Privacy / GDPR Policy
Maintaining the security of your data is a priority at Veridium and we are committed to respecting your privacy rights. We pledge to handle your data fairly and legally always. Veridium is also dedicated to being transparent about what data we collect about you and how we use it.
This policy, which applies whether we see you in person, for example at your premises or if you visit our office(s), trade stands, or if you use your mobile device or go on line, provides you with information about:
- how we use your data;
- what personal data we collect;
- how we ensure your privacy is maintained; and
- your legal rights relating to your personal data.
HOW WE USE YOUR DATA
Veridium (and trusted partners acting on our behalf) uses your personal data:
- to provide goods and services to you;
- to make a tailored website available to you;
- to manage any registered account(s) that you hold with us;
- to verify your identity;
- for crime and fraud prevention, detection and related purposes;
- with your agreement, to contact you electronically about promotional offers and products and services which we think may interest you;
- for market research purposes – to better understand your needs;
- to enable Veridium to manage customer service interactions with you; and where we have a legal right or duty to use or disclose your information (for example in relation to an investigation by a public authority or in a legal dispute).
where we have a legal right or duty to use or disclose your information (for example in relation to an
- investigation by a public authority or in a legal dispute).
- Veridium uses your personal data for electronic marketing purposes (with your consent) and may send you postal mail to update you on the latest Veridium offers and news.
- Veridium aims to update you about products & services which are of interest and relevance to you as an individual or as a business.
- You have the right to opt out of receiving promotional communications at any time, by:
- changing marketing preferences via your Veridium account;
2. making use of the simple “unsubscribe” link in emails or the “STOP” number for texts; and/or
3. contacting Veridium via the contact channels set out in this Policy.
- Sharing data with third parties
Our service providers and suppliers
In order to make certain services available to you, we may need to share your personal data with some of our service partners. These include IT, delivery and marketing service providers.
Veridium only allows its service providers to handle your personal data when we have confirmed that they apply appropriate data protection and security controls.
We also impose contractual obligations on service providers relating to data protection and security, which mean they can only use your data to provide services to Veridium and to you, and for no other purposes.
Other third parties
Aside from our service providers, Veridium will not disclose your personal data to any third party, except as set out below. We will never sell or rent our customer data to other organisations for marketing purposes.
We may share your data with:
- credit reference agencies where necessary for card payments;
- governmental bodies, regulators, law enforcement agencies, courts/tribunals and insurers where we are required to do so:–
- to comply with our legal obligations;
- to exercise our legal rights (for example in court cases);
- for the prevention, detection, investigation of crime or prosecution of offenders; and
- for the protection of our employees and customers.
How long do we keep your data?
We will not retain your data for longer than necessary for the purposes set out in this Policy. Different retention periods apply for different types of data, however the longest we will normally hold any personal data is 10 years.
WHAT PERSONAL DATA DO WE COLLECT?
Veridium may collect the following information about you:
- your name, age/date of birth and gender;
- your contact details: postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and e-mail address;
- instructions, purchases and orders made by you;
- your on-line browsing activities on Veridium websites;
- your password(s);
- when you make a purchase or place an order with us, your payment card details;
- your communication and marketing preferences;
- your interests, preferences, feedback and survey responses;
- your location;
- your correspondence and communications with Veridium;
- Our website is not intended for children and we do not knowingly collect data relating to children.
This list is not exhaustive, and, in specific instances, we may need to collect additional data for the purposes set out in this Policy. Some of the above personal data is collected directly, for example when you submit an enquiry on or download from our websites or send an email to us. Other personal data is collected indirectly, for example your browsing or any shopping activity. We may also collect personal data from third parties who have your consent to pass your details to us, or from publicly available sources.
WHAT YOU CAN DO TO HELP PROTECT YOUR DATA
If you are using a computing device in a public location, we recommend that you always log out and close the website browser when you complete an online session.
You have the following rights:
- the right to ask what personal data that we hold about you at any time,
- the right to ask us to update and correct any out-of-date or incorrect personal data that we hold about you free of charge; and
- (as set out above) the right to opt out of any marketing communications that we may send you. If you wish to exercise any of the above rights, please contact us using the contact details set out below.
Legal basis for Veridium processing customer personal data General
Veridium collects and uses customers’ personal data because is it necessary for:
- the pursuit of our legitimate interests (as set out below);
- the purposes of complying with our duties and exercising our rights under a contract for the sale of goods and services to a customer; or
complying with our legal obligations.
In general, we only rely on consent as a legal basis for processing in relation to sending direct marketing communications to customers via email or text message.
Customers have the right to withdraw consent at any time. Where consent is the only legal basis for processing, we will cease to process data after consent is withdrawn.
Our legitimate interest
The normal legal basis for processing customer data, is that it is necessary for the legitimate interests of Veridium, including:-
- selling and supplying goods and services to our customers;
- protecting customers, employees and other individuals and maintaining their safety, health and welfare;
- promoting, marketing and advertising our products and services;
- sending promotional communications which are relevant and tailored to individual customers
- understanding our customers’ behaviour, activities, preferences, and needs;
- improving existing products and services and developing new products and services;
- complying with our legal and regulatory obligations;
- preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies;
- handling client contacts, queries, complaints or disputes;
- managing insurance claims by clients;
- protecting Veridium, its employees and clients, by taking appropriate legal action against third parties who have committed criminal acts or are in breach of legal obligations to Veridium;
- effectively handling any legal claims or regulatory enforcement actions taken against Veridium; and
- fulfilling our duties to our clients, colleagues, shareholders and other stakeholders.