Data Protection Policy
This Data Protection Policy covers how we collect, use, disclose, transfer, and store your personal data. This Data Protection Policy was last updated on the 31st of March 2020.
This Data Protection Policy applies to the services of My Desi Bazaar.
If you live in the European Economic Area Directive 95/46/EC (General Data Protection Regulation) is the European Regulation and in the UK, it is the Data Protection Act 2018.
My Desi Bazaar of 111 London Road London SE1 1ew, is the Controller of your personal data.
The Information Commissioner’s Office (ICO) in the UK is the for us relevant authority in matters of data protection.
This Data Protection Policy describes how we handle and protect your personal data and the choices available to you regarding collection, process, access, and how to update, correct and delete your personal data. Additional information on our personal data practices can be found in our contractual terms. This Data Protection Policy is intended for you as a user of our website and services.
What is personal data?
Personal data refers to any information relating to an identified or identifiable natural person (“Personal Data”).
What data do we collect?
We may collect data or ask you to provide certain data when you use our website and services. The sources from which we collect Personal Data are:
Data collected directly from you or your device relating to an identified or identifiable natural person (“Data Subject”) and may include direct identifiers such as name, address, email address, phone number.
Data collected online or through indirect identifiers such as your IP address.
Data collected that is linked, for example if you have used our service and later choose us again, we will link your data and treat that linked data as Personal Data.
In addition, we will on occasion need to process special category personal data or criminal records information (such as when carrying out CBS checks) in accordance with rights or duties imposed on it by law, including as regards safeguarding and employment, or from time to time by explicit consent where required. These reasons will include:
In connection with employment of our staff, for example CBS checks, welfare, union membership or pension plans;
As part of any external complaints, disciplinary or investigation process that involves such data; or
For legal and regulatory purposes and to comply with its legal obligations and duties of care
We do not rely on passive consent and seeks positive confirmation, in all cases where this is required.
As described above, we link data and if we have already collected some of your data, we will only ask you for the remaining data that is necessary to carry out the service contracted for.
On what grounds do we collect Personal Data?
We use your Personal Data for the following purposes and on the following grounds:
On the basis of fulfilling our contract (when you use our service)
On the basis of your consent (when you subscribe to our newsletter)
On the basis of legal obligations (for obligations such as tax, accounting, or when a court or other authority asks us to)
On the basis of our legitimate interest (for communications about security, privacy and performance improvements of our services. Or for establishing, exercising or defending our legal rights.)
Of course, before relying on any of those legitimate interests we balance them against your interests and make sure they are compelling enough and will not cause any unwarranted harm.
When do we disclose your Personal Data?
We disclose your Personal Data in response to your business enquiry or your request for information within our Company in order to provide the best service possible and within our legitimate interest.
We may share your information with organisations that help us provide the services described in this Data Protection Policy and who may process such data on our behalf and in accordance with this Data Protection Policy, to support this website and our services. For example, with our legal other professional advisors.
In relation to our website, we may share a cookie identifier and IP data with analytic and advertising network services providers to assist us in the improvement and optimisation of our website which is subject to our Cookies Policy.
We may disclose personal information in other circumstances such as when you agree to it or if the law, a Court order, a legal obligation or regulatory authority ask us to. If the purpose is the prevention of fraud or crime or if it is necessary to protect and defend our right, property or personal safety of our staff, the website and its users.
How long do we keep Personal Data?
We will only keep the information required to provide our service as long as you are a client. So that we can meet our obligations and for a period after that to identify issues, respect claim limitation periods and to resolve any legal proceedings.
You can learn how long your information is held and when it is destroyed from our Data Retention Policy which you can request from us directly.
You have the right to:
information about the processing of your personal data
obtain access to the personal data held about you
ask for incorrect, inaccurate or incomplete personal data to be corrected
request that personal data be erased when it’s no longer needed or if processing it is unlawful
object to the processing of your personal data for marketing purposes or on grounds relating to your particular situation
request the restriction of the processing of your personal data in specific cases
receive your personal data in a machine-readable format and send it to another controller (‘data portability’)
request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers. You also have the right in this case to express your point of view and to contest the decision
Where the processing of your personal information is based on consent, you have the right to withdraw that consent without detriment at any time by contacting us.
If you feel that your request is not satisfactorily resolved by us, you may approach your local data protection authority. The Information Commissioner’s Office is the supervisory authority in the UK and relevant to My Desi Bazaar.
How do we protect your Personal Data?
We protect your data using state of the art technical, and physical safeguards and operate a firm system of policies, confidentiality agreements, digital safeguards and procedures to ensure the highest level of administrative protection.
In more detail, to access our database the user must be authorised, is challenged through authentication system and use an encrypted VPN. Also, the removal of Personal Data from our location is forbidden and made by using a complex encryption system very difficult.
We use modern antivirus and anti-malware software and up-to-date firewall protection. Moreover, authorised personnel must have a legitimate need to know interest such as being your point of contact or service your user account.
The data we collect from you may be stored, with appropriate technical and organisational security measures applied to it, on in-house computers in the United Kingdom. In all cases, we follow generally accepted standards and security measures to protect the personal data submitted to us, both during transmission and once we receive it.
To exercise any of your rights, or if you have any questions or complaints about our use of your Personal Data and this policy, please contact us.
This Privacy Notice and our commitment to protecting the privacy of your personal data can result in changes to this Privacy Notice. Please regularly review this Privacy Notice to keep up to date with any changes.
Queries and Complaints
Any comments or queries on this policy should be directed to us using the following contact details.
My Desi Bazaar
111 London Road London SE1 1ew
If you believe that we have not complied with this policy or acted otherwise than in accordance with data protection law, then you should notify us. You can also make a referral to, or lodge a complaint with, the Information Commissioner’s Office.