XAMAX® Clothing Company Ltd, trading online as XAMAX® is committed to complying with the UK’s Data Protection law and the EU General Data Protection Regulation (GDPR) for the protection of personal data, as well as the principles of data security in the configuration of our services. If you have any questions about this privacy notice or how we use your personal data, please contact our compliance team:
- XAMAX® Clothing Ltd
- Unit 5b
- Roundwood Industrial Estate
- Ossett Wakefield
- WF5 9SQ
By Email: firstname.lastname@example.org
Overview: What data is being collected and processed?
Like all companies, we collect and hold data provided to us in exchange for services. ‘Services’ means paid for services or products, sending requested information (such as a quote or a download resource) or responding to contact form submissions. You can opt-out and withdraw consent or ‘ask to be forgotten’, at any time.
In order to enter into an agreement with XAMAX® Clothing Company Ltd, we will collect, store and use elements of your personal data. The processing of this personal data is a contractual requirement and is necessary by XAMAX® Clothing Company Ltd in order to administer your account and to provide the products and services you have requested from us.
When you approach XAMAX® Clothing Company Ltd to engage in our services, we will ask your consent to collect and process your personal data. Failure to provide this consent and/or personal data may mean we will be unable to execute the contract and will result in termination of our services.
When engaging XAMAX® Clothing Company Ltd services, you will usually need to disclose to us some or all of the following:
- Email address
- Place of work or Company name
- Reasonable contextual information to assist with providing relevant information
We will also monitor, record, store and use any telephone, email or other electronic communications with you for training purposes so that we can check any instructions given to us and to improve the quality of our customer service.
Any personal data we collect from you will not be transferred outside the European Economic Area as our website and all data services are hosted in the UK or the European Economic Area.
The website is hosted on a secure server in the UK Midlands and our newsletter system is hosted in the EU by MailerLite.
These help improve your experience on our website and help us share communications with you that are more relevant.
Our website holds cookies in order to ensure the best browsing experience and help us make sure we share relevant marketing information.
You have the option to opt-out of cookie tracking.
Direct Marketing Communications
We strive to make sure we provide only interesting and relevant marketing communications. And you can opt-out at any time.
If you have chosen to opt-in to our direct marketing communications, we will use your information to tell you about products and services available from us which may be of interest to you. We may also use your information to tell you about products and services which we can introduce from selected businesses.
To help make our emails more interesting and relevant, we often receive a confirmation when you open an email from XAMAX® Clothing Company Ltd if your computer supports such capabilities.
You have a right to opt-out of our direct marketing communications at any time. You can opt-out by following the Unsubscribe instructions at the bottom of the communication or by emailing email@example.com.
Links to websites of other providers third parties
We don’t control websites which aren’t our own but we may link out to them, so please check their privacy policies before giving them any information.
Please note that this data privacy notice only applies to XAMAX® Clothing Company Ltd and their online assets, and we are not responsible for, and have no control over, information that is submitted to or collected by third parties, such as those where our website may provide links and banner advertisements to third party sites. Since we do not control those websites, you are responsible for reviewing and abiding by the privacy policies of these third-party sites to ensure they comply with the applicable data protection regulations.
How long will the data be stored for?
We only hold your data for as long as we think is fair. And you can ask us to delete your data at any time.
Where possible, XAMAX® Clothing Company Ltd will take steps to erase any personal data that is no longer necessary for the purposes for which it is collected or otherwise processed, or if you have withdrawn consent for its processing and retention.
As a general rule, if you enter into or took steps to enter into a contract with XAMAX® Clothing Company Ltd, we will store the data for period of seven years for compliance with our general legal obligations and for the exercise or defence of any legal claims.
Under the GDPR, you have the right to ‘block’ or request the deletion or removal of personal data to prevent further processing. This right to erasure is also known as ‘the right to be forgotten’. Specific circumstances in which you can request the deletion or removal of personal data includes:
- Where the personal data is no longer necessary for the purposes for which it is collected or otherwise processed
- Where you withdraw consent
- When you object to the processing and there is no overriding legitimate interest for continuing the processing
- Where the personal data was unlawfully processed (i.e. otherwise in breach of the GDPR)
- Where the personal data has to be erased in order to comply with a legal obligation
- In case a deletion is not possible due to legal, statutory or contractual retention periods, or if it requires disproportionate efforts or prejudices your legitimate interests, the data will be blocked instead of deleted.
