At 7AM Retail Limited ("Jollybrolly"), we are committed to continuously protect the privacy and security of both our site visitors and e-commerce customers. The Jollybrolly team members and affiliates are online consumers themselves, thus we fully appreciate, respect, and prioritise the importance of privacy and data protection online.
This policy serves to explain:
- what information is collected when you’re using the Jollybrolly website or communicating with us;
- why we collect that information;
- how we may use that information;
- how we share that information;
- how long we keep your information, and how we secure it;
- what we won’t do with your information; and
- how you can control your information.
Your information belongs to you, not us – you should be able to control it, and you should be aware and comfortable with, everything that we do with your information; Therefore:
We will only collect, keep, use and share your information either (a) for genuine business purposes that we’ve explained clearly to you and that you haven’t objected to, or (b) where we’re legally required to do so – and as soon as those purposes have been fully achieved, we will delete your information;
We will be as transparent as we can with you on what information we collect, why we collect it and how we use it.
As long as we have your information, we will keep it up to date and protect it as if it was our own sensitive information, using appropriate security safeguards, including suitable physical, electronic and managerial procedures, having kept on top of and appropriately taken into account the latest industry standards and best practice.
How do we collect information about you?
1. When you directly give it to us (“Directly Provided Data”)
When you create an account on our site, any time you visit Jollybrolly or purchase our products, or communicate with us, you may choose to voluntarily give us certain information – for example, by filling in text boxes, or clicking on active buttons on our site, like ‘Add to Basket’ or ‘Quick Buy’. All this information requires a direct action by you in order for us to receive it.
2. When you give us permission to obtain from other accounts (“User Authorised Data”)
If you’re using Jollybrolly on your mobile, you may choose to provide us with location or device specific data.
3. When our systems collect information or data as you use our website (“System Collected Data”)
These days, whenever you use a website there’s certain information that gets created and recorded automatically by the IT systems necessary to operate that site. The same is true when you use our website. For example:
(a) when accessing Jollybrolly, we use “cookies” (a small text file sent by your computer each time you visit our website, unique to your Jollybrolly account or your browser) to make it easier for you to use Jollybrolly, improve your shopping experience with us or so we can record log data relating to the pages you viewed and activities you carried out during your visit. These cookies may be “session” cookies (that last until you close your browser) or “persistent” cookies (that last until you or your browser deletes them). Of the cookies we use, some (such as the e-mail address you give us) will be directly associated with your Jollybrolly account and others will not. To clarify, a cookie does not give us access to your computer or any of your personal information, other than the data you choose to share with us. Under the GDPR legislation on your first visit to our site you will be presented with a ‘cookie banner’ allowing you the option to turn off most cookies with the exception of those strictly necessary to run the site and remember your preferences. There are more details on our cookie usage below; or
(b) In addition, the type of device you’re using to access Jollybrolly and the settings on that device may provide us with information about your device, including what type of device it is, what specific device you have, what operating system you’re using, and what your device settings are. This will depend on what type of device you’re using and its settings.
What? Why? Where?
Ultimately there are two types of information we collect:
(a) “personally identifiable” information (meaning it can be used to specifically identify you); or
(b) “non-personally identifiable” information (meaning it relates to you but can’t be used to specifically identify you i.e. anonymous data like your unique Jollybrolly customer number).
This information may be collected at any of the following interaction points you have with Jollybrolly:
- Browsing our site;
- Saving an item;
- Creating an account on Jollybrolly;
- Logging into your Jollybrolly account
- Making a purchase from Jollybrolly (i.e. adding to basket, checking out and completing a payment);
- Contacting Jollybrolly Customer Service, either about an order or for any other reason via e-mail, telephone or live chat;
- Signing up to the Jollybrolly newsletter
- Using Jollybrolly social media channels;
- Clicking on Jollybrolly banners or ads.
Set out below is an explanation of what information we collect at each of these interaction points, along with confirmation of (a) whether you directly give it to us, or we collect it with your permission, or whether it is collected by our technical systems; and (b) whether it is “personally identifiable” information or “non-personally identifiable” information:
- The IP address of the computer or the proxy server that you use to access Jollybrolly – this is personally identifiable information;
- The type of device used to access our website, your computer's operating system details and settings, your type of web browser and your settings for that browser, the name of your ISP, (if you are accessing Jollybrolly using a mobile device) your mobile device, your mobile operating system, your mobile device identifier provided by your mobile device operating system, and location data (if you have that functionality set up) and other general device or systems information – this is non-personally identifiable information;
- Statistical information and log data about number of visits to certain pages on the site (e.g. the home page); the pages you viewed and activities you carried out during your visit; the date and time of your visit; the duration of an individual page view, the paths taken by visitors through the site – this is also non-personally identifiable information.
