Protecting your Personal Data
TEA23 Ltd (Registered number: 9433400), whose registered office is at 12 Gore Park Road, Eastbourne, East Sussex, BN21 1TQ (“we”, “our”, “us”), understands that you care about your personal information and how it is used and shared, and we appreciate your trust in us to manage it responsibly and sensibly.
This Policy describes how your personal information is collected, used, and shared when you visit or make a purchase from TEA23 Ltd. It also explains which cookies our website uses in order to give you the best experience possible and to help us conduct normal business transactions. It also outlines some of the security measures we use including those by third parties (namely wix.com, which hosts our website).
This statement may change periodically so we encourage you to read it thoroughly and to check back from time to time.
In accordance with EU GDPR (May 2018) Data Protection guidelines we are committed to maintaining your personal rights and allow all users to change or withdraw their consent options at any time. The data controller at TEA23 Ltd is Jon Copping (Founder).
Our principle guidelines are clear and simple. We know that it is important to protect your personal data (as defined in the Data Protection Act 1998) and we are committed to giving you a personalised service that meets your needs in a way that also protects your privacy.
In simple terms, we take your privacy and personal data seriously; we respect your personal information; and we respect your rights to know how it is used and to control it. We only use your personal data to administer your account and to provide products and services you have requested from us. Your data is highly valued and securely protected by us. We will never sell your data to third parties and will only share it in order to conduct business as instructed by you.
Section 1: Collecting and Using Your Information
How did you get my consent?
When you provide us with information to place an order; complete a transaction, verify your credit/debit card, arrange shipping, and in order for us to provide you with invoices and/or order confirmations, we infer that you consent to us collecting your data for that reason and that reason only.
We may also ask you via an opt-in for permission to contact you for marketing purposes.
If you are a European resident, you have the right to access personal information we hold about you at any time. You also have the right for your personal information to be corrected, updated, or deleted. If you would like to exercise this right, please contact us at email@example.com [Re: Privacy Compliance Officer] or write to us at: TEA23 Ltd, 12 Gore Park Road, Eastbourne, BN21 1TQ.
How do I withdraw my consent?
You may draw your consent for us to contact you and/or for the continued collection, use or disclosure of your information, at any time, by contacting firstname.lastname@example.org [Re: Privacy Compliance Officer] or writing to us at: Tea23 Ltd, 12 Gore Park Road, Eastbourne, BN21 1TQ.
Types of information we collect
Information you provide to us
We collect information that you voluntarily provide to us, such as your email address when you sign up to e-news. When you give us your email address in this instance it will be used to notify you about offers, news, events, and new products etc. We may also collect your email address at events, fairs, and markets via the iZettle app, which is used to process your card payment. If you request a receipt by email we will send it to you and will only save your email with your express (verbal) consent/permission.
Information that is collected automatically
When you visit our Site, we automatically collect certain information about you using cookies (and similar technologies) when you visit/access, use, or interact with us via our website. This includes information about the device that you use to access our website, the operating system and version, your web browser, IP address, time zone, your geographic location as indicated by your IP address, and some of the cookies that are installed on your device, and the products and web pages you view on our website. We refer to this automatically-collected information as “Device Information”.
Information obtained from other sources
We may also receive information obtained from other sources such as social media platforms, which we will protect in the same way as that information collected on our own site and in accordance with practices described in this statement.
Buying Tea23 Ltd Products
When you purchase something from our store you will be asked to provide certain information so we can complete your transaction/purchase. We collect personal information such as name, address, phone number, email, and payment information. We do this so we can complete the transaction, fulfill your order, help with delivery issues, and accept returns in case there’s a need. Please note that we do not store any payment or credit card information, although you can save your card details in the “My Wallet” section in the “Members Area” of the tea23.co website, which is protected by password login security.
Section 2: Using Your Information and Keeping it Secure
TEA23 Ltd is committed to keeping your personal information secure. However, while we take reasonable precautions by carefully managing our systems and the third parties we work with (namely Wix.com), no security system is impenetrable.
Wix has servers all over the world, including Europe and the US, as well as backup servers. They use their technology to host the tea23.co website as well as thousands of others all over the world..
Our website is built and hosted by Wix.com - a leading cloud-based website development platform. You do not need to be a member to place an order in our store. However, if you set up your own personal account on our site it makes the transaction process quicker. This is because your personal information such as contact details and delivery/billing address are saved. Only you can access your account via a password protected login. You can also save your card details (as well as change and remove them) in your account.
