Privacy policy
Find Me A Gift respects your privacy and is committed to protecting your personal data. We know there is a lot of information here, but we want you to be fully informed about your rights, we will also explain how we handle and store the data and how we keep it safe.
This policy will tell you how we look after your personal data when you visit our website referred to as the “website” and inform you of your privacy rights and how the law protects you. Please use the glossary at the end of this privacy policy to understand the meaning of some of the terms used in it.
Why do we have a privacy policy?
The purpose of this privacy policy is to give you information on how Find Me A Gift collects and processes your personal data when using our website, this includes any data you may provide through the website when you sign up to receive our marketing material, purchase a product, service or take part in any competitions.
Please read this privacy policy together with any other privacy notice on our website from time to time so that you are fully aware of how and why we are using your data.
Find Me A Gift is responsible for your personal data (collectively referred to as, “we”, “us” or “our” in this privacy policy).
We have appointed a data protection champion who is responsible for questions in relation to our privacy policy. If you have any questions, including any requests to exercise your legal rights, please contact us via our Customer contact page. and state that your query is for the attention of the data protection champion.
How we protect your personal data
The most important bit. Find Me a Gift knows how much data security matters to all our customers. With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it.
  • We secure access to all transactional areas of our websites using ‘https’ technology.
  • Access to your personal data is password-protected, and sensitive data such as payment card information) is secured and tokenised to ensure it is protected.
  • We regularly monitor our system for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security.
Changes to the privacy policy and your duty to inform us of changes
From time to time we will need to update this policy and without notice and where we do this we will notify you by including pop up boxes on the website and/or emailing our customers. Our policy was last updated on 01 June 2018.
It’s crucial that the personal data we hold about you is accurate and up to date. Please keep us informed if your personal data changes during your relationship with us and occasionally review your account settings on our website.
Your data we have collected
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:
  • Identity data includes first name and last name.
  • Contact data means the data we use to contact you including your billing address, delivery address, email address and telephone number.
  • Transaction data means details about transactions you have made on our website including the payments to and from you along with other details of products and services you have purchased from us.
  • Financial data means the data we use to process your payments for your orders including your payment card details. We do not store or process your card details ourselves, they are processed and stored via one of our contracted third party service providers. We encrypt your payment card details in your browser and securely transfer this data to our relevant third party payment provider to process a payment.
  • Technical data means details about the device(s) you use to access our website including your internet protocol (IP) address, browser type and version, location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
  • Usage data includes information about how you use our website, products and services. This includes your browsing behaviour and information such as how long you might spend on one of our pages and what you look at and for how long you are on our website, the click stream to and from our website, page response times and page interaction information such as scrolling, clicks and mouseovers.
  • Profile data includes your username (email address) and password, your login data, purchases or orders made by you, your interests, preferences, feedback and survey responses.
  • Marketing and communications data includes your preferences in receiving marketing from us and your communication preferences.
  • Aggregated and/or anonymized data (“Aggregated data”) such as statistical or demographic data for any purpose. Aggregated data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.
Not providing data
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
When your data is collected/used?
We use different methods to collect data from and about you including:
  • Direct interactions. You may give us your identity data, contact data, transaction data, profile data, financial data and marketing and communications data by using our website, filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you- * Purchase a product or service (including gift cards) through our website; * Create an account on our website; * Request marketing to be sent to you; * o Enter a competition; or * o Give us some feedback.
  • Automated technologies or interactions. As you interact with our website, we may automatically collect usage data and technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. Please see our  cookies policy for further details.
Third party sources of data & data sharing
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.
We also collect/share data with the following providers:
  • Necessary Service Providers: Sometimes, other businesses give us data about you which we may need for our legitimate interests of conducting business with you and on occasion they are essential to perform our contract with you. It usually comprises Financial Data or Transaction Data. This happens when we link through to third party payment providers such as Paypal or HSBC. They tell us that you have paid for your products and, where relevant and/or necessary they will provide us with your Contact Data and Transaction Data. We also might engage third party contractors to provide us with technical or delivery services that are related to your account with us.
  • Professional Advisers and Investors: We may also share your data with professional advisers such as our lawyers and insurers to manage risks and legal claims, and/or as part of our relationship and obligations to our investor organizations. This is in our legitimate interests.
  • It is possible we could sell our business to a third party or re-organize our business or become insolvent. In that scenario, our database of customers is one of the biggest parts of that business and so we would need to share it with the third-party buyer and their advisers. This is in the legitimate interests of selling our business. We may also expand our group of companies and in this scenario we may share your data within our group in order to improve our products and services and because of some of our internal support services may be shared across the group. This is in our legitimate interests of cost efficiency and growing our business. Where this occurs, we will post a link to all group companies and their locations in this privacy policy and they will use it in the ways set out in this policy.
  • Law Enforcement/Legal Compliance: We will cooperate with all third parties to enforce their intellectual property or other rights. We will also cooperate with law enforcement requests from within or outside your country of residence. This may include disclosing your personal information to government or law enforcement agencies, or private parties, when we have a good faith belief that disclosure is required by law or when we, in our discretion, believe that disclosure is necessary to protect our legal rights, or those of third parties and/or to comply with a judicial proceeding, court order, fraud reduction or legal process served on us. In such cases, we may raise or waive any legal objection or right available to us. These uses of your data are in our legitimate interests of protecting our business security. We may also use your data and share it with the recipients listed in this privacy policy for the purpose of complying with our legal obligations.
The lawful bases for sharing and processing this data is set out below and please refer to the External Third Parties listed in the Glossary for further information.
How we use your personal data
We will only use your personal data when the law allows us to. Mainly we will use your personal data in the following circumstances:.
  • Where we need to perform the contract we are about to enter into or have entered into with you.
  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
  • Where we need to comply with a legal or regulatory obligation.
  •  

(See the glossary at the end of this privacy policy to find out more about the types of lawful basis that we will rely on to process your personal data)

Generally we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email. You have the right to withdraw consent to marketing at any time by visiting your account page.

How will we use your personal data

Below are descriptions of all the ways we may use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.