you choose to submit) such as your fax numbers, postal address and telephone number(s) (including mobile number(s)) (in addition to your e-mail address mentioned above) and business name (if a business customer).

Details relating to creating a user account/making purchases with us:
  • your contact details (as set out above);
  • your password (which enables us to create a user account and provide you with your unique customer ID);
  • your unique customer ID;
  • your payment card details (in respect of any purchase you make through the Website);
  • your purchases.

Business customer related details:

If applicable, in particular if you are a business customer, we may also require:
 
  • your contact details (as set out above) and details relating to creating a user account/making purchases with us (as set out above);
  • details of your company's registration number, financial information including bank account and credit card details, profit and loss statements, balance sheets;
  • your employer details and your occupation.
     
Website usage details:

Furthermore, when you visit the Website, we may make a record of your visit. The following standard information may be logged and used for the statistical purposes and to help us improve the operation of the Website:
  • your internet protocol (IP) address (which in certain circumstances may constitute your personal data);;
  • the date and time of your visit to our Website;
  • the pages that you have accessed or downloaded on or from our Website; and
  • the type of operating system and browser you are using to access the Website.
  • Our collection of this type of information may also involve the use of cookies. Please refer to the Cookies section below for more information.

2. What are the legal grounds for our processing of your personal data through the Website for the relevant purposes?

Data protection laws require us to explain the legal grounds to justify our processing of your personal data. For some processing more than one legal ground may be relevant. Details as follows:

1) Processing necessary for the performance of a contract with you (or in order to take steps at your request prior to entering into a contract) (this lawful ground only applies where you are dealing with us as an individual, sole trader or a partnership):
  1. providing you with our products and services;
  2. managing and administering the product and service;
  3. providing quality assurance for our products and services;
  4. responding to your enquiries and feedback regarding our business, our products and our services;
  5. enforcing the terms and conditions of sale/supply with you;
  6. to contact you by fax, post, e-mail or phone for any of the above reasons; and
  7. to process payments which you make through the Website.

2) Processing necessary for the following legitimate interests:
  1. All of the purposes detailed above, where you are dealing with us otherwise than as an individual, sole trader or partnership)
  2. monitoring the performance of our business, including but not limited to how quickly and efficiently orders via the Website are processed;
  3. the management of our database(s);
  4. to analyze trends and customer journeys when using the Website;
  5. to administer the Website;
  6. anonymization for the purposes of research and analysis purposes (e.g. to improve the Website);
  7. for internal record keeping and monitoring;
  8. where necessary, as part of any restructuring or sale of the our respective businesses or assets;
  9. to test the performance of our products, services and internal processes;
  10. to adhere to guidance and best industry practice;
  11. for management and audit of our business operations including accounting;
  12. to administer our good governance requirements;
  13. for market research and analysis and developing statistics;
  14. to maintain our CRM database of contacts who are at our corporate customers;
  15. for direct marketing communications, where you have previously bought goods/services from us, our marketing relates to our own similar goods/services, we have offered you the option to opt-out from receiving the direct marketing communications and you have not chosen to opt out;
  16. for the legitimate interest of carrying out profiling, such as segmenting customer personal data based on enquiry, brand/product/service of interest. We use the information gleaned from this profiling in order to tailor our relevant marketing communications (which we send to you either based on your consent – if we have asked for consent for marketing – or based on our legitimate interests). In addition, we use software with an automation ability to exclude subscribers based on their decision to ‘unsubscribe’ or where emails cannot be delivered due to either incorrect email address provided or security in your email system set up. All this involves processing of your personal data for our legitimate interest of excluding subscribers where appropriate;
  17. when we share your personal information with these other people or organisations;
    • members of our Group (further information below including who is in our Group);
    • our legal and other professional advisers;
    • financial institutions (re: payment of invoices, reimbursements, etc.);
    • governmental and regulatory bodies (HMRC, the Information Commissioner’s Office);
    • other organisations and businesses who provide services to us; and
    • market research organisations who help us to develop and improve our products and services
3) Processing necessary to comply with our legal obligations:
  1. for compliance with laws and regulations that apply to us;
  2. for establishment, defence and enforcement of our legal rights or those of any other member of our Group;
  3. for activities relating to the prevention, detection and investigation of crime;
  4. to carry out monitoring and to keep records;
  5. to deal with requests from you to exercise your rights under Data Protection Laws;
  6. to process information about a crime or offence and proceedings related to that; and
  7. when we share your personal information with these other people or organisations:
    • fraud prevention agencies;
    • law enforcement agencies and governmental and regulatory bodies such as HMRC, the ICO; and
    • courts and to other organisations where that is necessary for the administration of justice, to protect vital interests and to protect the security or integrity of our business operations.
4) Processing with your consent (further information at paragraph 8 below):
  1. When you request that we share your personal information with someone else and consent to that; and
  2. to carry out direct marketing including to send you newsletters and other marketing communications (in cases where we ask you for your opt-in consent for this).
Some of the personal data that we maintain will be kept in paper files, while other personal data will be included in computerized files and electronic databases.

