We are committed to ensuring that we manage your personal data professionally and in compliance with all applicable data protection laws. Part of this commitment is to ensure that there is transparency about how we process personal data.
This policy includes an explanation of:
1.1. what data we are processing;
1.2. why we are processing it and what we do with it;
1.3. whether we will share it with anyone else;
1.4. whether we will transfer it outside of the European Economic Area (EEA);
1.5. how we keep your data safe; and
1.6. your rights.
1.7. We hope that you find this Data Protection Policy helpful. If you have any questions, please don’t hesitate to contact us.
2. Who we are and our contact details
2.1. We are CELASIMPLICITY LTD. We are incorporated in England and Wales and our company number is 10591766.In this Data Protection Policy CELASIMPLICITY LTD is referred to as we, us, our or Celasimplicity Ltd.
2.2. Our business involves the prescription of certain procedures and policies as well as the use of prescribed information systems, we believe that, in relation to personal data concerning your orders and newsletter sign ups, Celasimplicity Ltd uses “data controllers” for the purposes of the General Data Protection Regulation ((EU) 2016/679) (GDPR) and our system is a “data processor”.
2.4. Please send any queries concerning your data to us using the following contact details:
3. Your personal data
3.1. We process your personal data if either (i) we understand that you may be interested in becoming a member of the Celasimplicity Ltd community or (ii) you are a member of the Celasimplicity Ltd community. In this section 3 we provide more detailed information about how we will manage your personal data.
3.2. What data do we hold about you and how have we obtained this?
3.2.1. We have obtained information about you when you have signed up to our newsletter or have place an order through our website. Typically, the information that we obtain will be your name, address, email address, phone number and payment information.
3.2.2. If you have visited our website we may automatically collect some personal information including details of your browser and operating system, the website from which you visit our website, the pages that you visit on our website, the date of your visit, and the Internet protocol (IP) address assigned to you by your internet service. We collect some of this information using cookies – please see Cookies in section 4 for further information. We may also collect any personal information which you allow to be shared or that is part of your public profile on a third party social network.
3.3. How do we use your personal data and what is the applicable lawful basis?
3.2.7. Where you have consented, we may provide you with marketing information about our products and services, the products and services offered by Celasimplicity Ltd.
3.2.9. We may process your information to comply with our legal obligations.
3.2.10. We may process your information to allow us to pursue our legitimate interests including:
126.96.36.199. analysing our performance and the performance of our products to you;
188.8.131.52. market research and the administration of our website;
184.108.40.206. the prevention of fraud or other criminal acts;
220.127.116.11. complying with requests from you including if you exercise any of your rights noted in this Data Protection Policy;
18.104.22.168. the purpose of corporate restructure or reorganisation or sale of our business or assets;
22.214.171.124. enforcing our legal rights or to defend legal proceedings and for general administration purposes.
3.4. Will we share your personal data with any third parties?
3.2.11. The information provided by yourself will not be shared with any third party company.
3.2.12 We may transfer your data to government or other official bodies for the purposes of complying with legal obligations, for enforcing our rights, or for the prevention or detection of a crime.
3.5. How long do we keep your data?
3.2.15. If you have purchased a product or signed up to our newsletter we will keep the data relating specifically to that purchase (e.g. order forms, invoices and related correspondence) for [seven years] from the original date.
3.2.16. If you have requested that we do not send you marketing information we will always retain sufficient information to ensure that we remember to comply with your request.
3.2.17. All of the periods stated in this section may be extended if there is a legal requirement to do so.
3.6. Transferring your data outside of the European Economic Area (‘EEA’)
3.2.18. The information that you send to us will not be transferred to countries outside the European Economic Area (EEA).
3.2. You can find out more about the Cookies we use in our Cookies Policy. For more information about cookies generally and how to disable them you can visit:
3.3. You can set your browser not to accept cookies, however some of our website features may not function as a result.
4. Data security
4.1. We have adopted the technical and organisational measures necessary to ensure the security of the personal data we collect, use and maintain, and prevent their alteration, loss, unauthorised processing or access, having regard to the state of the art, the nature of the data stored and the risks to which they are exposed by human action or physical or natural environment. However, as effective as our security measures are, no security system is impenetrable. We cannot guarantee the security of our database.
4.2. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use procedures and security features to try to prevent unauthorised access.
4.3. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
5. Links to other websites
6. Social Plugins
6.1. We use so-called social plugins (buttons) of social networks such as Instagram and Youtube.
6.3. After their activation, a direct link to the server of the respective social network is established. The contents of the button are then transmitted from the social network directly to your browser and incorporated in the website.
6.4. After activation of a button, the social network can retrieve data, independently of whether you interact with the button or not. If you are logged on to a social network, the network can assign your visit to the website to your user account.
6.5. If you are a member of a social network and do not wish it to combine data retrieved from your visit to our websites with your membership data, you must log out from the social network concerned before activating the buttons.
6.6. We have no influence on the scope of data that is collected by the social networks through their buttons. The data use policies of the social networks provide information on the purpose and extent of the data that they collect, how this data is processed and used, the rights available to you and the settings that you can use to protect your privacy.
7. Your rights
7.1. Your right to access data
7.1.1. We always aim to be as open as we can and allow people access to their personal information. Where we hold your personal data, you can make a ‘subject access request’ to us and we will provide you with:
126.96.36.199. a description of it;
188.8.131.52. an explanation of why we are holding it;
184.108.40.206. information about who it could be disclosed to; and
220.127.116.11. a copy of the information – unless an exception to the disclosure requirements is applicable.
7.1.2. If you would like to make a ‘subject access request’ please make it in writing to [the DPO whose contact details are set out above] and mark it clearly as ‘Subject Access Request’.
7.1.3. If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.
7.1.4. Unless you agree a different time, we will complete your subject access request within one month.
7.2. Right to stop marketing messages
You always have the right to stop marketing messages. We will usually include an unsubscribe button in any marketing emails. If you do wish to unsubscribe, please just click the unsubscribe button and we will promptly action that request. Alternatively, you can update your marketing preferences by contacting us at any-time.
7.3. Right to be forgotten
If we hold personal data about you, but it is no longer necessary for the purposes that it was collected and cannot otherwise be justified, you have the right to request that we delete the data.
7.4. Right to restrict data
If we hold personal data about you and you believe it is inaccurate you have the right to request us to restrict the data until it is verified. You also have the right to request that the data is restricted where you have a right to it being deleted but would prefer that it is restricted.
7.5. Transferring your personal data
Where we rely on your consent as the legal basis for processing your personal information or need to process it in connection with your contract, as set out under section 3, you may ask us to provide you with a copy of that information in a structured data file to you or to another service provider. We will action this request, usually by sending the data in a CSV file.
7.6. Right to complain
You always have the right to complain to the personal data regulator, the ICO. You may also be entitled to seek compensation if there has been a breach of data protection laws.
8. Policy updates
This policy was last updated on 25 May 2018.