Close icon

Privacy policy

Status: March 2024

This is our privacy policy. It tells you how we collect and process data received from you on our site. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

If you have any comments on this privacy policy, please email them to info@bricoflor.co.uk.

1. Who we are

Here are the details that the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regards to the processing of personal data and on the free movement of such data, known as General Data Protection Regulation (GDPR) says we have to give you as a 'data controller':


Our site address is www.bricoflor.co.uk
Our company name is BRICOFLOR Limited
Our registered address is 130 High Street, Marlborough, Wiltshire, SN8 1LZ U.K.
Our nominated representative is Dirck Scharpenack and they can be contacted at info@bricoflor.co.uk

2. What information do we collect?

We may collect, store and use the following kinds of personal information:

(a) information about your computer and about your visits to and use of this website (including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation).
(b) information relating to any transactions carried out between you and us on or in relation to this website, including information relating to any purchases you make of our goods or services.
(c) information that you provide to us for the purpose of registering with us.
(d) information that you provide to us for the purpose of subscribing to our website services, email notifications and/or newsletters and
(e) any other information that you choose to send to us.

Before you disclose to us the personal information of another person, you must obtain that person's consent to both the disclosure and the processing of that personal information in accordance with the terms of this privacy policy.

Under GDPR we will ensure that your personal data is processed lawfully, fairly, and transparently, without adversely affecting your rights. We will only process your personal data if at least one of the following basis applies:

a)    you have given consent to the processing of your personal data for one or more specific purposes;
b)    processing is necessary for the performance of a contract to which you are a party or in order to take steps at the request of you prior to entering into a contract;
c)    processing is necessary for compliance with a legal obligation to which we are subject; and/or
d)    processing is necessary for the purposes of the legitimate interests pursued by us or by a third party such as our credit card payment processing, except where such interests are overridden by the fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

3. Cookies

A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.

We may use both "session" cookies and "persistent" cookies on the website. Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until deleted, or until they reach a specified expiry date.

We will use the session cookies to: keep track of you whilst you navigate the website; keep track of items in your shopping basket; prevent fraud and increase website security. We will use the persistent cookies to: enable our website to recognise you when you visit and keep track of your preferences in relation to your use of our website.

We use Google Analytics to analyse the use of this website. Google Analytics generates statistical and other information about website use by means of cookies, which are stored on users computers. The information generated relating to our website is used to create reports about the use of the website. Google will store this information. Google's privacy policy is available at: https://policies.google.com/privacy.

Our payment services providers may also send you cookies.

4. Using your personal information

Personal information submitted to us via this website will be used for the purposes specified in this privacy policy.
We may use your personal information to:

(a) administer the website;
(b) improve your browsing experience by personalising the website;
(c) enable your use of the services available on the website;
(d) send you goods purchased via the website;
(e) send statements and invoices to you, and collect payments from you;
(f) send you general (non-marketing) commercial communications;
(g) send you email notifications which you have specifically requested;
(h) send you our newsletter and other marketing communications relating to our business or the businesses of carefully-selected third parties which we think may be of interest to you, by post or, where you have specifically agreed to this, by email or similar technology (and you can inform us at any time if you no longer require marketing communications);
(i) provide third parties with statistical information about our users – but this information will not be used to identify any individual user;
(j) deal with enquiries and complaints made by or about you relating to the website;
(k) keep the website secure and prevent fraud; and
(l) verify compliance with the terms and conditions governing the use of the website (including monitoring private messages sent through our website private messaging service).

Where you submit personal information for publication on our website, we will publish and otherwise use that information in accordance with the licence you grant to us.
We will not, without your express consent, provide your personal information to any third parties for the purpose of direct marketing.

Some of our website financial transactions are handled through our payment services provider, PayPal. You can review the PayPal privacy policy at www.paypal.com. We will share information with PayPal only to the extent necessary for the purposes of processing payments you make via our website, refunding such payments and dealing with complaints and queries relating to such payments and refunds.

You can also choose to make payment by credit card or bank transfer.
We do not store credit card details nor do we share customer details with any third parties.
If you are already our customer, we will only contact you electronically about things similar to what was previously sold to you.
If you are a new customer, you will only be contacted if you agree to it.
If you don't want to be contacted for marketing purposes, please tick the relevant box that you will find on screen.

In addition, if you don’t want us to use your personal data for any of the other reasons set out in this section in 4, you can let us know at any time by contacting us at info@bricoflor.co.uk, and we will delete your data from our systems. However, you acknowledge this will limit our ability to provide the best possible products and services to you.
In some cases, the collection of personal data may be a statutory or contractual requirement, and we will be limited in the products and services we can provide you if you don’t provide your personal data in these cases.