You can if you wish use this Website for “information only” i.e. without placing orders, making payments or submitting queries to us. However, where you do not wish to provide us with your personal data, we may not be able to provide you with requested products or services or responses to your enquiries. However, where it is unnecessary to collect personal data for the purposes of certain activities (for example when taking a survey), you have the option of not identifying yourself or using a pseudonym.

We will collect your personal data in a fair and lawful manner, and not in an unreasonably intrusive way. All personal data that is collected via the Website will be transferred to and stored on our electronic server (which is located in Australia, where our parent company Moffat Group Pty Ltd is located – see below for further details on data transfers outside the EEA, in internal computers and in hard copy files. This transfer includes but is not limited to the transfer of a record of what you have purchased, for the purpose of providing the goods purchased.

Where practical, we collect personal data directly from you (when you make an order or submit an enquiry). However, there may be circumstances in which we collect personal data about you from publically available sources (see paragraph 3).

3. How do we collect your personal data in connection with this Website?

We will collect your personal data in a number of ways including:
  • from you when you provide us with this information by telephone or by completing an online purchase, enquiry, or when you send us an email, submit application forms, complete customer service satisfaction surveys, or supply it in relation to contracts or any other documents provided by you to us;
  • from publicly available sources of information such as social media sources; and
  • from our own records.
4. Cookies

4.1 What are cookies?

Cookies are text files that are stored on your computer, smartphone or other electronic Internet-enabled device when you first access the Website and when you revisit certain pages of the Website.

4.2 How do we use cookies?

Some of the cookies we use help us to identify and fix errors relating to the Website, while others remember the pages and products you look at when you first visited the Website – to improve your experience of using the Website.

We use cookies to track how you use the Website by providing usage statistics. IP addresses which are involved in this will be your personal data (see above). In addition, we may combine the information we collect by cookies with personal data that we have collected from you (not limited to IP addresses) in order to learn more about how you use the Website and to improve the Website. In addition, we use cookies on this Website to record your default language and currency (English and GBP). Users of this website in Republic of Ireland please note, we use cookies on this Website to record your default language and currency (English and EUR). A full list of cookies and how we use them can be found below in the section “Cookies we use”. We may update this list from time to time. As mentioned, steps will be taken to draw this to the user’s attention and to collect appropriate new consents at that time, where necessary.

4.4 Cookies we use

We use session cookies (which expire once you close your web browser). We may also use persistent cookies (these remain on your computer or other device when you close your web browser – until such time as they expire or you delete them).

