Data Controller Textiles Francais PLC is the ‘Data Controller’, meaning that when you use the Textiles français website(s), we determine how the data that are collected are processed and we are responsible for your privacy.
The basic principles (the details are explained further below):
- Your privacy and security are paramount - we are consumers, just like you, so we know the importance to you of protecting your privacy and the security of your personal data
- Only what is necessary - we do not process or store any unnecessary personal data about you, just what is needed to deliver the best service for you. When we no longer need it, we erase it.
- No spam - we do not send any marketing messages to you, unless you decide that you wish to receive them and we do not contact you, unless you request us to do so
- Your are the boss - if you have asked to receive marketing messages from us or have asked us to contact you, and you wish to withdraw your consent, you can do so at any time
- Sharing can be great, but not always - we never share your personal data with a third party, unless it is absolutely necessary to fulfil a contract or to fulfil our legal obligations
The legal bases on which we rely when we process your personal data
When we process your personal data, we must demonstrate one or more legal bases for doing so, in respect of each processing of your data. There are four bases that are relevant to us.
- Consent - we have your consent to the processing because you have, positively, explicitly and clearly agreed to it [We only normally rely on this basis in respect of your agreement to receive marketing messages or when you have consented to us contacting you - for example, you have chosen to tick a box on our website, requesting marketing or contact from us]
- Contract - we have a contractual obligation to you and it is necessary for us to process your personal data in order to fulfil that contractual obligation, or because you have made a request to us (e.g. asked us for a quotation for a product or service) prior to us entering into a contract [We generally rely on this basis when you have placed an order with us and we use your personal data to process your order, to provide updates regarding it and to deliver it to you using our delivery partners]
- Legal Obligation - we have a legal obligation to comply with, for which it is necessary for us to process your personal data [Government organisations, the police and fraud prevention organisations may request certain personal data from us about individuals and we may be under a legal obligation to provide this to them]
- Legitimate Interests [In order to pursue our legitimate, commercial interests in running our business, we rely on the use of certain personal data in ways that you would reasonably expect us to do, provided that our processing has only a minimal impact on your privacy and provided that the same result could not be achieved in another way that would not impact your privacy to the same extent]
When we collect your personal data
There is a limited number of instances when we collect your personal data. These are as follows:
- You make a purchase from us, whether on our website(s) -as a guest or using your account, an app, by telephone or email, or by any other means
- You download our app(s)
- You sign up to a newsletter or other type of marketing communication
- You communicate with us using social media platforms and services
- You create an account on our website(s), via an app, email or any means
- You make contact with us via our website(s), an app, email, a third-party marketplace, telephone or any other means
- A third party shares your personal information with us and you have given that third party your consent to us being provided with it. The most common example of this is when a marketplace platform (e.g. amazon, ebay, DaWanda) shares the details of an order that you have placed on the marketplace for our product(s) that we will supply to you. We will be supplied with only those details that are required to fulfil your order, namely your name, address, telephone number (if you provide it) and the details of your order. We do not receive any payment-related information (e.g. credit/debit card details or bank details).
- You review one of our products or our services, whether on our website, app or on a third-party marketplace.
What personal data do we collect?
When you contact us, register for an account with us or place an order with us, we may collect the following personal data from you. The extent of the data collected will depend on the interaction itself and the following list is not exhaustive.
- Your name, address, landline telephone number and/or mobile number, email address
- Your gender
- Your date of birth
- Your order history
- Your computer / device type, your device’s IP address and your location
- An encrypted version of your account password
- Your communication(s) with us
- Your product reviews and feedback about our products and/or service
- Publicly available personal data
How and why we use your personal data
We strive to offer the very best in terms of products and service to you, our valued customer. In order to do so, we use your personal data both to fulfil our contract with you when you purchase from us and to offer the highest standards of service and security, to give you confidence and peace of mind.
The table below details examples of how we process some of your data and the reason(s) for the processing.
How we use it
Why we use it
Your name, address, telephone number(s) and email address
To send your order to you and to update you about your order status. We also use these for the prevention and identification of fraud.
We cannot send your order to you unless we have these details. Your security and the prevention and detection of fraud are in the interests of all of our customers and us.
We use this information in an anonymised, aggregated form, with other customers’ data for business planning.
The information assists us with product range choices and to offer the very best products that you wish to purchase.
Your date of birth
For the prevention and identification of fraud.
Your security and the prevention and detection of fraud are in the interests of all of our customers and us.
Your order history and details of products in your wish list(s)
For customer service, for stock planning and new range choices.
We need to perform our contract with you when you purchase from us and we like to have availability of what you want to purchase.
Your device information, IP address and location, along with an encrypted record of your password (if you have an account)
For the prevention and identification of fraud. Choose the languages, counties and devices to make our products available for.
Your security and the prevention and detection of fraud are in the interests of all of our customers and us. Our global customer base should find our products and website(s) and app(s) as accessible as possible.
For customer service and for staff training.
We need to perform our contract with you when you purchase from us. We also seek to offer the best standards in customer service when you interact with our staff.
Cookie information, product reviews and feedback
To offer targeted offers and benefits when you use our site(s) and app(s). For product planning and improvements to our products and service.