5. Disclosures

We may disclose your personal information to any of our employees, officers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this privacy policy.
We may disclose your personal information to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes set out in this privacy policy.
We may contract with third parties to supply services to you on our behalf. These may include payment processing, search engine facilities, advertising and marketing. In some cases, the third parties may require access to some or all of your data. These are the third parties that have access to your information:

PayPal

If you pay via the payment method "PayPal" or "PayPal Express, your information to PayPal will be delivered. PayPal is a service of PayPal (Europe) S.à.rl & Cie. SCA, 22-24 Boulevard Royal, L-2449 Luxembourg. PayPal assumes the function of an online payment service provider as well as a trustee and offers buyer protection services.
The personal information provided to PayPal is the name and surname, gender, address, telephone number, IP address, e-mail address or other data required to complete the order, as well as any data related to the order, such as the number of items, item number, invoice amount, percent taxes and billing information. In addition, PayPal will also be provided with the name of the person through whose PayPal account payment is made.
This submission is necessary to process your order with the payment method you have selected, in particular to confirm your identity, to administer your payment and to secure against default and fraud.
Please also note that PayPal may disclose your personal information to service providers, subcontractors or other affiliates, to the extent necessary to fulfil the contractual obligations of your order, or to process personal information in the order.
You can find the valid data protection regulations of PayPal here:

https://www.paypal.com/ee/webapps/mpp/ua/privacy-full

BARCLAYCARD

If you pay by Credit/Debit card, your data will be transmitted to BarclayCard - a trading name of Barclays Bank UK PLC. Barclays Bank UK PLC is authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority (Financial Services Register number: 759676). Registered in England No. 9740322. Registered office: 1 Churchill Place, London E14 5HP
If you decide for a payment method offered by BarclayCard, payment will be processed via the payment service provider BarclayCard, to whom we will inform you about your order (name, address, account number, bank code, possibly credit card number, invoice amount, currency) and transaction number).
The transfer of your data is solely for the purpose of payment processing. The applicable privacy policy of BarclayCard can be found here:
https://www.barclaycard.co.uk/personal/privacy-policy

BELBOON

The processing of personal data for users is required for the completion of a contract where the user is a contractual party or as a step in completing pre-contractual requirements which take place according to the express consent of the user. The legal grounds for this is Article 6 Section 1 b) of the GDPR
If a user completes a contact form or makes contact with the responsible entity in any other way – including email, telephone, fax or post – the personally identifiable data will only be used to complete their enquiry. The legal grounds for this use of data is the consent provided by the user in accordance with article 6, section 1a of the GDPR.
In any other cases where personally identifiable data is processed, it is used in accordance to the authorized interests of the responsible entity – such as the analysis of use of their website by Google Analytics, to integrate external fonts using Google Fonts or by using Cloudflare to detect, limit or prevent any cyber-attacks or errors on their website. The legal grounds for this processing is Article 6, Section 1f of the GDPR. The responsible entity will make the user aware of their right to object to use of their data. As part of these affiliate marketing activities, cookies are stored on users' devices to document transactions (orders). These cookies are for the sole purpose of correctly assigning the success of an advertising medium and the corresponding billing within the Belboon network. Personal data are not collected, processed or used.

TRUSTED SHOPS

We have integrated the Trusted Shops Trustbadge on this website in order to display the reviews collected using the Trusted Shops system.
This serves the protection of our legitimate interests in the optimal marketing of our offer according to art. 6 (1) 1 lit f GDPR that are overriding in the process of balancing of interests. The Trustbadge and the advertised trust badge services are offered by Trusted Shops GmbH, Subbelrather Str. 15C, 50823 Cologne, Germany.
With every use of the Trustbadge, the web server automatically saves a so-called server log file which contains e.g. your IP address, the date and time of the request, the volume of data transferred and the requesting provider (access data), and documents the request. Those access data are not analysed and are automatically overwritten no later than seven days after the end of your website visit.
Other personal data are transferred to Trusted Shops only if you decide to use or have already registered to use Trusted Shops products after placing an order. In such a case, the contract concluded between you and Trusted Shops applies.

GOOGLE ANALYTICS

This website uses Google Analytics, a web analytics service provided by Google, Inc. ("Google"). Google Analytics uses "cookies", which are text files placed on your computer to help the website analyse how visitors use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States, 600 Amphitheater Parkway, Mountain View, CA 94043.

Google is certified under the Privacy Shield Agreement, which provides a guarantee to comply with European data protection law. Further information on the Privacy Shield Agreement can be found here:
https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active

Google Analytics uses cookies. The information generated by the cookies, are usually transmitted to a Google server in the USA and stored there. Google will use this information on our behalf to evaluate the use of our online offer by users, to compile statistics about the activities within our online business and to provide us with other services related to the use of this online platform and the internet usage. In this case, pseudonymous usage profiles of the users can be created from the processed data.