We have grouped our cookies into the following categories, to make it easier for you to understand why we use them:

  • Strictly Necessary: these cookies are strictly necessary for the Website to work properly and for us to keep to seek it secure. They are needed to allow you to use the Website and its features, including to provide your user login details and password and to move between pages of the Website.
  • Functionality: these cookies enable technical performance of the Website and allow us to ‘remember’ the choices you make and your preferences. They allow us to give a better online experience, such as to make the login process faster by ‘remembering you’ or your user name when you next access the Website. They also help us to track performance of the Website.
  • Performance/Analytical: these cookies allow us to collect certain information about how you navigate the Website. They help us to understand which parts of the Website are interesting to you and which are not as well as what we can do to improve the Website. They also help us to identify when lots of people give up on an application process at a particular step – so we can try to make that step easier to use.
Cookie is set byNamePurpose
Google Analytics_utma
_utmb
_utmc
_utmv
_utmz
These cookies are used to collect information about how visitors use our Website. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.

Click here for an overview of privacy at Google.

Our group company Moffat Pty Limited

PHPSESSID

We use this cookie to keep track of any information you have entered and selections you make during your current browsing session. Expiry: When your current browsing session ends.

Our group company Moffat Pty Limited

Currency

We use this cookie to show you product prices in your preferred currency. Expiry: 30 days.

Our group company Moffat Pty Limited

Language

We use this cookie to show you content in your preferred language. Expiry: 30 days.

4.5 Cookies set by third parties

You might notice that some cookies on the Website are not related to Blue Seal Limited (i.e. the company which operates the Website). This is because some of the pages on our site contain embedded content from third party websites – such as video from YouTube for example. Because this content is from another website, we don’t control the cookies which relate to this. If you want to change your cookie preferences to block these third party cookies, check the third party websites for information on how to manage their cookies.

4.6 Social Sharing

We may also embed social sharing icons throughout the Website. These sharing options are designed to enable users to easily share our content with their friends using a variety of different social networks. These social sharing sites may set a cookie when you are logged into their service. Please note that we do not control the dissemination of these cookies and you should consult the relevant third party website for information on how these cookies are used and how you can control them.

5. Do we share your personal data with third parties?

  • other companies within our corporate group – who are: Moffat Group Pty Ltd; Moffat Pty Ltd; Moffat Ltd; Moffat Inc (trading as Moffat USA);
  • third party organisations who are our service providers (or who provide services to our corporate group) including but not limited to providers of management, accounting, legal, logistics, audit, compliance, information technology (including IT support, website, software, backup and data hosting providers and administrators), customer records management systems. third party payment processors, and other services, for the purposes mentioned above and where this is permitted by applicable data protection law. These companies may use information about you to perform functions on our behalf.
We may disclose specific personal data about you upon lawful request by the HMRC (and/or other relevant tax authorities), government authorities, law enforcement and regulatory authorities where required or permitted by law. Users of this website in the Republic of Ireland please note, we may disclose specific personal data about you upon lawful request by the Office of the Revenue Commissioner, government authorities, law enforcement and regulatory authorities where required or permitted by law. Personal data may also be released to external parties in response to legal process, and when required to comply with applicable laws and regulations, or to enforce our agreements, corporate policies, and terms of use, or to protect the rights, property or safety of our businesses, our employees, agents, customers, and others. Your personal data may also be shared with parties to whom you authorize us to release it.

Please note the payment card details submitted through the Website are not stored by us on any of our systems. Instead this information is handled and managed by a third party payment processor. As indicated, your payment card details will necessarily be processed by that third party for the purpose of effecting your payment(s) to us.
Normally we will not disclose your personal data to any other third parties unless:
  • you have previously consented or agreed to such disclosure;
  • it is necessary to provide you with the goods and services requested and such disclosure is made on a confidential basis;
  • it is required by law or required for co-operation with any government authority; and
  • it is necessary for any of the purposes mentioned above.
We will not sell, rent or trade your personal data without your prior consent where that consent is required by law. We may, however, disclose it to purchasers as part of a restructuring or sale of our businesses or assets.

We, and our agents, will only use and disclose your personal data in accordance with our purposes listed above and as permitted by the Data Protection Laws.