We like to offer you what you like to purchase (the best shopping experience) and to compete for your valued custom. We also seek to offer the best standards in customer service when you interact with our staff.
Protection and security of your personal data
Your personal data and their protection and security are as important to us as they are to you. Therefore, all areas of our website use ‘https’ technology to encrypt the data that pass between your browser/device as you use our site and our website server(s). This serves to ensure that, to the extent possible with current technology, all data, most importantly your personal and sensitive data, including payment details, cannot be intercepted. However, transmission of data over the internet is not completely secure and we cannot guarantee the security of data sent to us. Your data may be stored on our secure servers outside your country of residence, including the UK and Isle of Man.
We operate a range of internal procedures to implement our data security policy and we train employees on their importance and their application, undertaking necessary regular reviews.
Payments on our website(s) - we do not store any payment details (e.g. credit/debit card details) on our systems in relation to your purchases. We use a third party payment processing company, to whose site you are transferred in order to complete your payment.
We use PayPal to process payments for purchases made on our website(s) - PayPal (Europe) S.à.r.l. & Cie. S.C.A., 22-24 Boulevard Royal, 2449 Luxembourg, Luxembourg. When you choose to pay for goods using the PayPal service, including payments made using a PayPal account, a credit or debit card or any other payment method offered, we transmit to PayPal necessary data for the processing of your payment. These data include your name, address, email address, telephone number and other data necessary for payment processing including the details of your order. These data are send using https encrypted technology.
PayPal’s data protection provisions are available at https://www.paypal.com/uk/webapps/mpp/ua/privacy-prev
Sharing your personal data
We only share your personal data when it is absolutely necessary and never sell or share your personal data for marketing purposes. There are some very limited instances when we do share limited, necessary information with the following third party partners and organisations, including:
- Delivery partners We provide information to our delivery partners, in order to enable them to deliver your order to you. This information is normally limited to your name, address details and your telephone number (if you have provided this to us). Without this, our partners could not deliver your order to you.
- Payment processing partners The payment processing on our website is undertaken by trusted third party providers. We only transfer the data that are required to enable your payment to be managed and completed.
- Government organisations, the police and fraud prevention organisations We may receive requests for your personal data from various government, law enforcement and regulatory agencies. If we consider that we are under an obligation to do so, we may share these data with them.
Your rights in respect of your personal data
You have a number of important rights under the data protection legislation, as follows:
- The right to access the personal data that we hold about you. You can request that we provide you with the details.
- The right to rectification of your personal data, in the event that it is incorrect or incomplete. We can refuse this request in certain circumstances.
- The right to erasure of your personal data (commonly known as the ‘right to be forgotten’). This right only applies in certain circumstances.
- The right to restrict processing of your personal data. If this is applicable, we are permitted to retain and store your personal data but we cannot use it.
- The right to data portability. This enables you to obtain or transfer your personal data to another service or environment.
- The right to object to the processing of your personal data. You have an absolute right to object to us using your personal data for marketing purposes. Otherwise, you can object to our processing, unless we can demonstrate a compelling reason to continue doing so.
- Rights related to automated decision-making, including profiling. We do not use automated decision-making or profiling.
- The right to complain to the Regulator. Please see the section below that explains how to do so.
You can exercise these rights verbally or in writing. We will respond to your request under your rights to access, to rectification, to erasure, to restrict processing and to object within a maximum of one month. We will not charge a fee, other than in exceptional circumstances and only then if we are permitted to do so (for example, if we receive excessive numbers of requests from you).
Your personal data and processing outside Europe and the EEA
How long we keep your personal data
We will only keep your personal data for as long as we require it for the provision of our services to you and for the purpose for which it was originally collected, except as detailed below.
In order to fulfil our legal, contractual and regulatory obligations (which include, but are not limited to, fraud prevention, dispute resolution and enforcement of our terms and conditions), we may keep some of your data for a period beyond the time when our goods or services have been provided or when, for example, you have ceased to have an account with us, your contact with us has ended or you have asked us to cease processing your personal data.
We normally keep your order details for a maximum period of seven years, for example, in order that we can fulfil our obligations to taxation and regulatory bodies. We may keep personal data for a longer or shorter period, if the law requires us to do so, or in order to bring or defend any legal claims, for example.
In all cases when you request that we erase your personal data in accordance with your rights, provided that we are not permitted or required to retain the data, we will do so.
Cookies on our website(s)
Complaints to the Regulator
In the event that you believe that we have not processed your personal data correctly, or that your requests to us in accordance with your rights have not been dealt with effectively, you have the right to complain to the Information Commissioner. The website address is: www.inforights.im
We would ask you to contact us before lodging a complaint, in order that we have the opportunity to rectify the issue to your satisfaction.
If you live outside the Isle of Man
If you have a complaint relating to our processing of your personal data, or our response to your requests in accordance with your rights, please address your complaint to the data protection regulator in your country of residence.
Do you have any questions? How to contact us
- you wish to exercise any of your rights, as described above
- you wish us to stop using your personal data in certain ways
- you have a complaint regarding your personal data, privacy or security
In order to do so, please contact us via our website contact form, or write to us at the following address:
Data Protection Officer
Unit 10B Tromode Estate
Isle of Man