Privacy Policy | The Pet Agency

Welcome to The Pet Agency! The protection of your personal data is important to us. We process your data in accordance with the UK`s Data Protection Act (DPA) and the General Data Protection Regulation (GDPR) and this Privacy Policy.

This Privacy Policy explains which personal data we collect from you via our website, what we use it for, when we delete it and how your data is protected. In addition, we will inform you of the respective legal basis that allows us to process your data. Finally, we will also tell you about your rights in connection with the processing of your data.

Personal data is information that makes it possible to identify a natural person. This includes in particular, your name, date of birth, address, telephone number, e-mail address, but also your IP address. Anonymous data exists if no personal reference to the user can be made.

The responsible party in terms of data protection law is:

The Pet Agency,

Whitegates, Laughton,

Lewes, BN8 6BX, UK

E-Mail: contact@thepetagency.co.uk

Web: www.thepetagency.co.uk

Instagram: [Insert Link]

Tel: 07985 470 960

Data collection

All personal data that we obtain from you via the website will only be processed for the purposes described in more detail below. This is done within the framework of the respective legal regulations mentioned or only with your consent.

In particular, Art. 6 GDPR specifies when data processing is permitted. The Pet Agency collects personal data if:

you have given your consent (Art. 6 para. 1 lit. a GDPR),
the data is necessary for the fulfilment of a contract / pre-contractual measures (Art. 6 para. 1 lit. b GDPR),
the data is necessary for the fulfilment of a legal obligation (Art. 6 para. 1 lit. c GDPR) or
the data is necessary to protect the legitimate interests of our company, provided that your interests worthy of protection are not overridden (Art. 6 para. 1 lit. f GDPR). Storage duration or criteria for determining the duration

The Pet Agency processes and stores your personal data only for the period of time required to achieve the respective processing purpose or for as long as a legal retention period (in particular commercial and tax law) exists. Once the purpose has been achieved or the retention period has expired, the corresponding data is routinely deleted.

Data transfers

In certain cases, it is necessary to transmit the processed personal data in the course of data processing. In this respect, there are different recipient bodies and categories of recipient.

Internal

If necessary, we transfer your personal data within The Pet Agency. Of course, we comply with the associated legal framework and ensure that your data is processed properly. Access to your personal data is only granted to authorised staff and pet sitters who need access to the data due to their job and services, respectively.

External bodies

Personal data is transferred to the following categories of recipients, in compliance with legal requirements:

Service providers in the context of fulfilment processing,
Service providers including payment services,
Service providers within the scope of communication systems,
Authorities and institutions as far as this is required or necessary.

Secure transmission of your data

In order to protect the data stored with us in the best possible way against accidental or intentional manipulation, loss, destruction or access by unauthorised persons, we use appropriate technical and organisational security measures. The security levels are continuously reviewed in cooperation with security experts and adapted to new security standards.

Links to other providers

Our website also contains - clearly recognisable - links to the websites of other companies. As far as there are links to websites of other providers, we have no influence on their contents. Therefore, no guarantee or liability can be assumed for these contents. The respective provider or operator of the pages is always responsible for the content of these pages. The linked pages were checked for possible legal violations and recognisable infringements at the time of linking. Illegal contents were not recognisable at the time of linking. However, permanent monitoring of the content of the linked pages is not reasonable without concrete indications of a legal violation. Such links will be removed immediately if infringements of the law become known.

Data subject rights

We are happy to inform you below about the rights to which you as the person concerned may be entitled to free of charge. These rights are standardised in both the DPA and GDPR. This includes:

the right to information (Art. 15 GDPR),
the right to rectification (Article 16 GDPR),
the right to erasure (Article 17 GDPR),
the right to restriction of data processing (Article 18 GDPR),
the right to data portability (Article 20 GDPR),
the right to object to data processing (Article 21 GDPR),
the right to revoke any consent you have given (Art. 7 (3) GDPR), and
the right to lodge a complaint with the competent supervisory authority (Art. 77 GDPR).

Please contact us at any time with questions and suggestions regarding data protection and to enforce your rights as a data subject.

Right of complaint Supervision

You are of course free to contact the supervisory authority that applies to you at any time. Alternatively, you can also contact our supervisory authority, which is:

The Information Commissioner`s Office (ICO) located at Wycliffe House, Water Ln, Wilmslow SK9 5AF, UK (www.ico.org.uk)

We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Wix

For our web development services we use the website builder Wix of the Israeli company Wix.com Ltd. In addition to the headquarters in Tel Aviv, there are other company headquarters such as in Berlin, Dublin, Vancouver or New York. By using Wix, personal data of you may also be collected, stored and processed. With this privacy policy we want to explain to you why we use Wix, which data is stored where and how you can prevent this data storage.

The data may be stored on different servers that are distributed around the world. For example, data may be stored in the USA, Ireland, South Korea, Taiwan or Israel. Wix always stores data until it is no longer required for the service provided. We have not yet been able to find out more details about the duration of data storage.

Hosting

To provide our website, we use the services of 123 Reg Ltd who process the below-mentioned data and all data to be processed in connection with the operation of our website on our behalf. The legal basis for the data processing is our legitimate interest in providing our website.