Sharing of data with other data controllers & processors
In short, we don’t unless we legally have to (e.g. fraud prevention).
XAMAX® Clothing Company Ltd take your privacy seriously and the information we hold about you is confidential. We will only disclose it outside XAMAX® Clothing Company Ltd when:
- you have given us your consent to do so
- it is necessary for the performance of an agreement/contract of which you will be made aware
- in order to obtain professional advice (e.g. legal advice)
- we or others need to investigate or prevent crime (e.g. to fraud prevention agencies)
- the law permits or requires it
- regulatory or governmental body requests or requires it, even without your consent, or
- there is a duty to the public to reveal the information
In order to administer your contract, we may need to share some of your personal information with other data controllers & processors. This processing is necessary for the purposes of delivering specific services to you.
Other data processors which we may share this information with may include:
- Credit reference agencies
- Claims handling and fraud prevention agencies (to investigate or prevent crime)
- Companies House for submitting tax returns and confirm your details
- Third parties whose software we are using to process your tax returns or payroll information
Our responsibilities in terms of fraud prevention.
If you give us false or inaccurate information and fraud (in any form) is identified, details will be passed to the fraud prevention agencies. We and other organisations may also share, access and use this information to prevent fraud and money laundering, for example when:
- managing credit and credit related accounts or facilities
- recovering debt
- checking any details that may be provided to us during the course of engaging in business with us
- In addition, law enforcement agencies may access and use this information.
Protecting your privacy
This is how we will protect your data.
In order to protect the personal data collected from you by XAMAX® Clothing Company Ltd against accidental or deliberate manipulation, loss, destruction or the access of unauthorised persons, technical and organisational security measures are constantly improved as part of our technological development. In addition, our employees, subcontractors and other support staff are obligated to observe confidentiality and data privacy.
Any access to your data that is stored at our company only takes place through an encrypted connection. By using the most up-to-date firewall systems, we provide the best possible protection for your data. Our website, as well as our internal Customer Management System (CMS) is encrypted using a SSL/TSL (Secure Sockets Layer/ Transport Layer Security) connection. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.
Wherever possible, we have tried to create a secure and reliable website for our users. However, you recognise that your use of the internet and our website is entirely at your own risk and we have no responsibility or liability for the security of personal information transmitted via the Internet.
All passwords and usernames allocated to you must be kept secret and must not be disclosed to anyone without our prior written authorisation. You must not use any false identity in email or other network communications and you must not attempt or participate in the unauthorised entry or viewing of another user’s account or into another system.
What happens in the event of a security breach?
If at any time we become aware that your data has been compromised, or that a breach of our systems and controls has occurred, which has an impact on the security of your data, we will notify the Information Commissioner’s Office, and you, without undue delay.
Subject Access Requests
You can request a copy of the data we hold on you at any time and we will provide it within 1 month of receiving your request in writing, if not sooner.
You have the right to request access to a copy of the personal information that we hold about you. This is also known as a ‘Subject Access Request’. This information is provided to you free of charge however, we can refuse to respond or charge a ‘reasonable fee’ of £10 Inc. VAT when a request is manifestly unfounded, excessive or repetitive.
We will provide this information in a structured, commonly used and machine-readable form such as a CSV file or PDF file where possible. This allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without hindrance to usability. Where possible, we will provide this information via remote access to a secure self-service system, such as our Customer Account area, which would provide you with direct access to your information.
If you would like to submit a Subject Access Request, please contact our compliance team in writing to:
XAMAX® Clothing Company Ltd
Unit 5b Roundwood Industrial Estate
We will respond to your request without delay and at the latest, within 1 month of receipt of your request.
Rectifying or Updating Personal Data
You can tell us to update or correct information you suspect is wrong, at any time.
If you believe the personal data we hold about you is inaccurate or incomplete, you have the right to rectification. You can let us know about any changes to. Where possible, we will also inform any third parties to whom we have disclosed the personal data in question to so they can rectify their records.
We will typically respond to your request within one month, although this can be extended by two months if your request for rectification is complex.