6. Will your personal data be transferred abroad?

We have described above how your personal data may be disclosed outside of Blue Seal Limited. Pursuant to this, including for instance where we engage providers of services and/or where companies within our corporate group provide services to us (for example, hosting databases containing your personal data), your personal data may be transferred to countries or territories located outside of the European Economic Area (EEA) which do not have adequate protection for personal data. Steps will be taken with a view to protecting your personal data in that instance consistent with applicable data protection law.

Please note that, as detailed at paragraph 2 above, all personal data collected via the Website (including but not limited to a record of what you have purchased and for the purpose of providing the goods purchased) will be transferred to and stored on our electronic server (which is located in Australia, where our parent company Moffat Group Pty Limited is located).

In addition, for the purposes described at paragraph 2 above, we may transfer your personal data to the other members of the Moffat group of companies, of which we are a part, and they are currently located in Australia, New Zealand, the United Kingdom and the United States of America.

7. Your rights under the Data Protection Laws

Here is a list of the rights that all individuals have under the Data Protection Laws. They do not apply in all circumstances. If you wish to exercise any of them we will explain at that time if they are engaged or not.

  • The right to be informed about your processing of your personal information;
  • The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed. (Please note that we rely upon the accuracy of your personal data to provide our products and services to you. To assist us with this, please contact us immediately if any of your personal data ceases to be current (for instance, if you change your email address or any other contact details. Similarly, if for any reason you believe that the personal data we hold about you is not accurate and complete, contact us at peter.barnes@moffat.com.au and we will make the appropriate correction. If we believe that the personal data we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading, we will make the appropriate correction).;
  • The right to object to processing of your personal information;
  • The right to restrict processing of your personal information;
  • The right to have your personal information erased (the “right to be forgotten”);
  • The right to request access to your personal information and to obtain information about how we process it (there are some circumstances in which we may refuse to provide access or only provide partial access to this personal data. If your request for access is not granted, we will explain our reasons to you);
  • The right to move, copy or transfer your personal information (“data portability”);
  • Rights in relation to automated decision making which has a legal effect or otherwise significantly affects you (at this time we do not take this type of decision making using your personal data but we mention this right under Data Protection Laws for completeness).
UK users of this website: You have the right to complain to the ICO (the Information Commissioner’s Office) which enforces Data Protection Laws: https://ico.org.uk/

Republic of Ireland users of this website: You have the right to complain to the Office of the Data Protection Commissioner (ODPC) which enforces Data Protection Laws: https://www.dataprotection.ie/ To exercise your rights in relation to your personal data please contact us as set out at paragraph 13.

8. How and when can you withdraw your consent and what are the consequences?

Much of our processing of your personal data is based on legal grounds other than consent (please see details in paragraph 2 of our legal grounds for processing). However, for processing that is based on your consent, you have the right to withdraw consent for future processing at any time. If you do decide to withdraw your consent, we will stop the relevant processing which is based on your consent, unless there is another legal ground for processing which we can rely on – in which case we will let you know. For example if you have signed up for our marketing and our newsletter by using the ‘Contact Us’ page of our website, or by otherwise opting in to this, we will be relying on consent for that. If you withdraw that consent the consequence will be that we cannot send you our marketing or our newsletter unless you decide to subscribe again. If your withdrawal of consent is specific to marketing – see paragraph 9. In all other cases, to withdraw your consent, please contact us using the details as set out at paragraph 13.

