Find out how we use and protect the personal data that you provide to us.
We are committed to preserving the privacy of all visitors to www.bigbathroomshop.co.uk (the Website). Please read the following Policy to understand:
- the personal data we collect about you;
- the purpose for which we collect personal data about you;
- the manner in which we process your personal data;
- with whom your personal data might be shared with; and
- how we protect the personal data which you provide to us.
By either registering as a user of any services provided by us on this Website and/or by using this Website generally you consent and agree to the use of your personal data by us in accordance with this Policy.
The Website and its webpages are operated by Limitless Digital Group Limited (Limitless Digital Group – trading as BigBathroomShop), a company registered in England and Wales. Our registered office is: Dawson Court, Billington Road Industrial Estate, Burnley, Lancashire, BB11 5UB. Our company registration number is 03955231. Our VAT registration number is GB 248 1604 10. Limitless Digital Group and the different brands which belong to the Limitless Digital Group are jointly referred to in this Policy as "we", "us" or "our". A list of the different brands which belong to the Limitless Digital Group can be found at http://www.limitlessdigital.com/.
Limitless Digital Group is a registered Data Controller with the Information Commissioner's Office (ICO) under registration number Z1205869. This means that we are responsible for, and control the processing of, the personal data we collect about you. Details of Limitless Digital Group's notification to the regulator for data protection, may be found in the ICO's Public Register of Data Controllers at www.ico.org.uk.
For the purposes of this Policy, references to "you" or "your" shall mean as a user of the Website and/or a customer of our products and services.
Your use of the Website is also governed by the Website's general Terms and Conditions. Please ensure you have read and understood the Terms and Conditions in addition to this Policy.
1. Personal data which we collect
1.1 We collect personal data about you when you:
- create a new user account with us on our Website;
- purchase or make payments for any of our products or services (Products);
- contact us through our Website;
- contact us by letter, email or telephone;
- post material to our Website;
- post material through our social media pages on sites such as Facebook and Twitter;
- complete customer feedback or surveys;
- sign up for newsletters; or
- enter competitions on our Website.
1.2 The personal data collected in the above manner may include:
- full name;
- postal address;
- email address;
- telephone number;
- payment details; and
- your user account details.
1.3 There may be instances where you provide us with information which is classified as "special categories of personal data", (an example would be where you provide us with special instructions regarding delivery of your Product because you have a disability). We will only process such data for the purpose of providing the Products (e.g. effecting delivery) and in accordance with the requirements of the EU General Data Protection Regulation 2016/679 (GDPR). You can choose whether or not to provide us with any special categories of personal data.
1.4 If you provide us with personal data relating to another person when you order a Product, you confirm that you have the permission of that other person to share their personal data with us.
1.5 We may monitor and record communications with you (such as telephone conversations and emails) in order to maintain customer service standards, assist staff training and fraud prevention/compliance activities.
1.6 If you post material to our social media pages, such material will also be subject to the policies operated by such sites. Please note that we have no control over these policies and you should familiarise yourself with content of these polices before posting.
2. Use of your personal data
2.1 We may collect personal data about you so that we can:
- register you with our Website and to manage any account you hold with us;
- administer our Website services;
- fulfil our agreement with you in respect of any Products you purchase and to process your purchases and obtain payment;
- notify you about important changes and developments to the Website or our Products;
- analyse and profile your purchasing preferences e.g. (market, customer and product analysis) to enable us to:
- provide you with a personalised browsing experience when using the Website; and
- review, develop and improve the Products which we offer and to enable us to provide you and other customers with relevant information through our marketing programme(s);
- aggregate personal data in order conduct research, statistical analysis and behavioural analysis;
- respond to queries, refund requests or questions relating to your order;
- administer any competitions which you enter;
- tailor how we inform you about Products which we think will interest you. An example would be if when you buy one Product type from us, we offer you a related Product at a discounted price; and
- carry out security vetting and detect and prevent fraud.
2.2 We will only use your personal data in the circumstances set out in paragraph 2.1 where it is permitted by law and where:
- we need to use your personal data in order to perform a contract with you;
- we need to use your personal data in order to comply with our legal or regulatory obligations;
- you have given us your consent to use your personal data (if consent is needed, we will ask for this from you separately);
- it is reasonably necessary to use your personal data in order to comply with any legal obligations which we are subject to in the performance of our contract with you; and
- we need to use your personal data in pursuit of the legitimate interest of the improving the Website for the benefit of you and other customers to whom we provide Products.
2.3 We would like to send you information by post, email, telephone (including automated calls), text message (SMS) or otherwise about our products and services, competitions and special offers which may be of interest to you.
