Wholesome Vape Limited is totally committed to protecting your personal data and holds your privacy in extremely high regards. This privacy statement serves to provide you with all the important information about how we protect your data when you visit or use our website vapestoreukonline.co.uk and informs you about your privacy rights and how the law protects you.

In this Privacy Policy, reference to “We”, “Us” or “Our”, means Wholesome Vape Limited Trading As Variety E Vape, who processes your personal information and interacts with you through the website.

Definition of Terms

Personal Data - This means information or data about a living individual that can be used to identify an individual, that is in our possession or may come into our possession.

Usage Data – This means data that our service infrastructure collects automatically and generates, as a living individual use or interact with our website (for example, the duration of a page visit). Cookies – This are small pieces of data stored on a User’s device as you interact with our website.

Data Controller - This means a person who is responsible for determining how the personal data collected through direct or indirect interaction  with us through our website infrastructures are processed, used as well as the purpose for which they are processed.

For the purpose of this Privacy Policy, Wholesome Vape Limited Trading As Variety E-Vape is the Data Controller of your data.

Data Processor – This means data service processor, which is any person who processes the data on behalf of the Data Controller. The data processor is not an employee of the Data Controller.

We may use the services of various Service Providers in order to process your data more effectively.

Data Subject – This means any living individual that is the subject of Personal Data.

User – This means an individual who uses or is using our Service. A User is the same as a Data Subject.

Purpose of This Privacy Statement

1) This privacy statement is to provide all the information you need to know about how we collect and processes your personal data when you use our website, including any data you may provide when you register on our website, sign up for our newsletter or purchase a product on our website.

2) We do not sell products to persons under the age of 18. If you are under the age of 18, you are not permitted to use our website, or access our products through any other available channel.

3) It is of great importance that you read this privacy statement along side any other privacy notice or fair processing notice we may provide from time to time when we collect or process your personal data so that you have a full awareness of how and why we are using your data. This privacy statement is to serve as an addition to other notices and not intended to override them.

4) Controller: Wholesome Vape Limited Trading As Variety E-Vape is the controller responsible for your personal data, and for the purpose of this policy statement may be referred to as ("Variety E-Vape", "we", "us" or "our").

5) We have an appointed data privacy manager, responsible for answering any questions in relation to our privacy policy. If you have any questions about our privacy policy, including any requests to exercise your legal rights, please contact the data privacy manager on the details below:

6) Full Legal Name: Wholesome Vape Limited

    Trading Name: Variety E-Vape Name

    Title: Data Privacy Manager

    Email address: info@varietyevape.co.uk

    Postal address: 547 Oxford Road, Reading, RG30 1HJ

    Telephone number: 01189967352

7) You can make a complaint to the Information Commissioner’s Office (ICO) at any time. The ICO is the UK supervisory authority responsible for data protection issues (www.ico.org.uk). However, we would appreciate the opportunity to deal with your concerns and attempt to resolve the complaint before you approach the ICO. So please contact us, in the first instance.

8) Changes to your Personal Information and your duty to inform us of change: Please notify us if your personal data changes during the period you have a contract relationship with us as it is important that the personal data we hold about you is accurate.

9) Third-party links This website may include links to third-party websites, plug-ins and applications such as Sagepay, World Pay, BigCoomerce and Facebook, Instagram, but not limited to the mentioned. Enabling or clicking on those links may allow third parties to collect or share your data. These third-party websites are not within our control and we are not responsible for their privacy policy. We recommend that before you click on any of such links, you visit their websites to read their privacy policies.

What Type of Personal Information Do We Collect?

Personal data, or personal information, means information about a person that is unique to the person and can be used for the purpose of identifying a person. It does not include anonymous data, which means data that the identity has been removed.

We may collect, different types of personal information or data about you at different stages of your interaction with us, for the legitimate purpose of providing you with the product you want to purchase as well as improve our service.

When you use our website or sign up for an account, whether making a purchase or not, the system will store the details you have provided. Where an account is created by one of our employees on behalf of the customer, the minimum amount of data this will contain is your name, email address and password (which is encrypted), the date you registered and the date you last visited. If the account is created by you directly, then it will also contain the IP address and Host name you used the last time you logged in. If you enter further information such as your address and telephone number, this will also be stored in the account.

