Website, Email, Phone and Marketplace orders:
When you sign-up for a customer account on our website, place an order on our website, email us to place an order, call us to place a phone order, or choose to purchase products from us through our eBay or Amazon Marketplace stores, we collect the following personal information:
- Your name;
- Your delivery/billing address (home or work);
- Your email address;
- Your phone number;
- Your payment details (some phone orders);
- Your computer or device’s IP address (website orders only).
Website, Email and Phone Orders:
Your primary contact/delivery information is used to send your order to you. It is stored within our cloud-based ecommerce system, on servers based in different countries (depending on your location) and is secured via multi-stage authentication. Our ecommerce system supplier is GDPR compliant and has a privacy shield between their data processing systems and their own employees, meaning your data is completely safe. The computers and devices we use to process your order(s) are also secured with multi-stage authentication.
When you visit our website and place an order, your IP address is logged by our ecommerce system as part of the built-in, anti-fraud system. A number of factors need to add up, including your IP location, in order for our system to deem your order as legitimate. We may contact you to confirm your order if our system deems it to be fraudulent. We believe this is an important website function, as it helps customers who have been subject to credit/debit card cloning and other types of fraud.
Warehouse, sales staff and the Managing Director have access to this anti-fraud information, which is accessed securely via multi-stage authentication.
Abandoned Checkout Emails:
If you add items to your cart on our website and get as far as to enter your name and email address, you will receive an abandoned checkout email from us. We aim this email to be a gentle reminder that you have considered placing an order and that the items may still be available for purchase.
This is an automated function of our ecommerce system. If you do not wish to receive any emails from us, having not placed an order, there is a ‘tick-box’ you can deselect during the checkout. If you have not deselected this option, your details will be logged and saved on our system to make any future orders as efficient as possible.
Warehouse, sales staff and the Managing Director only have secure access to your information, through this means, if you place an order or if you request for your details to be deleted, having not placed an order. If you don’t want to place an order, and would like your information deleted, please contact us and we will remove your information as soon as possible.
If you have a Facebook account and visit our website, our ecommerce system will create retargeting adverts for you to see on your Facebook feed. These adverts display products you have looked at on our website. These retargeting adverts are designed to remind you of what you have looked at on our website.
Our Facebook Pixel is a type of website cookie that links your activity on our website to your Facebook feed. None of your personal information is shared with us, until you place an order. The third-party application we use to create the re-targeting adverts has no access to your personal information. The Managing Director is the only person who can securely access, view and adjust our Facebook Pixel and retargeting adverts.
If you don’t want to be tracked by any Facebook Pixel, you have settings in your web browser that can be adjusted. Browser add-ons and plugins are also available, as well as privacy settings within Facebook itself.
There are some cookies which are needed for our website to function properly, for example, to remember what items you have put into your cart.
We use Google Analytics to collect information about how you use our website. For example, which areas you use most often, how long you stay on our website or on a specific page, and if you get any error messages from pages being unavailable. These cookies don't collect any of your personal information and all data collected is anonymous. We only use these cookies to improve how our website functions, with the aim of making it more enjoyable to interact with.
The data generated by the cookie, about your use of our website (including your IP address), will be transmitted to and stored by Google on servers in the United States. Google will use this data for the purpose of evaluating your use of our website. Google may also transfer this data to third parties, where required to do so by law, or where such third parties process the information on Google's behalf.
To find out more, please visit: www.google.com/policies/privacy/partners/
To opt out of being tracked by Google Analytics across all websites, please visit: http://tools.google.com/dlpage/gaoptout.
Website Functionality Cookies:
These cookies allow our website to remember choices you make (such as your username or the region you’re in) and provide more personal features. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customise. The information these cookies collect on our website cannot track your browsing activity on other websites.
Targeting & Advertising Cookies:
These cookies are used to deliver adverts more relevant to you and what you search for online. If you search for a product we stock, you may see an advert on Google with a link to our website or eBay store. These specific cookies also limit the number of times you see an advert, and they help us to measure how effective the adverts have been. The cookies are placed by Google’s advertising network with our permission. They remember that you have visited our website and this information is shared with us and Google. These cookies don't collect any of your personal information and all data collected is anonymous.
Other Beacons, Pixels & Parameter Tracking:
We keep a record of traffic data, which is logged automatically by our ecommerce system. This data includes your IP address, computer/device information, the website you were on before you visited ours and the website you visit after leaving our website.
