privacy notice & cookies
Sarah Raven is a registered data processor under the Data Protection Act.
The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:
In specific situations, we can collect and process your data with your consent.
When collecting your personal data, we’ll always make clear to you which data is necessary in connection with a particular service.
- Contractual obligations
In certain circumstances, we need your personal data to comply with our contractual obligations. For example, if you order an item from us for home delivery, we’ll collect your address details to deliver your purchase and pass them to our courier.
- Legal compliance
If the law requires us to, we may need to collect and process your data. For example, we can pass on details of people involved in fraud or other criminal activity affecting Sarah Raven to law enforcement.
- Legitimate interest
In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. For example, we will use your purchase history to send you or make available personalised offers. We also combine the shopping history of many customers to identify trends and ensure we can keep up with demand, or develop new products/services. We will also use your address details to send you direct marketing information by post, telling you about products and services that we think might interest you.
how and when do we collect your data?
Our systems collect address and buying information at the point of order so that we may process your order and provide you with the best possible service.
We may also collect your data in any of the following circumstances:
- When you visit our website, and use your account to buy products and services, or redeem vouchers.
- When you make an online purchase and check out as a guest (in which case we just collect transaction-based data).
- When you create an account with us on our website..
- When you engage with us on social media.
- When you contact us by any means with queries, complaints etc.
- When you enter prize draws or competitions.
- When you book to attend an event
- When you choose to complete any surveys we send you.
- When you comment on or review our products and services.
- When you’ve given a third party permission to share with us the information they hold about you.
- We may collect data from publicly-available sources (such as Land Registry) when you have given your consent to share information or where the information is made public as a matter of law.
- When you ask us to contact you when a specific product is back in stock
- When you click submit or place an item in your basket we may have the ability to retain some of your information, even if you don’t complete your registration. Such contact details and data may be used to contact you to enquire why you did not complete your registration/transaction, ie an abandoned basket email.
We use this information to make your shopping experience as easy and enjoyable as possible. We need it to process your order, inform you of any delays or problems and occasionally to send you special offers and promotions, although you can manage your communication preferences at any time – see ‘Your Mailing Preferences.’
The information we collect is:
- Your name
- Email address – so we can email your order confirmations, delivery delays, offers etc.
- Delivery address
- Telephone number or mobile number – we’ll only call if we have a delivery problem or to talk to you about your order
- Credit card details – we only ask for these when you place an order
how we protect your data
We know how much data security matters to all our customers. With this in mind we will treat your data with the utmost care and take all appropriate steps to protect it.
We secure access to all transactional areas of our websites and apps using ‘https’ technology.
Access to your personal data is password-protected, and sensitive data such as payment card information is secured and tokenised to ensure it is protected.
We regularly monitor our system for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security.
We use the latest secure server technology to ensure all information is protected to the highest standards.
We use encryption to safeguard your credit card information and only accept orders from web browsers that permit communication through Secure Socket Layer (SSL) technology - this means you cannot inadvertently place an order through an unsecured connection. Most web browsers above version three support this security.
This encryption makes it virtually impossible for unauthorised parties to read any information that you send us.
The encryption technique we use is the highest standard available for e-commerce and certified by VeriSign, the world's most respected certification body for Internet firms.
how long will we keep your personal data?
Whenever we keep your personal data we’ll only keep it for as long as is necessary for the purpose for which it was collected.
At the end of the retention period your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
your mailing preferences
We want to give you the best possible customer experience. One way to achieve that is to get the richest picture we can of who you are by combining the data we have about you.
We then use this to offer you promotions, products and services that are most likely to interest you.
The data privacy law allows this as part of our legitimate interest in understanding our customers and providing the highest levels of service.
Remember, if you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide some services you’ve asked for.
There are several ways you can stop or start direct marketing email communications from us:
- Click the ‘unsubscribe’ link in any email communication that we send you. We will then stop any further emails. This will take you to a dedicated page, where you will have the option to either:
- Fully unsubscribe from our direct marketing email database. We will then stop any further marketing emails.