When you place an order on our website, the information you enter, such as your name, email address, billing address, delivery address, telephone number, company name and VAT number (if applicable) will be stored within the order. Other information that is stored are as follows:

A) Your IP Address, its host name and country location

B) The type of device you used, such as mobile or desktop

C) The date and time you ordered

D) Your payment method

E) How much you paid

F) The shipping method

G) The number of loyalty points you earned, where applicable

H) Any activity on the order, such as the date and time we completed your order

I) Whether you are a new customer or returning customer

J) The product you ordered

K) Please Note: Payment information, such as credit card number, is never stored on this site or BigCommerce. This information is always stored separately by the payment gateway provider.

What Types of Cookies Do We Use?

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and allows us to improve our site. Cookies are pieces of data stored on your hard drive, so your privacy is in no way compromised. You may deactivate cookies in your web browser or clear them from your browsing data. To find out more about the Cookies we use on this website, please read our Cookies Policy.

How We Collect Your Personal Data?

We collect your personal data in the following ways:

1) By Direct Interaction with us when you place an order on our website, create an account on our website, subscribe to our newsletter or give us feedback about our products and services. At this point you may provide us with your personal data such as Identity information and contact information when completing forms, corresponding with us by email, phone or post.

2) By Indirect Interaction through automated technologies which can occur when you use our website. Our cookies, server log system and other technologies may collect Technical Data about your equipment and browsing actions when you use our website.

3) We may receive your personal data from third parties or publicly available sources for technical purposes. These Personal data about you may be made available to us by:

• Providers of analytic services such as Google based outside the EU; Search information providers like Google or Bing based outside the EU

• Public sources like the Electoral Register and Companies House based within the EU.

How Do We use the data we collect?

We will only use the personal data we collect from you, when it is lawful to do so and that would include:

1. To carry-out a legitimate contract you have entered into or about to enter into with us, for the supply of a product or service that you have ordered.

2. To carry-out a legal or regulatory obligation, such as the prevention and detection of fraud, crime and money laundering

3. A situation where we need to fulfil a legitimate interest, whether ours or that of a third party and your personal interest and fundamental rights do not override the legitimate interest

4. In addition, we may use your personal data to develop and improve our products and services, through research and statistical analysis. For us to contact you by email, post or phone in relation to marketing communications, we will request your consent. Only when you consent to us contacting you, would we contact you about products and services we believe may be of interest to you.

How Do We Secure Your Personal Data?

Ensuring the personal data you provide us is well secured and protected is an utmost priority to us. However, be aware that no method of transmission of data over the internet is 100% secured. Though we ensure we use necessary commercially acceptable means to keep your data safe and secured, we cannot guarantee an absolute security of your personal data.

Which Third Party Service Providers Do We Share Your Data?

 

We may employ the services of third parties to help facilitate the provision of our services or to assist in analysing and improving our service. We may share your personal data with these third parties service providers only for the purpose of performing a contract you have or will enter to with us, to improve our service and or to comply with a lawful request. These third parties are obligated to not disclose or use your data for any other purpose whatsoever, other than to perform the agreed task on our behalf.

 Age Verification Service Providers

We may use age verification service providers to verify your age, as it is a legal requirement that you must be over 18 years of age to purchase any product or service on this website.

We use VerifymyAge for age verification service. This service is in place to ensure that our customers are all over 18 years of age. Verifymyage will check your details against electoral roll data to be certain that you are over 18 years of age as you pass through our checkout system for the first time. If for any reason, Verifymyage is unable to confirm that you are over 18 years of age, we will request a proof of age from you, which would be a photo identity such as a driving license or passport. Once you have been verified, all subsequent orders we will not need to confirm your age again.

BigCommerce

Our e-commerce website uses Big Commerce Platform and it is powered by Big Commerce, by virtue of the fact that Big Commerce provides and power the website, it means your personal data may be shared with BigCommerce, you can read more about how BigCommerce uses your personal information on https://www.bigcommerce.com/privacy/

 Google Analytics

 Google Analytics tracks and reports a website’s traffic and Google use the collated data to track and monitor the use of our services.

We make use of google analytics to give us an insight into how customers make use of our website and also help us improve our services. Please visit https://www.google.com/intl/en/policies/privacy/ to learn more about how Google manages and uses your personal data.