Most of these cookies are not deemed ‘strictly necessary’ and can be turned off in your Cookies preference center.
Creating an Account on Jollybrolly: When you place an order with Jollybrolly, you may elect to create an account with us and become a registered user. If you opt to create an account and register with us, you need to provide us with at least the following Directly Provided Data, all of which will be personally identifiable information:
- your name;
- your email address;
- a password;
When you create an account and register with us, Jollybrolly will keep that Directly Provided Data for as long as you are registered with us, so that we can then use it to identify you by your Jollybrolly profile, to operate all the systems (such as delivery systems) to enable you to place an order to purchase products from Jollybrolly, and to offer you a personalized, relevant experience on Jollybrolly.
Logging into Jollybrolly: Once you have registered, if you wish to log in, you will need to input your email address and password again. This is Directly Provided Data and personally identifiable information. This will be matched to the up-to-date Directly Provided Data of the same type associated with your account to confirm your identity, and to enable you to place an order to purchase products from Jollybrolly.
The data you have provided us can be amended by logging into your account. This will not amend data linked to previous orders but rather act as the most up to date personal contact information for future orders or marketing notifications you have opted in to.
Purchasing from Jollybrolly: To purchase products from Jollybrolly, you will need to do the following:
- Click the relevant button on the site to add the product(s) to your basket – at which point our systems will collect this Directly Provided Data relating to the identity and other product attributes of the item(s) you’ve added, so the item(s) can then be displayed in your ‘basket’ until the end of that visit. This is non-personally identifiable information;
- Choose options and enter information regarding the delivery of the products you are ordering. Our system will collect this Directly Provided Data so that we can fulfil your order and deliver your products accordingly once you have completed your order. This is non-personally identifiable information;
- Enter the required credit card, or log-in information for our other payment systems, such as PayPal or Amazon Pay. Our system will collect this Directly Provided Data so we can process the required payment for the products you are purchasing once you choose to complete your order. Jollybrolly.co.uk does not store full card details or other payment systems log-ins. This is personally identifiable information.
- At this point there is an option to subscribe to the Jollybrolly newsletter. Should you positively opt in to this communication, your name, e-mail address and order details (including order number, the products you purchased, and value of your order) will be securely transferred to our email marketing provider, Mailchimp, so that we can effectively send you service updates and promotional information. This is personally identifiable information.
- Finally, in order to complete your order, you will need to click the ‘Place Order’ button. Only when we have this Directly Provided Data, will we record the full details of the complete order in our system, so we can:
- (a) process and deliver your order;
- (b)have a record of your previous purchases so that we can handle any queries or returns you may wish to make in the future; and
- (c) add it to the financial records of our business transactions. All of this information is directly provided by you and is personally identifiable information.
Contacting the Jollybrolly Customer Service Team: if you contact our customer service team, for example if you get in touch using the Contact Us Form or if you message us using the Live Chat, we will record that contact and collect all relevant information. Details of the contact with you will be both Directly Provided Data and personally identifiable information, which we will then:
- Keep and use to help us categorise your specific question or contact, respond to it, and, if applicable, investigate, deal with and resolve any issue or incident; and
- Keep for so long as you are registered with us so we have a history of all of our communications with you, any issues you may have had with us, and what we did to resolve those issues or incidents, which we can then use to ensure that we deal with any further contacts appropriately.
Interacting with Jollybrolly Pop-Ups: When you enter your e-mail address into one of our Jollybrolly promotional pop-ups. This directly provided and personally identifiable data is:
- (a) securely transferred to our content personalisation provider, to issue you with your unique discount code and provide a unique personalised experience on our website
- (b) securely transferred to our email marketing provider, so that we can effectively send you service updates and promotional information; in both cases this is personally identifiable information.
Interacting with Our Social Media Channels: When you interact with any of the Jollybrolly social media channels, System Collected Data relating to your activity on those channels may be collected. For example, if you choose to use the Facebook “like” button, or if you tag any of your social media contacts or link to them in any content you post, this information will be recorded. It is highly likely that this will be non-personally identifiable information but settings dependant, may also include personally identifiable information.