- Reduce the number of marketing emails you receive from Sarah Raven to one a month. If you select this option, please note that you may still receive transactional or automated emails from Sarah Raven more frequently if you take certain qualifying actions, such as making a purchase.
- If you have an account, log in into your account, visit the ‘My Account’ area and change your preferences. Please be aware that you will not have the option to reduce your email frequency via your Sarah Raven Account: this option is only accessible via the email ‘unsubscribe’ link.
- Email firstname.lastname@example.org
- Call customer services on 0345 092 0283
- Write to Customer Services, Sarah Raven, 1 Woodstock Court, Blenheim Road, Marlborough, SN8 4AN
If you would like to stop or start receiving the Sarah Raven catalogue or other postal mailings:
- Email email@example.com
- Call customer services on 0345 092 0283
- Write to Customer Services, Sarah Raven, 1 Woodstock Court, Blenheim Road, Marlborough, SN8 4AN
Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated. If you change your mind at any point, that’s fine, just let us know through any of the methods above.
who we may share your data with
We will never share your email address with anyone.
However there are only three circumstances where we may share some of your data with others:
- With agents, partners and suppliers (including credit reference agencies, credit card clearing agencies, fraud prevention and detection agencies, technology providers, delivery companies, direct despatch suppliers and data processing analysts) that we use to process the orders you place with us or who assist us in the service we provide to you. At Sarah Raven, we select our partners carefully and require that they comply with high security standards for the protection of your personal data.
Examples of partners who we may share your data with are:
- Companies who we work with in order to carry out our everyday business such as data bureaus, credit card, order processing, fulfilment and postal/courier companies. We also have a number of direct despatch suppliers.
- Companies who we may work closely with to provide our online service and the relevant marketing such as Big Commerce, Ometria, Feefo, MentionMe, Ibehaviour, Sub2.
- Companies who we may work with on a short term basis to provide customers with special offers and other relevant promotions such as Radio Times, Riverford, River Cottage, Liz Earle and other similar companies. We will only do this if you have given consent for us to share your data with 3rd parties.
- We work with Epsilon Abacus (registered as Epsilon International UK Ltd), Sub2, Experian and Club Canvasse that manage prospect pools on behalf of UK retailers. This members–only club includes shops active in the clothing, collectables, food & wine, gardening, gadgets & entertainment, health & beauty, household goods, and home interiors categories. We all share information on what our customers buy and this information is analysed to help us understand your buying patterns. This helps us plan what we send you, based on what you like to buy. If you don’t want us to hold this information about you and you can change it at any time by updating your mailing preferences – see Mailing Preferences below for information on how to do this.
- When you first made contact with us you were asked if you were happy to receive mailings and offers from third party companies and charities whose products we thought might interest you. If you did not object at the time, but have now changed your mind and no longer want third party mailings, please email us at firstname.lastname@example.org. See Mailing Preferences below for further information.
- Authorities – we may disclose your data when this is required by the law of any jurisdiction to which Sarah Raven may be subject.
Statement regarding Epsilon Abacus
We work with Epsilon Abacus (registered as Epsilon International UK Ltd), a company that manages the Abacus Alliance on behalf of UK retailers and charities. The participating retailers are active in the clothing, collectables, food & wine, gardening, gadgets & entertainment, health & beauty, household goods, home interiors and travel categories. They share information on what their customers buy. Epsilon Abacus analyses this pooled information to help the retailers understand consumers’ wider buying patterns. From this information, retailers can tailor their communications, sending people suitable offers that should be of interest to them, based on what they like to buy.