We also collect some website statistics such as page access rates, page hits and page views. We are not able to identify you as an individual from traffic data or site statistics.
How to disable cookies:
You may be able to configure your browser or our website, application or service to restrict cookies or block all cookies if you wish, however if you disable cookies you may find this affects your ability to use certain parts of our website, applications or services. For more information about cookies and instructions on how to adjust your browser settings to accept, delete or reject cookies, see the www.allaboutcookies.org/ website.
Embedded content from other websites:
Pages on this website may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behave in the exact same way as if the person has visited the other website. For example, an embedded YouTube video will gain views and statistics from the person viewing the video on our product page, collection page or blog article, as it would as if visiting YouTube itself.
When using our checkout to pay for your website order, using a credit or debit card, we do not have access to your payment details. Our ecommerce system’s payment gateway, Stripe, is a PCI Level 1 service supplier and exceeds industry standard payment security.
When paying for an invoice-based order, sent from our ecommerce system, payment is made through our secure website checkout. This ‘invoice-payment’ method tends to be used if you have already got an account on our website, or wish to add products to an existing order that hasn’t been fulfilled.
When placing a phone order, we will do one of two things:
- Email you an invoice for payment, through our secure checkout.
- Ask for your credit/debit card details if you either don’t have a website account with us, don’t have access to your email inbox or prefer to simply pay with your card over the phone for convenience.
Clean and Shiny (UK) Ltd. is fully PCI compliant, meaning your credit/debit card details are destroyed once we have payment confirmation, via our secure card terminals. Your card details are therefore not stored in any way and are only used by sales staff to complete your order payment.
- If you don’t have an account on our website when placing a phone order, by default we will create one for you using your primary billing/delivery details. This is so that we can process and ship your order to you.
- You then have the option of logging into your new account to place future orders online. You can also request us to remove your account completely, after you’ve taken delivery of your order, if you do not wish to have an account on our system.
Using PayPal is an incredibly safe and reliable way of paying for your order. When you pay via PayPal, we will receive your name, verified billing/shipping address, the email address that you’ve linked to your PayPal account as well as your phone number. This information is stored securely inside PayPal, in the form of a transaction archive, as well as in a confirmation email that both Clean and Shiny (UK) Ltd. and you, the customer, will receive.
Your information, given to us by PayPal, is used only to link your order and payment together, so that your order can be sent to you as quickly as possible. PayPal confirmation emails are stored securely in the cloud, accessed only by the Managing Director and Company Accountant, using multi-stage authentication.
Our website and checkout pages use the latest in SSL / HTTPS encryption, meaning your connection to every page on our website is fully secure - look for a green padlock and/or URL bar in your web browser.
eBay and Amazon Marketplace Orders:
Your eBay and Amazon personal information stays on-platform, and is supplied to us, through our ecommerce system, to process orders as efficiently as possible and to ensure inventory is kept accurate. We use third-party software applications to process marketplace orders. These applications have no access to your personal information, and act only as a ‘token’ supplier. Tokens are used by our ecommerce system to communicate to eBay and Amazon servers, to securely process your order.
Warehouse staff, sales/admin staff, the Managing Director and Company Accountant have access to your personal information. Warehouse and sales/admin staff use your personal information to process orders, as well as any order queries.
The Managing Director and Company Accountant use your data for the same reasons, but they also use it for company audit and HMRC purposes.
All staff have signed Non Disclosure Agreements stating they understand the importance of customer data privacy.
All computer equipment and devices used by all staff are secured with multi-stage authentication and cannot be accessed by anybody outside of Clean and Shiny (UK) Ltd.
Shipping / Delivery:
After placing an order with Clean and Shiny (UK) Ltd, your personal information is supplied, in shipping label form, to our delivery partners. At time of writing, those partners are Royal Mail, Parcelforce and FedEx. Your information is used to deliver your order to you, as well as to contact you with shipping and delivery notification emails and text messages. Your phone number may be used by Parcelforce or FedEx to contact you should a delivery issue arise.
All of our delivery partners are GDPR compliant as of the 25th May 2018.
Some items that we stock are drop-shipped. This means that we ask the manufacturer to ship the items in question, directly to you, from their warehouse. We do this for a couple of reasons:
- Products such as custom-coloured leather care products have to be made to order, and so cannot be stocked as standard items.
- Very high-value items are considered a risk to hold at our HQ, so we ask the manufacturer to ship directly to customers. We feel this is the most responsible process to use.