If you provide us with consent, we will provide you with information about the following brands which belong to the Limitless Digital Group:
- Beam LED
- Best Heating; and
- Cheap Suites.
2.4 We will only send you marketing messages when you tick the relevant consent box when you provide us with your personal data. If you have consented to receive such marketing from us, you can opt out at any time. For details on how to ask to be removed from our mailing list(s), please refer to section 4 of this Policy.
2.5 We do not hold or store any payment details which you provide to us when you order a Product. Any payment details you provide will be held by the relevant third party payment provider (e.g. PayPal or Worldpay).
3. Disclosure of your personal data
3.1 We may share your personal data with the following third parties who may use it for the same purposes as set out in section 2 above:
- to other companies in the Limitless Digital Group group of companies (but only where they are located in the EEA);
- to employees and agents of Limitless Digital Group and other third parties, some of whom may be located outside the EEA, to administer any accounts and any Products provided to you by Limitless Digital Group now or in the future;
- to third parties who provide us with technological support that enables us to administer any accounts and any Products provided to you. Examples include our web hosting providers, our enterprise resource planning (ERP) providers, our ecommerce platform providers, our saas providers and our payment gateway and payment service providers;
- to our third party logistics and delivery providers who deliver Products to you on our behalf;
- to agents who (on our behalf) profile your data so that we may tailor the Products we offer to your specific needs;
- to anyone to whom we transfer our rights and duties under our agreement with you to supply Products; and
- if we have a duty pursuant to the law to do so or if the law allows us to do so.
3.2 We may also share your personal data with third parties in order to comply with our legal or regulatory obligations.
3.3 We will not and do not sell your personal data to any third party for marketing purposes.
4. How can I get my name removed from the BigBathroomShop.co.uk mailing list(s)?
4.1 If you have opted in to our mailing list, and no longer wish to receive our newsletter or other promotional communications, you may opt-out of receiving such communications by following the instructions that are included in each communication. You may also opt out by:
- writing to our Data Protection Officer quoting "security and privacy enquiry" at Limitless Digital Group Limited [Trading as BigBathroomShop], Unit 1 & 2 Dawson Court, Billington Road Industrial Estate, Burnley, Lancashire, BB11 5UB;
- phoning our Customer Services Department on 0345 122 7569; or
- contacting us via the Help Centre.
4.2 Please be aware that you may still receive communications from us until we have had a reasonable opportunity to process your request.
5.1 In those cases where we need your consent to hold and process your personal data, we will ask you to check a box on the relevant form or webpage requiring consent. By checking these boxes you are stating that you have been informed as to why we are collecting your personal data, how it will be used, for how long it will be kept, who else will have access to it and what your rights are as a data subject (all of which is set out in this Policy).
6. How we keep your personal data secure
6.1 To protect your personal data we have policies and procedures in place to make sure that only authorised personnel can access your personal data, that personal data is handled and stored in a secure and sensible manner, and that all systems that can access the personal data have the necessary security measures in place.
6.2 Please note that the internet is not a secure medium and we cannot guarantee the security of any data you disclose online. You accept the inherent security risks of providing information and dealing online over the internet and will not hold us responsible for any breaches of your data protection rights attributable to the transmission of your personal data over the internet.
7. How long do we keep your personal data
We shall retain your personal data for as long as is reasonably necessary for the purposes listed in paragraph 2.1 unless we are required by law to retain your personal data for a longer period.
8. Your rights
8.1 You may exercise your rights below by contacting us using the contact details in section 15 of this Policy or by calling 0345 122 7569.
The right to access personal data we hold on you
8.2 At any point you can contact us to request the personal data we hold on you as well as why we have that personal data, who has access to the personal data and where we got the personal data. Once we have received your request we will respond within a reasonable time period (and in any event no longer than 30 days from the date of your request). Please contact our Data Protection Officer or email email@example.com to request to see your personal data.
The right to correct and update the personal data we hold on you
8.3 If the data we hold on you is out of date, incomplete or incorrect, you can inform us and we will ensure that it is updated. If you are concerned that any of the personal data we hold on you may be incorrect, and you are unable to change it yourself as described below, please contact our Data Protection Officer or email firstname.lastname@example.org.
The right to have your personal data erased
8.4 If you feel that we should no longer be using your personal data or that we are not entitled to be using your personal data, you can request that we erase the personal data we hold. When we receive your request, we will confirm whether the data has been deleted or tell you the reason why it cannot be deleted. Please contact our Data Protection Officer or email email@example.com to request that we delete your personal data.
