Double Nine Ltd trading as Merlin Workwear
We are committed to safeguarding the privacy of our website visitors; this policy sets out how we will treat your personal information.
(1) Information we collect
We may collect, store and use the following kinds of personal data:
Depending upon your use of Our Site, We may collect some or all of the following personal and non-personal data :
- Email Address;
- First Name;
- Last Name;
- Street Address;
- Phone Number;
- The type of enquiry your making, including information relating to any purchases you make of our goods or services;
- The information you provide relating to your enquiry;
- IP address;
- Web browser type and version;
- Operating system;
- A list of URLs starting with a referring site, your activity on Our Site, and the site you exit to;
(2) When we use your personal data
All personal data is processed and stored securely, for no longer than is necessary in light of the reason(s) for which it was first collected. We will comply with our obligations and safeguard your rights under the GDPR at all times.
Personal data submitted on this website will be used for the purposes specified in this privacy notice or in relevant parts of the website.
We may use your personal information to:
(a) administer the website;
(b) enable your use of the services available on the website;
(c) supply to you services purchased via the website (please note that we require your personal data in order to enter into a contract with you);
(d) send statements and invoices to you, and collect payments from you;
(e) send you general (non-marketing) commercial communications; we will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003;
(f) send you email notifications which you have specifically requested;
(g) provide third parties with statistical information about our users – but this information will not be used to identify any individual user;
(h) share data with our third party teams to help us provide you a better service, for example giving your address to the courier so they can deliver your order;
(i) deal with enquiries and complaints made by or about you relating to the website.
We will not send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003;
We will not without your express consent provide your personal information to any third parties for the purpose of direct marketing.
Our website financial transactions will be processed using the bank and card processing agency who may require to verify your personal details for an authorization outside the European Economic Area.
In addition, we may disclose information about you:
(a) to the extent that we are required to do so by law;
(b) in connection with any legal proceedings or prospective legal proceedings;
(c) in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk); and
(d) to the purchaser (or prospective purchaser) of any business or asset which we are (or are contemplating) selling.
(4) International data transfers
The third party data processors used by us and listed below are located outside of the European Economic Area ("the EEA") (The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein). Where we transfer any personal data outside the EEA, we will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the UK and under the GDPR. Our third party processors include:
- DPDgroup UK Limited
- Worldpay Group plc
- Xero Ltd
- CreditSafe Group
(5) Security of your personal data
We will take all reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
We will store all the personal information you provide on our secure (password- and firewall- protected) servers.
Of course, data transmission over the internet is inherently insecure, and we cannot guarantee the security of data sent over the internet.
You are responsible for keeping your password and user details confidential. We will not ask you for your password.
(6) Policy amendments
(7) Your rights
As a data subject, you have the following rights under the GDPR, which this notice and our use of personal data have been designed to uphold:
- The right to be informed about our collection and use of personal data;
- The right of access to the personal data we hold about you;
- The right to rectification if any personal data we hold about you is inaccurate or incomplete (please contact us using the details in section 10);
- The right to be forgotten – i.e. the right to ask us to delete any personal data we hold about you (We only hold your personal data for a limited time, as explained in section 2 but if you would like us to delete it sooner, please contact us using the details in section 10);
- The right to restrict (i.e. prevent) the processing of your personal data;
- The right to data portability (obtaining a copy of your personal data to re-use with another service or organisation);
- The right to object to us using your personal data for particular purposes; and
- Rights with respect to automated decision making and profiling.
- If you have any cause for complaint about our use of your personal data, please contact us using the details provided in section 10 and We will do our best to solve the problem for you. If We are unable to help, you also have the right to lodge a complaint with the UK's supervisory authority, the Information Commissioner's Office.
- For further information about your rights, please contact the Information Commissioner's Office or your local Citizens Advice Bureau.
(8) Third party websites
The website contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.
(9) Personal Data of Children
We do not knowingly solicit or collect personal data from children below the age of 13. If we discover that we have unintentionally collected personal data from a child below 13, we will remove that child’s personal data from our records promptly. However, we may collect personal data about children below the age of 13 years of age from the parent or guardian directly, and with that person’s explicit consent, in order to provide a service, for example, shoe or clothing sizes.
(11) Data controller
The data controller responsible for our website is Double Nine Ltd trading as Merlin Workwear.
A cookie consists of information sent by a web server to a web browser, and stored by the browser. The information is then sent back to the server each time the browser requests a page from the server. This enables the web server to identify and track the web browser.
We may use both “session” cookies and “persistent” cookies on the website. We will use the session cookies to: keep track of you whilst you navigate the website. We will use the persistent cookies to: enable our website to recognise you when you visit.
Session cookies will be deleted from your computer when you close your browser. Persistent cookies will remain stored on your computer until deleted, or until they reach a specified expiry date.
Most browsers allow you to reject all cookies, whilst some browsers allow you to reject just third party cookies. For example, in Internet Explorer you can refuse all cookies by clicking “Tools”, “Internet Options”, “Privacy”, and selecting “Block all cookies” using the sliding selector. Blocking all cookies will, however, have a negative impact upon the usability of many websites including this one.