In addition, we may disclose your personal information:

(a) to the extent that we are required to do so by law;
(b) in connection with any ongoing or prospective legal proceedings;
(c) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
(d) to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling; and
(e) to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information

Where any of your data is required for such a purpose, we will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, our obligations, and the obligations of the third party under GDPR and the law.
Except as provided in this privacy policy, we will not provide your information to third parties.

FAST-Tracking

1. General scope and description of data processing

We use FAST to correctly allocate the success of an advertising medium. The data is automatically deleted after 90 days. No profiling takes place. FAST uses a unique key that third parties cannot assign and therefore users cannot be traced. Personalised advertising is not possible with FAST.
FAST establishes a connection between a click on an advertising medium, e.g. an advert, and an action, e.g. a purchase or a login or registration.
The information transmitted to us serves the sole purpose of correctly allocating the success of an advertising medium and the corresponding billing.
FAST does not store any cookies or cookie-like data on your end device. 

When generating the device fingerprint, only non-personal parameters are merged (browser settings, time zone, CPU class, colour depth, browser language, etc.).

2. Scope and description of the processing of data when using Google Ads / Microsoft Ads

In the case of a campaign, the order number and the shopping basket value of the order are usually also transmitted and stored by us for 90 days. Personal data such as name, telephone number or address are expressly not recorded or stored.
 The following values may also be transmitted:

  • ID (consecutive number)
  • ClickID
  • Time of purchase
  • Currency
  • Conversion name (shop order or lead)

The device fingerprint is processed on the server of the respective customer. Insofar as integration takes place via Google Tag Manager, the device fingerprint is processed via the Smarketer Host Europe server in Strasbourg.

Thanks to high security standards, such as an HTTPS connection, the conversion data is sent on our HOST Europe server located in Strasbourg. The transfer of the export file and the processing of the data (ClickID, conversion name, timestamp, order value, currency) takes place in accordance with Google Ads / Microsoft Ads on an American server. The software is set up so that no profiling takes place.

3. Purposes of the processing

The information transmitted to us serves the sole purpose of correctly assigning the success of an advertising medium and the corresponding billing and is justified by our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f GDPR.

4. Duration of storage

The data of the processing described here will be automatically deleted after a maximum storage period of 90 days.
Operator:

Name:                   Smarketer GmbH
Postal address:    Alte Jakobstraße 83/84, 10179 Berlin
E-mail:                   info@smarketer.de

5. Possibility of objection and removal

You can prevent tracking by deactivating FAST Tracking via an opt-out link on the respective page. 

6. Where we store your data

We may transfer your collected data to storage outside the European Economic Area (EEA). It may be processed outside the EEA to fulfil your order and deal with payment.
By giving us your personal data, you agree to this arrangement. We will do what we reasonably can to keep your data secure.
Payment will be encrypted. If we give you a password, you must keep it confidential. Please don't share it. Although we try to provide protection, we cannot guarantee complete security for your data, and you take the risk that any sending of that data turns out to be not secure despite our efforts.
We only keep your personal data for as long as we need to in order to use it as described above in section 4, and/or for as long as we have your permission to keep it. In any event, we will conduct an annual review to ascertain whether we need to keep your personal data. Your personal data will be deleted if we no longer need it.

7. Security of your personal information

We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
We will store all the personal information you provide on our secure (password- and firewall-protected) servers.
All electronic transactions entered into via the website will be protected by encryption technology.
You acknowledge that the transmission of information over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
You are responsible for keeping your password and other login details confidential. We will not ask you for your password (except when you log in to the website).

8. Policy amendments

We may update this privacy policy from time to time by posting a new version on our website. You should check this page occasionally to ensure you are happy with any changes.

9. Your rights

You can ask us not to use your data for marketing. You can do this by ticking the relevant boxes on our forms, or by contacting us at any time at info@bricoflor.co.uk.
Under the GDPR, you have the right to:

request access to, deletion of or correction of, your personal data held by us at no cost to you;
request that your personal data be transferred to another person (data portability);
be informed of what data processing is taking place;
restrict processing;
to object to processing of your personal data; and
complain to a supervisory authority.

To enforce any of the foregoing rights or if you have any other questions about our site or this Privacy Policy, please contact us by email to info@bricoflor.co.uk or by post to 130 High Street, Marlborough, Wiltshire, SN8 1LZ, United Kingdom.

10. Third party websites

The website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.  We have no control over how your data is collected, stored or used by other websites and we advise you to check the privacy policies of any such websites before providing any data to them.

11. Updating information

Please let us know if the personal information which we hold about you needs to be corrected or updated.

12. Data controller

The data controller responsible in respect of the information collected on this website is BRICOFLOR Limited.

13 March 2024