The right to object to processing of your personal data
8.5 You have the right to request that we stop processing your personal data. Upon receiving the request, we will contact you to tell you if we are able to comply or if we have legitimate grounds to continue to process your personal data. If we no longer process your personal data, we may continue to hold your personal data to comply with your other rights or our legal regulatory obligations. Please contact our Data Protection Officer or email firstname.lastname@example.org to request that we stop processing your personal data.
The right to ask us to stop contacting you with direct marketing
8.6 You have the right to request that we stop contacting you with direct marketing. Further details on this can be found at section 4 of this Policy.
The right to data portability
8.7 You have the right to request that we transfer your personal data to another controller. Once we have received your request, we will comply where it is feasible to do so. Please contact our Data Protection Officer or email email@example.com if you want us to transfer your personal data to another controller.
9.2 A cookie is an element of data that a website can send to your computer (or other electronic device), which may then store it on your system. Cookies allow us to understand who has seen which pages and advertisements on our Website, to determine how frequently particular pages are visited and to determine the most popular areas of our Website. Non-personal information such as browser type, operating system and domain names, may be collected during visitors' use of the Website and this information may be used by us to measure the number of visitors to the Website. Unless you have indicated your objection when disclosing your details to us, our system will issue cookies to your computer when you log on to the Website.
Consent to cookies
What types of cookies do we use?
First party cookies: We set these cookies and they can only be read by us.
Persistent cookies: We may use persistent cookies which will be saved on your computer for a fixed period (usually 1 year or longer). They won’t be deleted when the browser is closed. We may use persistent cookies to recognise your device for more than one browsing session.
Session cookies: We may use session cookies which are only stored temporarily during a browsing session and will be deleted from your device when the browser is closed.
Third party cookies: We may use a number of third party suppliers who also set cookies on our Website in order to deliver the services that they are providing. These cookies are known as third party cookies.
The cookies that we use can be roughly divided into four categories based on the function that they carry out on the Website.
Essential Cookies:Essential cookies enable a website to function at its best. For our Website this means making your shopping experience as straightforward as possible. The Website requires essential cookies to be present to:
- remember what is in a shopper's basket;
- allow the contents of a shopper's basket to be transferred to the checkout and purchased; and
- determine whether a customer is signed into a secure area of the Website such as the checkout area.
Essential cookies are not harmful to your computer and they do not store personal data such as your credit card details.
Functionality cookies are designed to save personal data, such as names and addresses, which on return to the Website will not need to be filled out again. Functionality cookies also remember important information such as your response if asked to fill out a survey which will be remembered to prevent unnecessary repetition. To summarise, functionality cookies do the following:
- tell us if you have already logged in to your account;
- tell us if this is your first visit to the Website; and
- enable live chat services to function correctly.
Third Party Cookies:
Third party cookies determine which adverts are most likely to be preferable to a customer based on their interest. These cookies will also assess how effective an advertising campaign is towards customers and limit how often adverts are shown accordingly. The bulk of third party cookies are placed onto a shopper's computer by the selected advertising organisations that we have granted permission to do so. These cookies work to remember when customers visit our Website and will then inform our advertising organisations so that they can provide adverts of probable interest. To summarise, third party cookies do the following:
- gather information about a customer's typical browsing habits; and
- display adverts of most relevance to you.
The information stored in third party cookies in order to display adverts is completely anonymous and therefore contains none of your personal details.
We sometimes embed content from websites. As a result, when you visit a page containing such content, you may be presented with cookies from these websites. We do not control the dissemination of these cookies and you should check the relevant third party's website for more information.