Purchasing: Debit and Credit card security
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
Security of Wix's Billing Services and PCI Compliance
Wix is Payment Card Industry Data Security Standards (PCI DSS) compliant and is accredited as a level 1 service provider and merchant.
The PCI DSS is an information security standard for organisations or companies that accept credit card payments. This standard helps to create a secure environment by increasing cardholder data, thus reducing credit card fraud.
IO 27001 Compliance: Wix has been audited and certified as ISO 27001 compliant. The ISO 27001 certification outlines industry best practices for managing security risks.
ISO 27018 Compliance: Wix has been audited and certified as ISO 27018 compliant. The ISO 27018 certification outlines industry best practices for handling personally Identifiable Information (PII) in a public cloud computing environment.
TLS Certification: Wix uses Transport Layer Security (TLS) encryption to help protect your online financial transactions.
Section 3: Personal Data Retention
When you place an order with us via our online store or via the iZettle app (at markets and events) we will retain your personal information for our order records unless and until you ask us to delete this information.
Section 4: Age of Consent
We do not in any way target children although our website is open and may be accessed by persons under the age of sixteen. Should we be made aware by a parent or guardian, or by other means, that a child has registered on our site, then we will cancel the child’s account and delete all their personal information from our records.
Section 5: Disclosure
We may disclose your personal information in the following circumstances:
If you violate our terms of service or to protect our rights
If we are required to do so by law enforcement authorities or in legal proceedings
In the event of a merger, acquisition, or sale of all or a portion of our assets
Section 6: Cookies
How to control cookies
First-party cookies: Cookies that Wix places on your site.
Third-party cookies: Cookies that are placed and used by third parties.
Session (transient) cookies: These cookies are erased when site visitors close their browsers and are not used to collect information from their computers. They typically store information in the form of a session identification that does not personally identify the user.
Persistent (permanent or stored) cookies: These cookies are stored on a site visitor's hard drive until they expire (at a set expiration date) or until they are deleted. These cookies are used to collect identifying information about the user, such as web surfing behavior or user preferences for a specific site.
Strictly necessary cookies: These cookies allow you to browse through this site. They are also necessary for security reasons.
Functional cookies: These cookies "remember" registered visitors/customers in order to improve the user experience.
First Party Cookies:
ForceFlashSite (duration: session): When viewing a mobile site (old mobile under m.domain.com) it will force the server to display the non-mobile version and avoid redirecting to the mobile site.
hs (duration: session): Security
smSession (duration: Persistent [Two days or two weeks]): Identifies logged in site members
XSRF-TOKEN (duration: session): Security
svSession (duration: persistent [Two years]): Identifies unique visitors and tracks a visitor’s sessions on a site
SSR-caching (duration: session): Indicates how a site was rendered
smSession (duration: persistent [Two weeks]): Identifies logged in site members
TS* (duration: session): Security
TS01******* (duration: session): Security
TSxxxxxxxx (duration: session): Security
TSxxxxxxxx_d (duration: session): Security
Other third party cookies that we use:
_fbp: Facebook pixel collects data that helps track conversions from Facebook ads, optimize ads, build targeted audiences for future ads, and remarket to people who have already taken some kind of action on our website.
_ga: The Google Analytics cookie is used for visitor tracking. It identifies users by a unique identifier they call “client ID”, which along with other parameters are stored within _ga cookie.
_gat: Is used for throttling analytics requests to limit requests being sent from your browser to Google services.
_gid: This cookie is used to group the user behavior together for each user. It expires after 24hrs of inactivity.
bSession: Session cookies allow users to be recognized within a website so any page changes or item or data selection you do is remembered from page to page.
fr: Helps Facebook place more personalised advertisements.
Opting out of targeted advertising
You can opt out of targeted advertising by following the links below:
For more information about “Behavioural Advertising” you can visit the Network Advertising Initiative's Educational page: http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work
Section 7: Third Parties
Your data is highly valued and securely protected by us. We do not and will not sell your data to third parties.The prime purpose of collecting your data is to ensure you have a good shopping experience and receive great customer service.
Section 8: Questions and Contact Information
If you would like to: access, correct, amend or delete any personal information we have about you, or simply would like to ask us a question(s), please contact us at email@example.com [Re: Privacy Compliance Officer] or by mail to:
12 Gore Park Road