Collection of access data and log files

We, or rather 123 Reg Ltd, collect data on every access to our website on the basis of our legitimate interest Art. 6 (1) sentence 1 lit. f GDPR. The access data includes the name of the website accessed, file, date and time of access, amount of data transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page), IP address and the requesting provider.

Log file information is stored for security reasons (e.g., for the clarification of abuse or fraud) for a maximum of 7 days and then deleted. Data whose further storage is necessary for evidentiary purposes is exempt from deletion until the respective incident is finally clarified.

In order to make visiting our website more attractive and to enable the use of certain functions, we use so-called cookies. These are small text files that are stored on your terminal device and store certain information for exchange with our system. The legal basis for the processing of this data is Art. 6 (1) sentence 1 lit. f GDPR. For further details on the cookies, we use please read our Cookie Policy.

Newsletter

On our website, users are given the opportunity to subscribe to our newsletter. In principle, our newsletter can only be received by the data subject if he or she registers for the newsletter mailing. For legal reasons, a confirmation email is sent to the email address entered by a data subject for the first time for the newsletter dispatch using the double opt-in procedure. This confirmation e-mail serves to verify whether the owner of the e-mail address as the data subject has authorised the receipt of the newsletter.

When registering for the newsletter, we also store the IP address of the device used by the data subject at the time of registration as well as the date and time of registration, which is assigned by the Internet service provider (ISP). The collection of this data is necessary in order to be able to trace the (possible) misuse of the e-mail address of a data subject at a later date and therefore serves our legal protection.

The personal data collected in the context of a registration for the newsletter is used exclusively for sending our newsletter. Furthermore, subscribers to the newsletter could be informed by e-mail if this is necessary for the operation of the newsletter service or a related registration, as could be the case in the event of changes to the newsletter offer or changes to the technical circumstances.

The processing of your e-mail address is thus based exclusively on your consent (Art. 6 para. 1 p. 1 lit. a) GDPR). You can revoke this consent at any time. An informal e-mail to us is sufficient for this purpose. The legality of the data processing operations carried out until the revocation remains unaffected by the revocation. The provider of our Newsletter is also Wix.

Contact options

We process and store the personal data provided in the contact enquiry solely for the purpose of processing and responding to your enquiry and contacting you. The legal basis for the processing of your personal data is Art. 6 para. 1 lit. b) GDPR.

If you write to us via e-mail, we will process the data you provide in the e-mail in order to contact you and answer your questions and requests. In doing so, the principle of data economy and data avoidance is observed in that you only have to provide the data that we absolutely need from you in order to contact you. These are usually your first and last name, your e-mail address, the topic selection and the message field itself. In addition, your IP address is processed out of technical necessity and for legal protection.

Social media

We maintain presences in social media. Insofar as we have control over the processing of your data, we ensure that they comply with applicable data protection regulations. However, you use these platforms and their functions on your own responsibility. This applies in particular to the use of the interactive functions (e.g., commenting, sharing, rating). With your consent, data may be transferred to a third country outside the UK and the EEA, which may have a lower level of data protection than the UK and the EEA (Art. 49 para. 1 p. 1 lit. a GDPR). We maintain our social media profiles in order to communicate with visitors to these profiles es and to inform them about our offers in this way.

Since we do not have complete access to your personal data, you should contact the providers of the relevant social media platform directly if you wish to assert your rights, as they each have access to the personal data of their users and can take appropriate measures and provide information.

Business-related processing

In addition, we process contract data (Name, address, mobile number, house number, email address, credit / debit card details, and payment confirmation data) of our customers, prospective customers for the purpose of providing contractual services and customer care, marketing, advertising, and market research.

Contractual services

We process the data of our customers within the scope of our contractual services. In doing so, we process: inventory data (e.g., customer master data, such as names or addresses), contact data (e.g., e-mail, telephone numbers), content data (e.g., text entries, testimonials and messages), contract data (e.g., subject matter of contract, term), usage data and metadata (e.g., in the context of evaluating and measuring the success of marketing measures).

As a matter of principle, we do not process special categories of personal data, unless these are components of commissioned processing. The purpose of the processing is the provision of contractual services, billing, and our customer service. We process data that is necessary for the justification and fulfilment of contractual services and point out the necessity of their disclosure. Disclosure to external parties only takes place if it is necessary in the context of the service.

When processing the data provided to us within the scope of providing our services, we act in accordance with the instructions of the client as well as the legal requirements of order processing pursuant to Art. 28 GDPR and do not process the data for any other purposes than those specified in the services.

We delete the data after the expiry of statutory warranty and comparable obligations. The necessity of storing the data is reviewed every three years; in the case of statutory archiving obligations, the deletion takes place after their expiry (6 years).

In the case of data disclosed to us by the user within the scope of a services, we delete the data in accordance with the specifications of the services, in principle after the end of the services.

Administration, financial accounting, office organisation, contact management

We process data within the scope of administrative tasks as well as organisation of our business, financial accounting, and compliance with legal obligations, such as archiving.