Any content you add to any of our social media channels is Directly Provided Data. This may include personally identifiable information depending upon the content. This content will be collected and recorded, and may be used.
Clicking on Jollybrolly E-mails or Banners: if you view or click on emails or that we have sent you, or on banners we have placed on our website or other websites, both the fact that you have done so , as well as the address of the site you were on when you did so, will be Directly Provided Data that we will record. This is all non-personally identifiable information. This information is used to track and assess how successful our email campaigns and advertising banners are at engaging with you.
What about cookies?
(1) Site Functionality Cookies – these cookies allow you to navigate the site and use our features, such as “Add to Basket” and “Favourite”. These cookies are strictly necessary.
(2) Site Analytics Cookies - these cookies allow us to measure and understand how our customers use our website, so that we can work to improve its functionality and ultimately your shopping experience.
(3) Customer Preference Cookies - whilst you are browsing or shopping on our website, these cookies will record your preferences, to help us make sure your browsing and shopping experience is as smooth and personal as possible.
(4) Advertising Cookies - we use these cookies to help us deliver ads that are most relevant to you. These are also used to limit the frequency with which you see our ads and help us understand the effectiveness of our marketing campaigns.
For an extended list of cookies we collect, please refer to your cookies preference centre.
The first time you visit our site you will be presented with a cookies banner allowing you to accept the cookies we think will give you the best possible experience or to limit and tailor which cookies you are served when you visit our website. If you wish to update these preferences at any point you can do so.
How Do We Use Your Information?
We often require several different types of information or data to be used collectively in order for Jollybrolly to work. These more fundamental purposes include the collective use of your information:
- To ensure that our site’s content is presented as effectively as possible for you, and to enable you to participate in interactive features of our site, when you choose to do so - for example by providing you with a more customised experience on Jollybrolly through things like updates, content and/or recommendations relevant to you to customise your experience on our site
- To set up and manage your account- so you can place orders, so we can provide our products to you, so we can make sure that the items you order get to you, so we can communicate with you about your orders and your account, so we can track potential problems and trends, and customise our support responses – basically, this relates to the nuts and bolts of our online retail business.
- We have to make sure that our website users are genuine and that we receive payment for the goods we dispatch. For this reason we may disclose the personal information you provide us to credit reference or fraud prevention agencies, in order to confirm your identity or to perform any necessary anti-fraud checks. These agencies may keep a record if this information but please be advised that your credit rating will not be affected.
- If you have provided us with your email address we may occasionally update you on our latest products, news and special offers via e-mail. This will only happen if you have opted in to receive these notifications when interacting with one of our pop-ups, placing your order or creating your account.
- To target Jollybrolly banners and ads to you when you’re on other websites – this is carried out using a variety of digitalmarketing networks and advertising technologies like pixels, ad tags, cookies, and mobile identifiers,and the banners and ads you will see will be based on your previous use of Jollybrolly (for example, your Jollybrolly search history, the content you read on Jollybrolly, etc.) or on Jollybrolly banners or ads you’ve previously clicked on.
How Do We Share the Information We Collect?
For our business to run smoothly and efficiently, we need to work with a number of third parties who are experts in their particular fields. The limited instances where we may share your information include:
(1)We share your information externally with our core service providers when required for our business to function: These include for example companies who help us pick and pack orders, make deliveries, carry out fraud protection and credit risk reduction checks, support our IT systems, help keep us secure, enable our marketing, or make sure we’re up to date with our accounts.
Each of these third party companies has been chosen specifically by us for their ability to provide what we need to our required specification. Each of these third party companies has a contract with us, which details our expectations and requirements in handling any of your personal information, and holds them fully responsible for meeting those expectations and requirements. The names of our partners, along with their complete and up to date Terms & Conditions, GDPR Compliance and Privacy Policies are available upon request.
(2) We will share your information if we believe it’s necessary to protect Jollybrolly or our customers: Unfortunately, like many other companies, Jollybrolly may be the subject of attempted fraudulent activities. Under these circumstances we may disclose your information (including your personally identifiable information) if we determine that disclosure is reasonably necessary to:
- Detect, investigate, prevent, take action regarding or otherwise address suspected or actual illegal activities, fraud, security or technical issues or to assist government enforcement agencies;
- Enforce or apply our terms and conditions of usage;
- Investigate and defend ourselves against any third-party claims or allegations;
- Protect the security or integrity of our Service; or
- To exercise or protect the rights, property, or safety of Jollybrolly, our customers, or others.