We may use your data for an amount of time which you feel is a little too long. It’s only because we think that’s because we can still be of service to you. If you don’t agree, you can withdraw consent.
If we are processing any of your data by using consent as the lawful basis for processing, you have the right to withdraw your consent for us to collect, process and store this data at any time. If you wish to withdraw your consent, please confirm this in writing to our Data Protection Officer:
XAMAX® Clothing Company Ltd
Unit 5b Roundwood Industrial Estate
Please note, by withdrawing consent, XAMAX® Clothing Company Ltd may be unable to execute the contract that you have entered into with us and will result in termination of our services. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
Legal basis for processing Personal Information
Our legal basis for collecting and using the personal information will depend on the personal information concerned and the specific context in which we collect it. However, we will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you.
If we collect and use your personal information in reliance on our legitimate interests it would be for four reasons:
As a customer we process your data to keep you up to date with our products, services and information regarding relevant industries.
As someone active in the sales process, for example request a quotation, we process your data to keep you up to date with the sales process, our products, services and information regarding relevant industries .
As someone who has shown interest in our services or products, by taking an action such as downloading an ebook on the subject, we process your data to keep you up to date with our products, services and information regarding relevant industries.
As a prospect who we genuinely believe would be interested in our services we process your data to keep you up to date with our products, services and information regarding relevant industries.
Our legal basis for collecting and using your information to reach out to you is in our legitimate interests and does not overwrite your data protection interests or fundamental rights and freedoms. Our legitimate interests in this case is to offer you content we believe is in line with the theme of your website and you would want to publish, this is why we need to process your data. For this purpose we will hold your data for 12 months after engagement.
You may withdraw your consent by: (1) using the ‘unsubscribe’ button link attached to all our communications to you; (2) calling our telephone number at 01924 266668 sending an email to firstname.lastname@example.org
Third Party Services
XAMAX® Clothing Company Ltd works with (or may in the future work with) network advertisers, ad agencies, analytics service providers and other vendors to provide us with information regarding traffic on our online assets, including pages viewed and the actions taken when visiting those assets; to serve our advertisements on other web sites, within mobile apps and elsewhere online; and to provide us with information regarding the use of the our services and the effectiveness of our advertisements. Our service providers may collect certain information about your visits to and activity on our assets as well as other websites or services, they may set and access their own tracking technologies on your device, and may use that information to show you targeted advertisements. Some of these parties may collect Personal Information when you visit the Service or other online websites and services. We may also share certain Non-Identifying Information with these parties, including Hashed Information, in connection with the services they provide to us. If you wish to opt out of interest-based advertising, if located in the European Union, click here.
List of cookies we collect
The table below lists the cookies we collect and what information they store.
|COOKIE name||COOKIE Description|
|CART||The association with your shopping cart.|
|CATEGORY_INFO||Stores the category info on the page, that allows to display pages more quickly.|
|COMPARE||The items that you have in the Compare Products list.|
|CURRENCY||Your preferred currency|
|CUSTOMER||An encrypted version of your customer id with the store.|
|CUSTOMER_AUTH||An indicator if you are currently logged into the store.|
|CUSTOMER_INFO||An encrypted version of the customer group you belong to.|
|CUSTOMER_SEGMENT_IDS||Stores the Customer Segment ID|
|EXTERNAL_NO_CACHE||A flag, which indicates whether caching is disabled or not.|
|FRONTEND||You sesssion ID on the server.|
|GUEST-VIEW||Allows guests to edit their orders.|
|LAST_CATEGORY||The last category you visited.|
|LAST_PRODUCT||The most recent product you have viewed.|
|NEWMESSAGE||Indicates whether a new message has been received.|
|NO_CACHE||Indicates whether it is allowed to use cache.|
|PERSISTENT_SHOPPING_CART||A link to information about your cart and viewing history if you have asked the site.|
|POLL||The ID of any polls you have recently voted in.|
|POLLN||Information on what polls you have voted on.|
|RECENTLYCOMPARED||The items that you have recently compared.|
|STF||Information on products you have emailed to friends.|
|STORE||The store view or language you have selected.|
|VIEWED_PRODUCT_IDS||The products that you have recently viewed.|
|WISHLIST||An encrypted list of products added to your Wishlist.|
|WISHLIST_CNT||The number of items in your Wishlist.|