In doing so, we process the same data that we process in the context of providing our contractual services. The purpose and our interest in the processing lies in the administration, financial accounting, office organisation, archiving of data, i.e., tasks that serve the maintenance of our business activities, performance of our tasks and provision of our services.

The deletion of data with regard to contractual services and contractual communication corresponds to the information mentioned in these processing activities.

In this context, we disclose or transmit data to the tax authorities, consultants such as tax advisors or auditors as well as other fee offices and payment service providers.

Furthermore, we store information on suppliers, pet sitters and other business partners on the basis of our business interests, e.g., for the purpose of contacting them at a later date. This data, most of which is company-related, is stored permanently.

Account Registration

On our website, we offer you the opportunity to register by providing personal information and non- personal information, in particular your email address. The data is entered in the registration form is transmitted to us and stored. Registration is necessary in order to set up your account, which you can use to access our services. You can delete your account at any time on our website either by using the delete function in your account or by contacting us.

Profile

As a registered user, you have the opportunity to create a user profile with just a few clicks and details. If you make use of the option, the relevant profile data you provide will be transferred to your profile. Of course, you can change the information at any time via the settings in your profile. When creating a profile, you can submit personal data. You have choices about the information on your profile. You don’t have to provide additional information on your profile; however, profile information helps you to get more from our Services. It’s your choice whether to include sensitive information on your profile and to make that sensitive information public. Please do not post or add personal data to your profile that you would not want to be available. The legal basis for the processing of your personal data is the establishment and implementation of the user contract for the use of the service. We store the data until you delete your user account. Insofar as legal retention periods are to be observed, storage also takes place beyond the time of deletion of a user account. The basis for this storage is our legitimate interest in communicating with interested users, in the case of contracts, also the storage of contract data.

Use of the Services

We collect, process, and use the information you provide in the context of your use of our services this may include personal information and non- personal information. We store the information you provide for the period of processing and handling the contract. Data that we are required to store due to legal, statutory or contractual retention obligations will be blocked instead of being deleted to prevent it being used for other purposes. The processing of the data serves the fulfilment of the contract with you.

Payment Transactions

We do not collect or store any payment transaction information such as credit card numbers or bank details during the online payment process. You only provide this information directly to the respective payment service provider currently Wix Payments and their payment options including Visa, Mastercard, American Express, Discover, Diners, CUP, JCB, Maestro and Apple Pay.

Direct marketing

From time to time, we may use the personal data we collect from you to identify particular products offers which we believe may be of interest to you. We may contact you to let you know about these products and services and how they may benefit you.

You may give us your consent in a number of ways including by selecting a box on a form where we seek your permission to send you marketing information, or sometimes your consent is implied from your interactions or relationship with us. Where your consent is implied, it is on the basis that you would have a reasonable expectation of receiving a marketing communication based on your interactions or relationship with us.

Direct Marketing from generally takes the form of e-mail but may also include other less traditional or emerging channels. These forms of contact will be managed by The Pet Agency, or by our contracted service providers. Every directly addressed marketing form sent or made by us or on our behalf should include a means by which customers may unsubscribe (or opt out) of receiving similar marketing in the future. You can ask us to remove or amend any previous consent you provided by contacting us.

Storage and retention

Your personal data will be stored by us only for as long as is necessary to achieve the purposes for which the data was collected or - if statutory retention periods exist that go beyond this point and for the duration of the legally prescribed retention period. We then delete your personal data. Only in a few exceptional cases is your data be stored beyond this period, e.g., if storage is necessary in connection with the enforcement of and defence against legal claims against us.

The Pet Agency is entitled to process your personal data insofar as this is necessary to fulfil legal obligations. For this purpose, The Pet Agency may transfer this data in particular to authorities, law enforcement agencies and courts. In this case, the transfer of your data is required for compliance with a legal obligation to which we are subject. The Pet Agency is further entitled to process personal data if and to the extent necessary to detect or prevent misuse of this website or to enforce claims of The Pet Agency, its employees or users, whereby the data processing in these cases is necessary to protect these aforementioned legitimate interests.

International transfers

Our main operations are based in the UK and your personal information is generally processed, stored and used within in the UK. In some instances, your personal information may be processed outside the UK. If and when this is the case, we take steps to ensure there is an appropriate level of security, so your personal information is protected in the same way as if it was being used within the UK. Where we need to transfer your data outside the UK, we will use approved standard contractual clauses in contracts for the transfer of personal data to third countries.

Data Breaches/Notification

Databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, The Pet Agency will notify all affected individuals whose Personal Data may have been compromised, and the notice will be accompanied by a description of action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.

Confirmation of Confidentiality

All company employees must maintain the confidentiality of Personal Data as well as company proprietary data to which they may have access and understand that that such Personal Data is to be restricted to only those with a business need to know. Employees with ongoing access to such data will sign acknowledgement reminders annually attesting to their understanding of this company requirement.

Changes

This Policy and our commitment to protecting the privacy of your personal data can result in changes to this Policy. Please regularly review this Policy to keep up to date with any changes.

Who should I contact for more information?