Details and functions of the categories of cookies currently used on our Website are set out in the following table:
INTERNAL COOKIES Cookie DESCRIPTION CART The association with the customer's shopping cart. CATEGORY_INFO Stores the category info on the page to load pages faster. COMPARE The items in the customer's Compare Products list. CUSTOMER An encrypted version of the shopper's customer ID. CUSTOMER_AUTH Indicates if the customer are currently logged in to the store. CUSTOMER_INFO An encrypted version of the shopper's customer group. EXTERNAL_NO_CACHE Indicates if caching is disabled or enabled. FRONTEND The customer's session ID. GUEST-VIEW Determines if guests can edit their orders. LAST_CATEGORY The last category visited by the shopper. LAST_PRODUCT The most recent product viewed by the shopper. NEWMESSAGE Indicates whether a new message has been received. NO_CACHE Indicates if the cache can be used to store information. PERSISTENT_SHOPPING_CART A link to information about the shopper's cart and viewing history. RECENTLYCOMPARED Items recently compared b the shopper. STF Information on products the shopper has emailed to friends. STORE The store view or language chosen by the shopper. USER_ALLOWED_SAVE_COOKIE Indicates if the shopper allows cookies to be saved. VIEWED_PRODUCT_IDS The products recently viewed by the shopper. WISHLIST An encrypted list of products added to the shopper's wishlist. WISHLIST_CNT The number of items in the shopper's wishlist. MAGE-TRANSLATION-FILE-VERSION Facilitates translation of content to other languages. MAGE-TRANSLATION-STORAGE Facilitates translation of content to other languages. MAGE-CACHE-STORAGE Facilitates caching of content on the browser to make pages load faster. MAGE-CACHE-SESSID Facilitates caching of content on the browser to make pages load faster. FORM_KEY Stores randomly generated key used to prevent forged requests. 3RD PARTY COOKES Hotjar It is used to provide repetitions of sessions and heat maps to help us improve different areas of our Site. _hjClosedSurveyInvites Hotjar cookie. This cookie is set once a visitor interacts with a Survey invitation modal popup. It is used to ensure that the same invite does not re-appear if it has already been shown. _hjDonePolls Hotjar cookie. This cookie is set once a visitor completes a poll using the Feedback Poll widget. It is used to ensure that the same poll does not re-appear if it has already been filled in. _hjMinimizedPolls Hotjar cookie. This cookie is set once a visitor minimizes a Feedback Poll widget. It is used to ensure that the widget stays minimizes when the visitor navigates through your site. _hjDoneTestersWidgets Hotjar cookie. This cookie is set once a visitor submits their information in the Recruit User Testers widget. It is used to ensure that the same form does not re-appear if it has already been filled in. _hjMinimizedTestersWidgets Hotjar cookie. This cookie is set once a visitor minimizes a Recruit User Testers widget. It is used to ensure that the widget stays minimizes when the visitor navigates through your site. _hjIncludedInSample Hotjar cookie. This session cookie is set to let Hotjar know whether that visitor is included in the sample which is used to generate funnels. VeInteractive __ssid stores the customers session id opt-out if the customer has opted out of receiving emails from VeInteractive BidSwitch c This cookie contains an anonymous numerical identifier. It is used to to identify the user. tuuid_lu This cookie contains an numerical timestamp. It is used to store the last time the user has been updated in Veinteractives system. No personally identifiable information is collected. Bing Bing Ads uses the Microsoft user identifier (MUID) to count valid clicks. MUID Bing Ads uses the Microsoft User Identifier (MUID) to help count valid clicks MUIDB Identifies a specific browser/machine Doubleclick It is used to present advertisements and other marketing tools on Third Party Sites. IDE To select advertising based on what’s relevant to a user; to improve reporting on campaign performance; and to avoid showing ads the user has already seen. NID These cookies are used by Google to store user preferences and information while viewing the pages with Google maps on them. Google Analytics They use to collect information about how users use our Site. We use the information to improve the experience on our Site. _ga Stores analytics session _gid Stores the session id _utma Identifies shoppers and sessions. _utmb Determines new sessions/visits. _utmc Determines if the shopper is in a new session/visit. _utmz Saves the traffic source or campaign that explains how the shopper reached your site. Volvelle ouuid This cookie contains an anonymous numerical identifier. It is used to to identify the user in Veinteractives system. No personally identifiable information is collected. ouuid_lu This cookie contains an numerical timestamp. It is used to store the last time the user has been updated in Veinteractives system. No personally identifiable information is collected. Google Visual Web Optimizer It is used to test different variations of the design of our Site in order to improve the experience of our users. _vwo_uuid Generates a unique ID for every visitor and is used for the report segmentation feature in Visual Web Optimizer. _vis_opt_s This cookie detects if the user is new or returning.
9.5 The essential cookies that we use are needed to allow you to transact on the Website and without these cookies the Website will not function properly. They allow the shopping basket and check out features on the Website to function. Essential cookies are not harmful to your computer and they do not store personal data such as your credit card details.
9.6 If you would like to ensure that no further non-essential cookies are placed on your computer, please follow the steps outlined in paragraph 9.7. This will not remove the current cookies placed but will ensure that no further non-essential cookies are placed on your browser during your visit to the Website. Please be aware that this will mean that you lose key functionality on the Website and may mean it is not possible to buy certain Products.
- Go to the heading "Manage Cookies" and click onto the option you prefer, either stopping cookies being installed, or notifying you of them.
- From the list provided, click onto the programme which your computer uses; if this is not shown on the list, click on the "help" heading on the bar at the top of this page, search for information on "cookies" − an explanation of how to delete cookies will appear, then follow the instructions.