When items are drop-shipped, we share the following information with the manufacturer or distributor in question:
- Your first and last name;
- Your email address;
- Your shipping address (home or work);
- Your phone number.
This information is used, in shipping label form, to send your order to you. Your email address is given to the chosen courier to send you shipping and delivery notifications. Your phone number is used to contact you should a delivery problem arise. All couriers in question are GDPR compliant as of the 25th May 2018.
Your personal information and order history is securely stored on our ecommerce system, as well as in hard-copy form, for a minimum of seven years. This is due to company audit and HMRC purposes. If you would like your data to be deleted from our ecommerce system, please do not hesitate to get in touch and we will fulfil your request as soon as possible.
Product Stock Update Notifications:
If a product is out-of-stock on our website, the product page has the option to let you enter your email address. This lets us gauge how much interest there is in out-of-stock products, so we can fulfil demand. When we receive new stock and the website is updated with inventory, you will automatically receive an email notification, allowing you to visit our website to purchase the product you showed an interest in.
The third-party software, responsible for this website function, stores your email address for notification purposes only, on servers around the world, based on your location. The software developers have no access to your email address. Your email address is securely accessed by only the Managing Director, using multi-stage authentication, to carry out product demand analysis.
When you sign-up for our email newsletter, we collect:
- Your email address;
- Your first and last names (optional).
This information is securely stored in our cloud-based email publishing software, on servers based in the United States. The information is accessed only by sales staff and the Managing Director, via multi-stage authentication. Your first and last names are optional, so you don’t need to supply this information if you don’t want to. The email software owner and developer has no access to your email address or other information.
- Your email address is used to send car care and detailing related news and marketing emails to you.
- Your first and last names, if supplied, are used to personalise emails to you.
- Your email address is also used to gauge how successful our emails were. Our email software is securely linked to our ecommerce system, by means of web beacons/pixels, allowing us to track purchases. This way we’re able to learn more about which products our customers actually like to buy, and which products our customers have no interest in. Over time, this helps us to make our marketing more enjoyable to interact with.
If you no longer wish to receive our email newsletters, there is an unsubscribe link at the bottom of every email we send.
Trade Account Sign-Up:
We encourage car care and detailing professionals to sign-up for a trade account. When you do so, we collect:
- Your first and last name;
- Your business name;
- Your shipping address;
- Your phone number;
- Your email address;
- Your company website address;
- Your company registration number (if applicable);
- Your VAT registration number (if applicable);
- The date your company was established;
- Your business type;
- Your contact preference.
Much like a regular customer account, we’ll use your primary contact details to deliver your orders to you. Your email address is used to send you order and shipping confirmation emails. It is also used by our delivery partners to send you delivery notification emails. Your phone number is used by us to contact you if there are any order issues. It is also supplied to our courier so they can contact you if a delivery problem arises.
Your website address is used to check trade account eligibility - we look for previous work completed, as well as any professional accreditation you may have been awarded. Company and VAT registration numbers are used by our Company Accountant for audit and HMRC purposes. The date your business was established and business type allows us to further check trade account eligibility. Your contact preference lets us know how you would like to be contacted, outside of the usual notifications you receive as part of placing an order.
All of the personal information you supply to us when signing up for a trade account is first stored in a cloud-based database, hosted on servers in the United States, which is securely accessed only by admin staff and the Managing Director, via multi-stage authentication.
After trade account eligibility has been checked, if you haven’t already got a customer account on our ecommerce system, admin staff will securely create a customer account for you and ensure your account receives the necessary trade account privileges. You will then receive a confirmation email using the email address you supplied during sign-up.
Your information is then kept on the aforementioned database for our future reference, so that we can double-check details should any customer or order problems arise. If you would like your information removed from our database and ecommerce system at any time after an order has been delivered, please contact us and we will delete all data as soon as possible.
If, after 12 months, we have received no correspondence or orders from you, we will attempt to contact you via email or phone to ask if you still require a trade account. If no contact is made, we may remove your information and account from our ecommerce system. This is due to company audit and security reasons.
One of the primary ways present or potential customers can contact us is via our website contact page, or via direct email: email@example.com
When you contact us via our website contact page, we’ll receive:
- Your name;
- Your email address;
- Your phone number;
- The message you send us.