Please note that Epsilon Abacus may transfer data outside the EEA. The transfer will take place in the presence of appropriate safeguards, including standard data protection clauses adopted by the EU Commission. If you would like more information, please call us on 0345 092 0283, or email us at email@example.com
Statement regarding Sub2 technologies
We work with Sub2 Technologies Limited (“Sub2”), a company which assists us with postal marketing. Sub2 manages a co-operative which is made up of brands which engage in postal marketing. These brands share with Sub2 information about individuals, including you, who receive their postal marketing. This information is pooled and analysed by Sub2 so that Sub2 can better understand your interests and consumer habits. The result is that your data will be shared with other brands which Sub2 thinks you may want to hear from (unless you have opted-out), so that you receive postal marketing which is tailored to you. The types of brand that you are likely to hear from may be in the retail industry or may be in other industries, including but not limited to the financial services, charity, or utilities industries, but in each case, their data will only be shared for postal marketing purposes. For more information on how Sub2 uses your data, please see (link to www.sub2tech.com/privacy)
Statement regarding Feefo
We work with Feefo, a company that manages our online reviews. A feedback request falls under the remit of market research rather than marketing communication. Provided you have given us your details as part of a transaction, we can contact you regarding a review as long as it’s directly related to that transaction. Feefo hold very little of your personal data. They can securely keep the review and associated data, but only for the purposes of replying to you in the event of a Subject Access Request.
your rights over your personal data
An overview of your different rights.
You have the right to request:
- Access to the personal data we hold about you, titled a ‘subject access request’.
- That all your data is deleted from our system.
For both the above requests you must write to:
The Data Protection Officer, Sarah Raven, 1 Woodstock Court, Blenheim Road, Marlborough, SN8 4AN
Your request will be acknowledged upon receipt and we will come back to you within 30 working days. Please note that if you are requesting we delete your record we may out of necessity still hold one file with a note of your request for administration purposes.
- The correction of your personal data when incorrect, out of date or incomplete.
- For example, when you withdraw consent, or object and we have no legitimate overriding interest, or once the purpose for which we hold the data has come to an end (such as the end of a warranty).
- That we stop using your personal data for direct marketing (either through specific channels, or all channels).
- That we stop any consent-based processing of your personal data after you withdraw that consent.
Your right to withdraw consent
Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and withdraw that consent. Please see ‘Your Mailing Preferences’ for further information on how to do this.
Where we rely on our legitimate interest
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected channels. We must always comply with your request.
Checking your identity
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
What are cookies?
Cookies are small pieces of information that are stored on your computer when you visit a website. Cookies are widely used by many different websites and do not harm your computer – instead they are used to analyse the way you use the internet, and can personalise websites to suit your preferences.
If you opt out or disallow cookies you may still see online advertising from us, but the adverts may not be as personalised in terms of offers, products and interests.
What cookies are used on the Sarah Raven website?
When you visit our website, cookies are either set by us (first-party cookies) or by our business partners (third-party cookies). Third-party cookies are often set for advertising and marketing purposes, but may also be used to add extra functionality to the website. The cookies used on our website are categorised into four groups. These groups are:
Strictly Necessary Cookies
These cookies are necessary for the website to function and cannot be switched off in our systems.
These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site.
These cookies enable the website to provide enhanced functionality and personalisation. If you do not allow these cookies then some or all of these services may not function properly.
These cookies may be set through our site by our advertising partners. If you do not allow these cookies, you will experience less relevant advertising.
You can see a list of the cookies used on our website here.
How do I manage my cookies?
You can view or change your cookie preferences on our website at any time, simply click the 'Manage Cookies' button below. You can also view the list of cookies used on our website by clicking the 'View Cookie List' button.
You can also disable cookies by changing the cookie settings in your browser. The instructions for doing this are different for every browser. However, please be aware that blocking cookies in your browser may stop our website from functioning correctly and you may be unable to use our website for shopping purposes.
Our website and emails may contain links to other websites of interest. However, once you have used these links to leave our website, we do not have control over that website. Therefore we cannot be responsible for the protection and privacy of your information whilst visiting such sites. Please exercise caution and read through their privacy statement in order to understand whether and how they will process data about your visit to their site.
We also use Youtube, Facebook, Twitter, Flickr, Pinterest, LinkedIn, Google+ and WordPress. We cannot prevent these sites from collection information on your usage of this embedded content. If you are not logged in to these services, they may still gather anonymous information regarding your usage.