Who we are?

Our website address is: https://lapsi.co.uk

We are registered as a Data Controller on the Register kept by the Information Commissioner’s Office.

Our registration number is ZA026554.

What personal data we collect and why we collect it

Comments

When visitors leave comments on the site, we collect the data shown in the comments form, and the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Contact forms

Cookies

If you leave a comment on our site you may opt into saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Analytics

Lapsi Ltd uses Google Analytics for the purpose of monitoring website performance and at no point will Google Analytics be used to track or collect personally identifiable information of visitors to the site. “Google Analytics” cookies (a web analytics service provided by Google, Inc) sets cookies that allow us to analyse traffic on the website. Google Analytics cookies allow us to recognise and count the number of visitors to this website and to see how visitors move around the site (in particular, what pages of the website are being visited). This helps us to improve the way our website works. For further information on Google Analytics use of cookies please visit https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

Who we share your data with?

Sharing with Third-Party Partners

What third parties we receive data from

We do share your data with partners who help us provide and improve our products and services as follows:

Product suppliers: Certain product lines are dispatched directly from the manufacturer or supplier to our customer’s delivery address.  In order to facilitate the dropship service, it is necessary for us to share with the manufacturer or supplier the delivery information provided to us at the time of ordering.

After-sales support: In order to provide a swift resolution to after-sales issues, we will sometimes share customer details with the manufacturer or supplier of a product in order to allow them to deal directly with our customers.

Vendors and service providers: Your information is likely to be available to a greater or lesser extent to those who support our business (and their subcontractors) including web developers (access only), analytics and advertising providers (data including email addresses) – primarily Google, Facebook, Instagram, Twitter and LinkedIn, accountant and bookkeeper (access), accounts software (data) – QuickBooks, bank (data) – Barclays Bank, email provider (data) – Microsoft.

In each case, we seek to provide the minimum amount of information or access necessary for those third parties to fulfil their obligations to us and ultimately to you. Where we can we also impose strict restrictions on how our partners can use and disclose the data we provide.

Third-party payment service providers: In order to keep your financial details (such as credit cards and direct debits) secure to the very highest levels we ourselves do not ever save or retain the details (such as the credit card numbers) of your payment information. Instead, they are saved only by internationally recognised and fully accredited providers such as Barclays Bank, PayPal and Amazon Payments, who simply provide us with the ability to securely request the payments from you.

Non-financial third-party services on our website: our website includes functionality provided by third parties. A common example is an embedded YouTube video or a Facebook like button. In each case, the providers of these services will likely collect data about your usage that they will use to build up your profile as you search the web. Our site includes the following: videos by YouTube, like and share buttons from Facebook, Instagram, Twitter and LinkedIn. The above lists may change from time to time.

How long we retain your data

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where we send your data

What automated decision making and/or profiling we do with user data

Visitor comments may be checked through an automated spam detection service.

Your contact information

Additional information

How we protect your data

What data breach procedures we have in place

Our employees and contracted personnel are bound to our privacy policies, procedures and technologies which maintain the security of all your Personal Data from the point of collection to the point of destruction.

We maintain data security by protecting the confidentiality, integrity and availability of your Personal Data, and when we do so we abide by the following definitions:

6.1 Confidentiality: We ensure that the only people authorised to use your personal data can access it. Employees are prohibited from accessing and viewing your personal data unless it is necessary to do so.

6.2          Integrity: We will make certain that your Personal Data is accurate and suitable for the purpose for which it is processed.

6.3          Availability: We have established procedures which mean only our authorised Data Users should be able to access your Personal Data if they need it for authorised purposes.

 We also maintain security procedures which include, but are not limited to:

6.4          Secure lockable desks and cupboards. Desks and cupboards shall be kept locked if they hold your personal data.

6.5          Methods of disposal. Paper documents containing Personal Data are shredded and digital storage devices shall be physically destroyed when they are no longer required.

6.6          Data Users shall be appropriately trained and supervised in accordance with this Notice which includes requirements that computer monitors do not show confidential information to passers-by and that Data Users log off from or lock their PC/electronic device when it is left unattended.

6.7          Our computers have appropriate password security, boundary firewalls and effective anti-malware defences.  We routinely back-up electronic information to assist in restoring information in the event of a disaster and our software is kept up to date with the latest security patches.

6.8          One or all the following measures shall be applied to the personal data held, separating the personal data and/or pseudonymisation and/or the encoding of the data.

6.9          Our Privacy Manager will ensure that this Notice is kept updated in response to any amendments to the Law.

We shall take appropriate security measures against unlawful and/or unauthorised processing of personal data, and against the accidental loss of, or damage to, your Personal Data.

We shall only transfer your Personal Data to a Data Processor (a Data User outside our business) if the Processor agrees to comply with our procedures and policies, or if the Processor puts in place security measures to protect Personal Data, which we consider adequate and are in accordance with the Enactments.