Our promise to you
Introducing our policy
This policy governs any kind of processing of personally identifiable information about natural persons, who are consumers of Jellycat products or services (“personal data”), by Jellycat Limited and all entities within the corporate group headed by it’s ultimate parent undertaking (the “Jellycat Group”). This policy applies to our processing of personal data collected through any means, actively as well as passively, online as well as offline, from persons located anywhere in the world. Any question regarding our processing of personal data may be directed to:
Customer Care Team
800 North Washington Avenue
Minneapolis MN 55401
We are guided by the following principles when processing personal data:
- We will only collect personal data for specific and specified purposes;
- We will not collect personal data beyond what is necessary to accomplish those purposes;
- We will not use personal data for purposes other than that for which the data was collected, except as stated herein, or with prior consent;
- We will not transfer personal data to third parties or across borders, except as stated herein, or with prior consent;
- We will seek to verify and/or update personal data periodically, and we will accept requests for amendments of personal data;
- We will apply high technical standards to make our processing of personal data secure;
- Except when stated herein, we will not store personal data in identifiable form longer than is necessary to accomplish its purpose, or as is required by law.
Transfer of personal data to third parties and/or other countries
As a general principle, we process personal data in order to facilitate or improve our offerings and services to you. From time to time, we may purchase supplementary data from public sources to complement our data bases.
- We do not process personal data on behalf of third parties, nor do we sell personal data to, or share personal data with, third parties for their own, independent use, except if you allow us to do so.
- We do share personal data with third party vendors when it is necessary to provide services that we don’t perform ourselves, e.g. shipping of Jellycat products, etc.
- We also use third party data hosting companies to store personal data collected by us in their servers, and to do data validation checks for us.
- We may undertake or commission consumer research projects from time to time and we may share personal data with third party research companies for this purpose. Also, such third party research companies may host survey data in their data bases on our behalf.
All data transfers to third party vendors or partners, including those listed as examples above will be subject to a written contract between us and the third party vendor or partner in question, and the vendor or partner will not have any authority to use such personal data for any purpose other than as instructed by us.
When relevant, personal information may be shared among the business units and entities inside the Jellycat Group. We will disclose personal data when legally obligated to do so under subpoena or court order, or for law enforcement purposes. For operational security reasons, we may process (mirror) personal data in the United Kingdom and the United States. This means that personal data processed by us may be transferred between our facilities in the United Kingdom and the United States periodically.
Processing of personal data through online shopping
When you use our service online or offline (e.g. ordering online via jellycat.com or via our customer care team, or otherwise), we will process transaction-related personal data, such as your first and last name, mailing and shipping address, phone number, email address, credit card or other payment information, and gender. We will also process information about your purchases with us.
We will use such personal data to process and deliver your order, to provide notification of order status, and to update your profile periodically to ensure that we have the most accurate personal data available. We will also use said personal data to analyze customer behaviour and to customize our communication with you, if applicable. In this respect, we may transfer tracking information about your use of our sites to external service providers, which will help us optimize your browsing experience. Optimization services will be performed under a written contract between us and any service provider.
If you opt-in (or upon request), we will send you Jellycat promotional and marketing emails. These may be targeted to you based on your purchase history or online browsing behaviour.
Catseye London Customer Care
Please contact our customer care team with questions or comments related to Catseye London, our products and services. When you contact us, we will process personal data such as your email address, your gender, first and last name, mailing address, phone and/or cell phone number, as relevant.
- The type of browser you use and what plug-ins you have installed. This keeps us from bothering you every time you enter the site in order to make sure that you have the necessary equipment to display information from our sites. It also allows us to know how many people are using certain types of software, so that we can adjust our site to provide the best browsing experience for every visitor.
- Your language and region choice. This means that if you have once chosen English as a language this is the default language that will be using when you revisit us
- Your shopping bag and shopping options.
- What products you view and buy in the store so we can provide you with suggestions.
- What products and gallery entries you have rated and the rating you have given.
- Your movement on and usage of our sites. We do not collect personal data as part of this. We collect statistical data so we can optimize our site.
- Recently used data - to improve performance. In case we store personal data in a cookie, the information will be encrypted and thus safe.
We use third party companies as suppliers for some of our functions. Their use of the data is controlled by our contract with them and they are only allowed to use the data strictly for the purpose we have stated .e.g. the data is not used in connection with data from other companies and we are not tracking user behaviour outside our own sites.
Most browsers automatically accept cookies. You can prevent cookies from being stored on your computer or device by setting your browser to not accept cookies. Some browsers provide a mode where cookies are always deleted after a visit. This is called InPrivate in Internet Explorer version 8 and newer; Incognito in Google Chrome version 10 and newer; Private Browsing in Firefox version 3.5 and newer; Private Browsing in Safari version 2 and newer and Private Browsing in Opera version 10.5 and newer.
The exact instructions for this can be found in the manual for your browser. You can delete cookies already on your computer or device at any time. If you choose not to accept cookies at all, you can still visit our website, however we cannot guarantee an optimum experience without cookies.
Review and update of personal data
You may always contact us to review and update personal data we may have stored about you. Please get in touch with our Customer Care team. Please note that prior to accessing and making changes to your account, we must verify your identity properly. It may take up to 10 business days before changes take effect.
Shopping data security
Access to a number of jellycat.com services are protected by access restrictions based on your email address and password. It is important that you always choose a password which is hard to guess for others, and protect your password against disclosure.
All external transmissions of payment data facilitated by us are protected by encryption.
All data storage, at Jellycat Group operated computer facilities as well as at business partner facilities, will be subject to written contracts.
Generally, processing of personal data will take place in accordance with applicable legislation and best practices concerning data security.
Credit card information is directed to one or more approved and certified service provider(s), and will not be stored by us for longer than it takes to process the data.
Handling of personal data is controlled by documented policies and procedures, including strict physical and logical access control, security back-up, failover, anti-malware protection, monitoring and vulnerability detection mechanisms.
Keeping our policy up to date
We may need to change our data processing policy from time to time to keep up with the ways in which we collect, use, transfer, store and/or delete personal data. If policy changes are made, which would materially and adversely affect the privacy of individuals to whom this policy applies, we will endeavor to give notice of such changes to all individuals concerned.
Effective date: 23 July 2013