Privacy Policy for Natural Pools UK
1. Introduction
At Natural Pools UK, accessible via naturalpoolsuk.com, we are committed to safeguarding the privacy and personal data of our customers, visitors, and users. We uphold the principles of data minimization, transparency, and accountability as enshrined in the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the California Consumer Privacy Act of 2018 (“CCPA”), and operate with a privacy-first mindset. This Privacy Policy outlines how we collect, use, protect, and manage your personal information.
2. Scope of Policy and Data Controller Role
This Privacy Policy governs the collection and processing of personal data collected through our website naturalpoolsuk.com and associated communications. Natural Pools UK is the data controller responsible for the processing of your personal data described herein. If you have any questions or concerns about the use of your personal data, please contact us at [email protected].
3. Categories of Data Processed
We collect and process different categories of personal data to deliver our services, improve user experience, ensure legal compliance, and communicate with you effectively. The data we process includes, but is not limited to:
a) Usage Data
Collected automatically during your interaction with naturalpoolsuk.com. This may include your IP address, browser type and version, device identifiers, pages visited, session duration, and clickstream data.
b) Account Data
Provided directly by you during account creation, purchases, or inquiries. Includes full name, billing and shipping address, email address, and telephone number.
c) Profile Data
Information relating to your interests, purchase history, preferences, feedback, and behavioral patterns on our website.
d) Communication Data
Includes records and content of communications you have with us such as customer support tickets, emails sent to [email protected], and contact requests.
e) Technical Data
Data associated with the device you use to access naturalpoolsuk.com, such as operating system, network information, browser plug-ins, and system configuration details.
f) Transaction Data
Information relating to completed payments and transactions, including purchase history, invoice records, shipping details, and payment methods (excluding full card numbers, which are handled by secure third-party processors).
g) Preference Data
Your selected communication preferences, consent records, newsletter subscriptions, and marketing interests if you have opted-in.
4. Legal Bases for Processing
We rely on the following legal bases under GDPR and CCPA to lawfully collect and process your personal data:
– Consent: Where you have given clear and affirmative consent for processing (e.g., subscribing to our newsletter).
– Contractual Obligation: Where processing is necessary to perform a contract to which you are party (e.g., fulfilling an order or providing customer support).
– Legal Obligation: Where we are required to comply with applicable laws or legal proceedings.
– Legitimate Interests: Where processing is necessary for our legitimate interests (e.g., improving our website, securing our infrastructure) and those interests are not overridden by your rights.
5. Your Rights
Subject to the applicable jurisdiction, you have the following rights relating to your personal data:
– Right of Access: Obtain confirmation of whether we process your data and access that data.
– Right to Rectification: Request correction of inaccurate or incomplete personal data.
– Right to Erasure: Request deletion of your data under certain conditions (“right to be forgotten”).
– Right to Restriction: Request limited processing of your data in defined circumstances.
– Right to Data Portability: Receive your personal data in a structured, machine-readable format and transmit it to a third party.
– Right to Object: Object to processing based on our legitimate interests or for direct marketing purposes.
– Right to Withdraw Consent: Where consent is the basis of processing, you may withdraw it at any time.
To exercise your data rights, contact us at [email protected].
6. Security Measures
We implement appropriate technical and organizational measures to protect your personal data, including:
– HTTPS encryption for all website traffic;
– Robust access controls and multi-factor authentication for systems access;
– Regular backups of data and secure storage;
– Staff training on data protection and information security;
– Periodic audits and vulnerability assessments to identify and address risks.
7. International Transfers
Where personal data is transferred outside the United Kingdom or European Economic Area to countries lacking an adequacy decision, we ensure adequate protection via:
– Standard Contractual Clauses (SCCs) approved by the European Commission;
– Binding Corporate Rules where applicable;
– Additional safeguards such as data encryption and risk assessments.
All data transfers are conducted in compliance with GDPR, UK GDPR, and other applicable data transfer laws.
8. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, or reporting obligations.
– Usage and Technical Data: Up to 24 months for analytics and diagnostics
– Account and Transaction Data: Up to 7 years for tax, audit, and compliance purposes
– Communication Data: Retained for up to 3 years from the date of last contact
– Preference and Profile Data: For the duration of your engagement and up to 2 years following inactivity
Once the retention period expires, data is securely deleted or anonymized.
9. Cookie Policy
We use cookies and similar technologies on naturalpoolsuk.com to:
– Ensure basic functionality of our website (Essential Cookies);
– Enable enhanced personalization and site features (Functional Cookies);
– Measure site traffic, user interaction, and behavioral patterns (Analytics Cookies);
– Improve overall site performance and error diagnosis (Performance Cookies).
Third-party cookies may also be employed, subject to consent where required, for analytics and marketing purposes.
10. Cookie Management and Compliance
Upon your first visit, you are presented with a cookie consent banner in compliance with GDPR and CCPA standards. You may confirm, reject, or customize your preferences at any time using the cookie settings available on our website.
Additionally, you can manage cookie preferences via your browser settings by blocking or deleting cookies, though this may impact your user experience.
11. Children’s Privacy
We do not knowingly collect or solicit personal data from individuals under the age of 13. If we discover that a child under the age of 13 has provided us with personal data, we will take immediate steps to delete such information. Parents or guardians who believe their child has submitted data to us should contact us at [email protected].
12. Policy Updates and Notifications
This Privacy Policy may be updated periodically to reflect changes in our practices, technology, legal requirements, or service offerings. Material changes will be communicated via prominent notices on naturalpoolsuk.com or directly to users where required by law. We encourage you to review this policy regularly to stay informed.
13. Contact
If you have questions, concerns, or wish to exercise your data rights, please contact us at:
Email: [email protected]
Website: https://naturalpoolsuk.com
Natural Pools UK remains committed to compliance with all applicable privacy laws and ensuring that your personal data is handled with the highest standards of care and integrity. Please reach out to us with any privacy-related inquiries or requests.