9.8 Alternatively, you can adjust your browser to tell you when a website tries to put a cookie on your computer (or other electronic device).
How you adjust your browser to stop it accepting cookies or to notify you of them, will depend on the type of internet browser programme your computer uses. You can follow the appropriate instructions for your specific browser type by clicking onto this link http://www.aboutcookies.org/Default.aspx?page=2 (please note that this link will open a new window and will lead to an external website and that we are not responsible for the content of external websites).
9.9 Please remember, cookies do not contain confidential information such as your home address, telephone number or credit card details. We do not exchange cookies with any third party websites or external data suppliers. If you do choose to disable cookies, you may find that certain sections of our Website do not work properly.
How to disable third party cookies
9.10 Users based in the European Union, can visit http://www.youronlinechoices.eu/ to opt out of these third party cookies. The above website is not connected to our Website and we are not responsible for its content. We only keep cookies for the duration of your visit to our Website, except in the case of cookies which remember you for future visits or where you save your login name as referred to above.
10. IP address
Your browser also generates other information, including which language the Website is displayed in, and your Internet Protocol address (IP address). An IP address is a set of numbers which is assigned to your computer (or other electronic device) during a browsing session whenever you log on to the internet via your internet service provider or your network (if you access the internet from, for example, a computer at work). Your IP address is automatically logged by our servers and used to collect traffic data about visitors to our Website. We also use your IP address to help diagnose problems with our server, and to administer our Website. We do not use your IP address to identify you personally.
11. Other websites
Please be aware that our Website may contain links to other websites which may be accessed through our Website. These websites are outside of our control and are not covered by this Policy. If you access other websites using links on our Website, we are not responsible for the data policies or procedures or the content of these linked websites.
12. Anti-spam policy
What is spam?
12.1 Spam, also known as junk mail, is an unsolicited commercial email message, commonly sent in bulk email messages. Unsolicited means that the recipient has not granted verifiable permission for the message to be sent. Bulk means that the message is sent as part of a larger collection of messages, all having substantively identical content. The term 'spamming' refers to transmitting, distributing or delivering any unwanted commercial e-mail correspondence, especially in mass quantities, through the electronic means of communication.
Measures to prevent spam
12.2 We take the following measures to prevent spam:
- mailing list subscribers must specifically opt-in to Limitless Digital Group emails to receive them. The nature of the emails people will be sent is fully disclosed, both on the page the subscription is made from and with a prominent link to this Policy;
- we do not use bought-in lists, rented lists or lists that use appended email addresses;
- we do not use email addresses that are scraped or copied and pasted from the web, or harvested in any way;
- we do not have a subscription form that subscribes users to an unrelated list;
- we do not send out unrelated offers or unrelated content to our recipients on our newsletter list; and
- we do not email people who have requested to be removed from our mailing lists.
13. Mailing practices
13.1 We do not modify the headers of any message in such a way that purposefully makes the origin of the message unclear.
13.2 All undeliverable addresses are removed from all future mailings after no more than 3 bounces.
13.3 All mailings provide clear and simple to follow instructions for opting-out of future mailings, and all reasonable attempts are made to facilitate the removal of a mailing list subscriber at their request.
13.4 Personal data submitted to us is only available to employees managing this personal data for the purposes of contacting members of our lists. We have security policies in place to ensure that our mailing list data is secure from theft and misuse.
13.5 If you receive an email message that you think is spam which is sent from or sent on behalf of Limitless Digital Group, please let us know the details of the email using the email address detailed below and we will then investigate the matter.
13.6 If you have questions regarding our anti-spam policy, please contact us by sending an email to the following email address: firstname.lastname@example.org.
14. Contact us
14.1 If you have any questions/comments about this Policy in general, you can email us at: email@example.com.
14.2 You can also write to our Data Protection Officer quoting "security and privacy enquiry" at Limitless Digital Group Limited Trading as BigBathroomShop, Unit 1 & 2 Dawson Court, Billington Road Industrial Estate, Burnley, Lancashire, BB11 5UB.
15. Changes to Policy
15.1 We keep our Policy under regular review. We may amend and update this Policy from time to time. You should check this Policy regularly to ensure that you are aware of the most recent version that will apply each time you access the Website.
15.2 Where we have made any changes to this Policy which affects the manner in which we use your personal data, such changes will be posted on the Website and where appropriate, through email.
16. Data Protection Officer
16.1 All comments, queries and requests relating to our use of your personal data are welcomed and should be addressed to:
Data Protection Officer
Limitless Digital Group Limited
Billington Road Industrial Estate
16.2 This Policy was last updated on 14th May 2018.