Most of this information is optional, but we’ll need your name and email address to reply to and answer what you have contacted us about. Our ecommerce system processes your message, as a whole, and then securely sends it to our cloud-based email service. The email service we use stores all data, securely, on servers based in the United States. All emails are accessed only by sales and admin staff, as well as the Managing Director, via multi-stage authentication.
Emails are stored for as long as we deem necessary, so that we can communicate with you and have points of reference if a matter is on-going. If we receive a simple question, for example, we will delete the email after we have sent an answer and is deemed to have been accepted. If you are concerned about any message you have sent us, and would like us to check our email system for data removal, please contact us and we’ll do our best to help you and, if needed, delete any email(s) and related information.
All of the above is applicable to emails that are received using our direct email address: firstname.lastname@example.org, or if you reply to any of our order and shipping confirmation emails.
Company accounts emails, sent to email@example.com, are securely accessed by only the Managing Director and Company Accountant, via multi-stage authentication, for company invoicing, billing, audit and HMRC purposes.
Social Media Direct Messaging:
Another way to contact us is through Facebook, Instagram and Twitter Direct Messaging.
Facebook Direct Messages can be sent via the link at the bottom of every page on our website. If you are logged into Facebook, this works seamlessly and we’re able to reply as soon as possible. Sales and admin staff, as well as the Managing Director, are on-hand during opening hours to answer your questions. If you send a message regarding our detailing services, the Managing Director of Clean and Shiny (UK) Ltd. and/or Clean and Shiny Detailing Ltd. will securely reply to your message(s).
All information exchanged during Facebook Direct Messaging stays on-platform and in-app, meaning all of your information is kept secure, private and can only be accessed by the staff mentioned above, on computers and devices secured with multi-stage authentication.
Direct Messages sent via Instagram are intercepted by either sales staff or the Managing Director. As above, all information exchanged during Instagram Direct Messaging stays in-app, meaning all of your information is kept secure, private and can only be accessed by the staff mentioned above, on devices secured with multi-stage authentication.
Direct Messages sent via Twitter are intercepted by either sales/admin staff or the Managing Director. As above, all information exchanged during Twitter Direct Messaging stays in-app, meaning all of your information is kept secure, private and can only be accessed by the staff mentioned above, on computers and devices secured with multi-stage authentication.
Social Media Mentions:
Sometimes we like to share photos and videos of customer vehicles as well as products, for the enjoyment of like-minded users. When we do so, no personal information is shared. Only usernames and company names are mentioned and tagged within the shared media, for the benefit of our followers if they wish to see more content from the tagged users and companies.
If you do not wish to have photos or videos of your vehicle shared publicly on Social Media, please let us know and we will fulfil your request.
Companies & Brands:
If you are a company, manufacturer or brand that has sent us product(s), and you do not wish media to be shared of said product(s), please let us know and we will fulfil your request. We are happy to adhere to Non Disclosure Agreements if needed.
Clean and Shiny (UK) Ltd. websites and products are not directed at children (anybody under the age of 18). We don’t knowingly collect any personal information from children.
If you are a child, please do not attempt to become a registered user of our websites, refrain from using our products without adult supervision or otherwise provide us with any personal information.
If we learn that we have inadvertently obtained personal information from a child, we will delete that information as soon as possible.
If you are aware of a child who has provided their personal information to us, either via our website, direct email address, Social Media or by phone, please contact us at: firstname.lastname@example.org
Data Breach Procedure:
In the extremely unlikely event that we are the subject of a data breach or leak, we are legally obliged to notify those affected within 72-hours. It is then our legal duty to work with the authorities and security experts in establishing what went wrong and to what extent the breach has affected the parties in question. Once again, due to the extensive security measures that we, all of our ecommerce and email systems suppliers take when dealing with your personal information, it is extremely unlikely that anything like this will happen.
Important: If you disagree with anything on this page, we don’t want to lose you as a customer or potential customer, so please get in touch as we’d like to hear your feedback. But we can, of course, delete any of your information if you’re not comfortable with it being collected, used or stored as described on this page.
If you have any questions, or concerns, or would like to make a complaint about how we use the personal information we hold about you, please email: email@example.com
If, after speaking to us, you are not satisfied with our response, you can contact the Information Commissioner's Office ( https://ico.org.uk ) who is responsible for handling complaints about the use of personal information.
You can contact us, at any time, via: firstname.lastname@example.org
We will get back to you as soon as possible.
The Clean and Shiny (UK) Ltd. Team.