 You have the option of opting out of making your activities on this website available to Google Analytics. This you can do by simply installing on your device the Google Analytics opt-out browser add-on. This will prevent Google analytics JavaScript from sharing information about your visits and activities on the website with Google analytics.

 Payment Processing

 We use third party services for payment processing (e.g Payment Processors). We do not store neither do we collect your card details for payment, your information is provided directly to our third parties payment processors. Our payment processors’ use of your personal information is governed by their own privacy policies and they adhere to PCI-DSS standards that is managed by the PCI Security standards Council. PCI Security Standards Council is a joint effort by brands like Visa, Mastercard, American Express and Discover to govern, manage and secure the processing of payments and payment information.

Social Media

The Social media share button and Facebook login that feature on the website, and added to all product pages and blog pages, only transmit data once they have been clicked. Therefore, the button only becomes active once you have clicked on it and at this point you will be using the social media's website. The only data the social media servers receive from our site is referral information from the page, such as product title and image. No personal data is transmitted.

However, once you have clicked on the Facebook button, any data that is gathered from your Facebook account, such as name and Facebook ID, will be stored within their User Account. You can request for the information to be deleted.

Do We Disclose Your Personal Data?

In the event of a legal requirement to disclose your personal data by law enforcement agencies or in response to a valid public authority request, we will do so. We may also disclose your data in the following circumstances:

1. To fulfil a legal obligation

2. To Protect our rights and property

3. To prevent or investigate fraudulent or other criminal activities

4. To ensure the safety and protection of the public and other users of the service

5. To protect or prevent legal liability

How Long Do We Retain Your Personal Data?

We may retain and use your personal data only to the extent necessary to perform a contract you have entered into with us in accordance with the purposes set out in this Privacy Policy.

We may also retain and use your Personal Data to the extent necessary to comply with our legal obligations.

We may also retain automatically generated data for the purpose of internal analysis, which may include improving our services, strengthening the functionality of our website and service or where we are legally obligated to do so.

What Are Your Rights Under the GDPR?

Under the GDPR, you have the following rights:

1. You have the right to access your personal information we hold, you can get a copy of your personal data free of charge.

2. You have the right to restrict processing and request restriction of use of your data, under certain circumstances.

3. You have the right to ensure any data held about you is accurate

4. You have the right to request that your data be removed, under certain circumstances.

5. You have a right to data portability, which means you are entitled to request a copy of your personal data we hold in a common electronic format.

6. You have the right under certain circumstances, to request that your data is not used to make automated decisions about you that could have legal consequences.

7. You have the right to lodge a complaint with the Information Commissioners Office (ICO)

How Do We get your Consent?

When you create an account with us, place an order on our website, provide your information for the purpose of verifying your age or your credit card, arrange for a delivery or return of a product purchased, we take it that you have consented to your personal data being collected and used for the purpose of performing that specific transaction or contract.

Where we seek to use your personal information for any other reason other than completing a transaction or order you have placed or are about to place with us, for example marketing, we will directly request your consent, or provide you with the option to reject the use of your data for such a purpose.

How Can You Withdraw Your Consent?

If after you have consented to your data being used for any other purpose other than completing an order, you then change your mind, you can with-draw your consent for the use or disclosure or continued collection of your information. To do so, please contact us by email on info@varietyevape.co.uk or call us on 01189967352. Where you prefer to contact us by post, you can write to us at the following address:

Variety E-Vape Online

547 Oxford Road

Reading

RG30 1HJ

How Can You Access Your Personal Data?

In the event you wish to obtain information about your personal data we may hold, you can request that we provide you a copy of the personal data we hold about you. This is what is known as a subject access request. All Subject Access Request, should be made in writing to our email address which is info@varietyevape.co.uk or by post to Variety E Vape, 547 Oxford Road, Reading RG30 1HJ. We aim to respond to any subject access request within one month of receipt of the re-quest.

However, in situations where your request is a complex one, we may require more time, but not more than three months from the date of the receipt of the request. We will keep you fully informed of our progress over the period. We aim to provide a complete response which will include copies of your personal data we may have in our possession.

How often do we change our Privacy Policy?

We reserve the right to make changes to this privacy policy at any time, it is therefore important that you review the policy frequently. Where changes or clarifications are made to the policy they will take effect immediately upon their posting on the website.

If the changes are material in nature, we will notify you that it has been updated, so that you are aware of the changes and how they may affect you, what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.