We may update this policy from time to time so please check this policy on our website occasionally to ensure that you’re happy with any changes. When you request services from us, you’re agreeing to be bound by this policy.
If you have any questions about this policy, please email firstname.lastname@example.org or write to us at Unit 11, Penraevon Trading Estate, Penraevon Avenue, Leeds, LS7 2AW.
What data we gather
We may collect the following information in order to provide the services you request:
- Contact information including email address, postal address and phone number
- Relevant information about how to access your property in order to deliver products to you
- Bank account details (should we need to process refunds directly to you)
- Website usage data (when we launch our new website later this year)
- Financial transactions made through PayPal or GoCardless, third party processors who specialise in the secure online capture and processing of financial transactions, are held by them and not by Leeds Bread Co-op.
How we use this data
The data we gather in this way is used to ensure we can deliver our services to you including to:
- Fulfil orders
- Contact you in response to a specific enquiry
- Carry out our obligations arising from any contracts entered into by you and us
- Send you communications about our business which are essential for us to fulfil our obligations to you and, if you have requested them, updates about our business via Mailchimp newsletters
We review our retention periods for personal information on a regular basis. We will hold your personal information on our systems for as long as is necessary for the relevant activity as set out in our data protection policy, or as long as is set out in any relevant agreement you hold with us.
Who has access to your information?
We will not sell or rent your information to third parties.
We will not share your information with third parties for marketing purposes.
Third Party Service Providers working on our behalf:
We may pass your information to our third party service providers for the purposes of completing tasks and providing services to you on our behalf (for example PayPal to process payments and MailChimp to send you mailings). However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service. Please be reassured that we will not release your information to third parties for them to use for their own direct marketing purposes.
That Old Chestnut
Quickbooks Online by Intuit
Cybake by RedBlack Software
Website and Bread Subscriptions
Applying to work with us
When you apply for any of our vacancies, we store the information you provide on your application and in your interview on our secure servers for the time required to complete our recruitment process and for a period of 1 year afterwards for the purpose of any future recruitment rounds and in line with statutory recommendations. We will only ask you for information relevant to the role and to meet our obligations as an employer. If you would prefer us not to do this, please just let us know when you apply. If your application is successful and you come to work with us, we will process and store your personal information in accordance with our data protection policy.
Security precautions in place to protect the loss, misuse or alteration of your information
We don’t ask you for personal information unless we truly need it. When you share your personal information with us, we take steps to ensure that it’s treated securely. We follow stringent procedures to ensure we work with all personal data in line with the General Data Protection Regulation 2018. Any sensitive information is stored securely on our servers and accessed via Nextcloud, both of which are fully GDPR compliant. We don’t store personal information on our servers unless required for the on-going operation of our services. We have taken all reasonable steps to ensure that access to the data held on these servers is limited to those members of staff who need your information as part of their role at Leeds Bread Co-op. Everyone who works in our Co-op is expected to work within GDPR guidelines and this forms part of their job descriptions.
How you can access and update the information we hold about you
We will never lease, distribute or sell your personal information to third parties except to comply with the law, develop our products, or protect our rights. Any personal information we hold about you is stored and processed under our data protection policy, in line with the General Data Protection Regulation 2018.
The accuracy of your information is important to us. If you change your contact details, or any of the other information we hold about you or your organisation, please email us at: email@example.com or write to us at Unit 11, Penraevon Trading Estate, Penraevon Avenue, Leeds, LS7 2AW.
You have the right to ask for a copy of the information Leeds Bread Co-op holds about you, known as making a Subject Access Request (we may charge £10 for information requests to cover our costs in providing you with these details). To do this, email firstname.lastname@example.org or write to us at Unit 11, Penraevon Trading Estate, Penraevon Avenue, Leeds, LS7 2AW.
You have the right to have personal data erased if we are no longer required to hold it by law. To make such a request, email email@example.com or write to us at Unit 11, Penraevon Trading Estate, Penraevon Avenue, Leeds, LS7 2AW.