9. What choices do we offer you with regard to direct marketing communications?

We may wish to provide you with information about new products, services, promotions and offers from ourselves, other members of our group of companies, and from carefully selected third parties from outside our group of companies, in each case which we consider may be of interest to you. This may occur by e-mail, telephone, post or SMS or other methods which are made clear to you from time to time. Before using your personal data for any direct marketing purpose we would need to obtain your prior consent and to advise you of how to unsubscribe from receiving such communications in accordance with applicable data protection law. The exception to this need for us to obtain your express consent for direct marketing is where you have previously bought our goods/services, our direct marketing relates to our own similar goods/services, we have provided you with the opportunity to opt out from receiving such direct marketing for similar goods/services, and you have chosen to not opt out. In any event, if you do consent to this (or chose not to opt out in the case of marketing similar goods/services to those you have already bought from us), then please note you may change your mind and unsubscribe (or opt out, as the case may be) from direct marketing communications at any time by sending an e-mail to peter.barnes@moffat.com.au. The effect of withdrawing your consent, or choosing to opt-out, is that we will no longer be able to send you direct marketing communications unless you decide to subscribe again.

10. How long do we keep your personal data for?

We will only retain your personal data for a limited period of time and for no longer than is necessary for the purposes set out in paragraph 2. Unless we explain otherwise to you, we will hold your personal data for the following periods:
  • Retention in case of queries. We will retain the personal information that we need to keep in case of queries from you (for instance, in case you have a query about your order) for 7 years unless we have to keep it for a longer period (see directly below);
  • Retention in case of claims. We will retain the personal information that we need to keep for the period in which you (or your company) might legally bring claims against us which in practice means 7 years unless we have to keep it for a longer period (see directly below); and
  • Retention in accordance with legal and regulatory requirements. We will retain the personal information that we need to keep even after the relevant contract you have with us has come to an end for as long as we are required to keep it for in relation to tax requirements and to satisfy our other legal and regulatory requirements.
  • Marketing. We will retain the personal information we process to contact you for marketing purposes where (i) you have given opt-in consent to receive such communications (i.e. where our lawful basis for this processing is that you have consented) for so long as you have not withdrawn your consent; and (ii) in the case of marketing our own similar goods/services to those which you have already bought where you have been offered the opportunity to and have not opted out (i.e. where our lawful basis for this processing is that it is in our legitimate interest), until you choose to opt out.
If you would like further information about our data retention practices, please contact us as set out at paragraph 13.

11. Security of your Personal Information

We regard the security of your personal data as paramount. To this end, we take all steps required by data protection legislation to protect your personal data from unlawful or unauthorised processing and accidental loss, destruction of damage.

Only authorised people within our organisation are entitled to access your personal data for approved purposes. All our employees and agents are requires to sign a confidentiality agreement as a condition of their employment.

Please note that this Website does not provide systems for secure transmission of personal data across the Internet except where otherwise indicated. You should be aware that there are inherent risks in transferring personal data over the Internet and that, except where applicable law requires otherwise, we accept no responsibility for personal data provided through an unsecure page.

12. Changes to our Privacy and Cookies Policy

From time to time we may decide to amend or update this Privacy and Cookies Policy. When this occurs we will post the new version of the Privacy and Cookies Policy on our website. The date at the bottom of this Policy will be updated accordingly. We encourage you to periodically view this Privacy and Cookies Policy so that you remain informed as to how we are protecting your Personal Information. We may, where necessary, notify you of any modified versions of this Privacy and Cookies Policy that might materially affect the way we use, disclose or otherwise process your personal data. We may do this by posting an update on the Website which you will see at your next visit.

Should you have any queries or concerns in relation to our personal data handling practices, or if you wish to discuss any aspect of this Privacy and Cookies Policy, please do not hesitate to contact our Privacy Compliance Officer at peter.barnes@moffat.com.au . You may also write to us care of our Privacy Compliance Officer:

Moffat Pty Limited
740-742 Springvale Road
Mulgrave VIC 3170
Australia
Attn: Peter R Barnes

14. How we handle complaints

Any complaint made to us in connection with this Privacy and Cookies Policy and our information handling practices will be directed to our General Manager - Finance where it will be assessed giving due regard to the nature of your complaint, your circumstances and our ability to address the issue in question. Irrespective of our decision, we will respond to your complaint within a reasonable period of time.

October 2018