How We WILL NOT Use Your Information
We WILL NOT sell your personally identifiable information – such as your name, address, e-mail address, or credit card information - to any third party.
WE WILL NOT share or sell your personal information with third-party advertiser or ad networks.
Do We Transfer Your Information Outside The EEA?
Our offices, fulfilment centre and hosting services are all located in the EU. No personally identifiable information you have provided us will leave the EU unless you have requested international delivery outside the EU in which case your Name, Address and any necessary information for customs clearance will be shared with carefully selected couriers.
How Long Do We Keep Your Information?
We retain the information you provide for as long as needed for us to provide our services to you, or for as long as is necessary to provide support-related reporting and trend analysis only. Your order details will be kept on our systems for up to 7 years for financial and tax purposes. Any information will be retained for a limited time if needed to meet regulatory or legal requirements, or prevent fraud or abuse.
What Options and Choices Do You Have?
You can verify the details you have submitted to Jollybrolly by contacting our Customer Service team via telephone (01202 237187), via e-mail ([email protected]), or via the address given below. Please be advised that you may be required to provide proof of identity before we can reveal any sensitive information. This is part of our standard security procedures to help protect your personal information.
You can also contact us by the same methods if you wish to change, correct, or delete the personal information we hold at any time. Please be advised that, if you have shared any information with others through the Jollybrolly Social Media channels, that information will likely remain visible (unless removed directly by you), even after you have contacted us to delete your information from your own account.
You can opt-out of receiving marketing communications from us at any time.This can be done through your account settings, by clicking on the "unsubscribe" link in any email communications which we might send you, or by contacting our Customer Service team. As soon as this is done, your account will be updated to ensure that you don’t receive further emails. Please be advised, that if you continue to place orders on jollybrolly.co.uk you will still receive our transactional e-mails confirming your orders and dispatch details.
You can of course request a copy of the personal data we hold about you on our systems at any time. Do not hesitate to get in touch with our Customer Service team if you wish to do so- they would be delighted to help address any questions or queries you may have. Please be advised that you will not be charged for this, however you may be required to provide proof of identity before we can reveal any sensitive information.
You also have certain options available to you directly through the device you are using to visit Jollybrolly. Your browser may offer you the option to control cookies and data storage, and in the event that you are using a mobile device, it is likely you will have options to restrict your location and data sharing settings.
What Rights Do You Have?
You have a lot of rights relating to your personal information:
- The right to be informed about how your personal information is being used
- The right to access the personal information we hold about you
- The right to request the correction of inaccurate personal information we hold about you
- The right to request that we delete your data, or stop processing it or collecting it, in some circumstances
- The right to stop direct marketing messages, and to withdraw consent for other consent-based processing at any time
- The right to request that we transfer or port elements of your data either to you or another service provider
- The right to complain to your data protection regulator — in the UK, the Information Commissioner’s Office
If you want to exercise your rights, have a complaint, or just have questions, please contact us.
Ensuring Your Security is Protected
It is important to us that your information is protected. As soon as you provide us with any of your personal information, there are various security features and procedures we use to try to protect it and to prevent unauthorised access to that information. For example:
- We also offer secure “https” across the whole of the jollybrolly.co.uk website.
- Access to your data on Jollybrolly is password-protected, and sensitive data (such as credit card information) is protected by SSL encryption when it is exchanged between your web browser and the Jollybrolly site. To ensure your debit/credit card information is secure, we don’t keep details of your full card number or security code (CCV number).
- We routinely monitor our system for possible vulnerabilities and attacks so that we can ensure we are protecting any data stored on our servers appropriately.
Our chat service and similar means of communication are not encrypted in the same way so please do not send any confidential information via these channels.
Both the information you provide to us, and the information we collect, is controlled by 7AM Retail Limited, including for the purpose of the Data Protection Act (1998) and the General Data Protection Regulation (2018) and any other applicable laws and legislation.
We always welcome any feedback, especially if you feel we haven’t quite matched your expectations. We are incredibly appreciative of any information that will help us improve the services we provide and of course want you to be 100% satisfied and return to our site. Please do not hesitate to get in touch if you you have any questions or concerns regarding this policy- a member of our customer service team would be more than happy to answer any queries you may have.You can either contact customer service via the Jollybrolly website, or, write to us at:JollybrollyThe Chocolate BoxFirst Floor, 8-10 Christchurch RoadBournemouthDorset, BH1 3NA
Changes to This Policy
This page was last updated on 24/05/18