Ransom & Son Limited (trading as “Ransoms Garden Centre”), The Gardeners Tea Room Limited (trading as “Ransoms Tearooms & Restaurant”) and Katherine Ransom (trading as “The Potting Shed”) are committed to compliance with all relevant Jersey laws in respect of personal data, and to protecting the “rights and freedoms” of individuals whose information they collect in accordance with the General Data Protection Regulation (GDPR). Throughout this document Ransoms & Son Limited, The Gardeners Tea Room Limited and Katherine Ransom will be referred to as “Ransoms”, “we”, “our”, or the “companies”.
During the course of our activities, we will collect, store and process personal information and we recognise the need to treat it in an appropriate and lawful manner. The types of information that we may be required to handle include details of current, past and prospective employees, suppliers, customers, and others that we communicate with. This policy will help you understand how and why we collect information from you, to whom the information is disclosed and to inform you of your rights regarding your personal data that we hold or process.
Data Protection Principles
Anyone processing personal data must comply with the enforceable principles of good practice specified in the Data Protection Law. These provide that personal data must be:
- Processed lawfully, fairly and in a transparent manner.
- Collected for specified, explicit and legitimate purposes and not further processed in a way that is incompatible with those purposes.
- Adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed.
- Accurate and, where necessary, up to date.
- Kept in a form which permits the identification of data subjects for no longer than is necessary for the purposes for which the data is processed;
- Processed in a manner that ensures appropriate security for the personal data.
Types of Information we collect and how it is used
Personal data may be collected about you if you:
- choose to become a member of the Royal Jersey Golf Club Pro-shop Privilege Card scheme
- apply for a credit account
- contact us with an enquiry or complaint
- arrange for items to be delivered, collected or put aside
- provide feedback or participate in any research
- enter prize promotions or participate in any research
- apply to work or are employed by Ransoms
- work for a supplier or contractor
We only gather personal information, such as name, address and email address, when voluntarily submitted by you. We shall not ask you to supply any personal data as a condition of your use of our website.
This information is collected to help us:
- fulfil your order/contract/application
- answer your queries
- provide members of the Golf Club Privilege Card scheme to be able to gather and redeem points
- operate credit account facilities with selected customers
- purchase from and pay suppliers
We have CCTV installed on our premises in public areas for the purposes of prevention and detection of crime.
We will only share your data with contracted and trusted third parties in order to facilitate our provision of services and offers. This includes parties engaged to perform payment or business support functions.
We may also disclose personal data as permitted or required by law.
We do not share your data with any third parties outside of the above processing arrangements.
Fair and Lawful Processing
The Data Protection Law is intended not to prevent the processing of personal data, but to ensure that it is done fairly and without adversely affecting the rights of the data subject.
Employees personal data will be processed in accordance with their employment contract or where the processing is necessary to comply with our legal obligations. Personal data received from customers will be processed in accordance with the legitimate interests of the companies.
Data Security and Retention of Information
We understand the importance of the secure storage of data provided. Although we take appropriate steps to protect it, we cannot guarantee the security of your data transmitted to our website. Once we have received your data we will use strict security procedures and measures to prevent unauthorised access.
We will retain your personal information for as long as is necessary for the purpose for which it was collected, or as in accordance with applicable laws. In order to assist in ensuring that we are only holding up to date and relevant personal data, we will delete any account information after an account has been inactive for 3 years.
- the IP address of the visitor;
- the date and time of the visit;
- the URL of the referring site (the site from which the visitor originates);
- the pages visited on our website;
- information about the browser used (type and version, operating system, etc.).
We use technical information and cookies to facilitate your visit to the website and to optimise the performance and user experience of the website. Cookies can be placed both by Ransoms itself and by other parties with whom Ransoms cooperates. Below is an overview of the types of cookies that are placed through the Ransoms website:
Ransoms places cookies that are necessary for the website to function properly and to provide a requested service. These cookies are used to save certain user and preferred settings, to save any login data and to optimise the user-friendliness of the website.
Ransoms uses analytical cookies, such as the Google Analytics cookies, which collect information about the use of the website. These capture, among other things, the number of website visitors, the visited pages and the duration of their stay. The collected data is used to improve the service and optimise the content of the website to the wishes and needs of the users.
Ransoms has concluded a processor agreement with Google for the use of Google Analytics. This agreement ensures that the Google Analytics cookies have been set in the most privacy-friendly way. Ransoms has not given Google permission to use information obtained through Ransoms for other Google services.
Tracking or advertising cookies
Tracking cookies are cookies that collect data about the (internet) behaviour of the website user. These tracking cookies are used to enable the user to make optimal use of our website. For example, these cookies are used to record information about the visit so that relevant information can be used for the convenience of the user on a subsequent visit, for example by filling in forms or offering ads that match the (search) profile of the user. We also use tracking cookies to show you relevant ads on websites of third parties.
Most browsers are set to accept cookies by default, but you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. However, some features and services on our and other websites may not function properly if cookies are disabled in your browser.
Accessing and Amending your Data
Individuals whose personal data is processed by the companies are given a number of rights relating to the personal data relating to them;
- Right of access;
- Right to rectification;
- Right to erasure;
- Right to restrict processing;
- Right to data portability; and
- Right to object.
You have a right to access a copy of the data which we hold about you. We will tell you what personal information we have, what our purpose is for processing the data, who else may have access to it and how long we will hold the data for. We will provide the data within one month of receipt.
You have a right of rectification if you think the data that we hold on you is inaccurate. We want to make sure that your personal information is accurate and up to date. Should any of your personal information be required to be modified, or your circumstances change, please let us know.
If you give us consent to use your personal information, you can withdraw your consent at any time.
If you withdraw your consent to any or all use of your personal data, depending upon the nature of your request, we may not be able to provide or continue providing our products and services to you, or administer any contractual relationship already in place. You understand and agree that in such instances where we require your personal data to fulfil a contractual obligation to you and you withdraw your consent to collect, use or disclose the relevant personal data for those purposes, we cannot be held liable for breach of that agreement.
In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to continue processing your personal data.
If you would like to exercise any of your rights under GDPR law, you can do so by contacting us;
– By email firstname.lastname@example.org
– By post to The Group Operations Manager, Ransoms Garden Centre, La Grande Route De Faldouet, St Martin, JE3 6UD.
When you exercise one of your rights under the GDPR, we are required by law to use all reasonable measures to verify your identity before we can action your request. You may therefore be required to provide a form of identification.
Links to Other Websites
This policy was last updated December 2018.