Data Processors

Data processors and the information we share

As part of our policy to provide you with and open and transparent overview of what information we hold, we have listed the companies we work with. Below is a list who we share your information with to help provide our service to you and what that information is.

Mailcoach

Why we use them

We use them to send marketing and product or service updates. We only store information when you opt in to marketing emails with us.

What we share

We will share your e-mail address and name along with any information you give us when you sign up to emails. 

What safeguards are in place?

GDPR safeguards Click Here.

RYFT


Why we use them

We use RYFT to process your payment if you opt to pay by card, Google Pay, or Apple pay.

What we share

In order to identify you and to process your payment whilst making appropriate checks for fraud we send STRIPE your name, address, e-mail and billing address details and your transaction number. We use a secure method of sending them your card number, expiry dates and CVV that we cannot access and do not store. We do keep a token that relates to your transactions in order to verify payment.

What safeguards are in place?

Terms & Conditions — Ryft - Marketplace Payment Platform (ryftpay.com)

Privacy Policy — Ryft - Marketplace Payment Platform (ryftpay.com)

Stripe

Why we use them

We use STRIPE to process your payment if you opt to pay by card or Apple pay.

What we share

In order to identify you and to process your payment whilst making appropriate checks for fraud we send STRIPE your name, address, e-mail and billing address details and your transaction number. We use a secure method of sending them your card number, expiry dates and CVV that we cannot access and do not store. We do keep a token that relates to your transactions in order to verify payment.

What safeguards are in place?

Information may be transferred outside the EU.

Stripe has certified to the EU-US and Swiss-US Privacy Shield for this reason. Stripe’s Privacy Shield certification is here, and our Privacy Shield Policy here. For more information, please visit Stripe’s EU data transfer support page here.

Braintree


Why we use them

We use Braintree to process your payment if you opt to pay by card or Apple pay or Google Pay.

What we share

In order to identify you and to process your payment whilst making appropriate checks for fraud we send Braintree your name, address, e-mail, billing and shipping address details and your transaction number. We use a secure method of sending them your card number, expiry dates and CVV that we cannot access and do not store. We do keep a token that relates to your transactions in order to verify payment.

What safeguards are in place?

Information may be transferred outside the EU.

Information may be passed outside the EU. Further information can be found at: https://www.braintreepayments.com/gb/legal/braintree-privacy-policy

PayPal

Why we use them

We use PayPal to process payments

What we share

We send PayPal your name and delivery address. And the amount we need to charge you. As you sign in to their systems as they handle all of the payment we do not need to send any other information.

What safeguards are in place?

Information may be passed outside the EU. Further information can be found at: https://www.paypal.com/uk/webapps/mpp/ua/privacy-full

Trustpilot

Why we use them

If you consent and opt to receive Trustpilot invitations, you will receive an e-mail invitation to review our service.

What we share

We will send them only what they need to contact you, your name and e-mail address along with the transaction number so that we can confirm that your review is a genuine review.

What safeguards are in place?

Information may be transferred outside the EU. Only the minimum amount of information required to provide the service you ask for is transferred. Further details available at: https://support.trustpilot.com/hc/en-us/articles/360000306528--How-do-we-protect-your-data-

Reviews.io


Why we use them

If you consent and opt to receive Reviews.io invitations, you will receive an e-mail invitation to review our service.

What we share

We will send them only what they need to contact you, your name and e-mail address along with the transaction number so that we can confirm that your review is a genuine review.

What safeguards are in place?

Information may be transferred outside the EU. Only the minimum amount of information required to provide the service you ask for is transferred. Further details available at: User Privacy Policy (reviews.io)

ZoomDoc

Why we use them

If you click to the Zoomdoc partner link you will have the option to obtain a medical certificate.

What we share

Our platforms are separate and no information from your Weldricks account is sent to Zoomdoc. Zoomdoc do not share your personal medical information with Us.

What safeguards are in place?

Weldricks powered by ZoomDoc Privacy Policy

Google

Why we use them

When you visit our website Google use cookies identify you and see what it is you look for on our website. We use this to see what people find interesting about our site so we can improve the services and products we offer.

What we share

Using this website will result in small data files being stored on your computer. These are known as cookies. Most websites do this.

We use cookies for:

· Remembering settings, so you won’t have to re-complete an entire form if there is a mistake.

· Measuring how our website is used so we can improve your experience (see Google Analytics below).

· Our cookies aren’t used to identify you personally. You can manage and/or delete them as you wish, refer to your web browsers help documentation and settings for details on how to do this, the information is usually found under privacy/security settings.

What safeguards are in place?

Google may transfer data outside the EU. They are committed to the highest levels of data security. Further details can be found at: https://privacy.google.com/businesses/compliance/#?modal_active=none

DPD

Why we use them

We use DPD to deliver your order to you.

What we share

In order to do this, we share your name and address along with your transaction number. We will also send them your contact details including e-mail and mobile telephone number to allow you to track your deliveries

What safeguards are in place?

DPD have high levels of security. Further details of their information security policy can be found at http://www.dpdlocal.co.uk/gdpr.pdf

Microsoft

Why we use them

We use some Microsoft services to provide the services you request. If we contact you or you contact us via e-mail then this information will be stored on Microsoft server computers.

What we share

This may include your name and address, your e-mail address and other contact details such as telephone number along with sensitive personal information in the content of the e-mail. We have a retention policy which says we will not keep e-mails longer than is necessary.

What safeguards are in place?

Microsoft may send information outside the EU. Microsoft has extensive expertise in protecting data, championing privacy, and complying with complex regulations, and currently complies with both EU-U.S. Privacy Shield privacy and EU Model Clauses. We believe that the GDPR is an important step forward for clarifying and enabling individual privacy rights. We want to help you focus on your core business while efficiently preparing for the GDPR.

Royal Mail

Why we use them

We use Royal Mail to deliver your order to you.

What we share

In order to do this, we share your name and address along with your transaction number. We will also send them contact details including e-mail and mobile telephone number to ensure you receive updates on the progress of your order.

What safeguards are in place?

Royal Mail Group may need to transfer personal information about customers to third parties located outside the UK. If we do, we will ensure that information is protected to a level which meets the requirements of UK law. https://www.royalmail.com/privacy-policy & https://www.royalmail.com/gdpr/. In all cases, Royal Mail will be the Data Controller for any information passed to them. 

Freshdesk

Why we use them

We use Freshdesk to help with our contact management. Our e-mails, live chat, twitter and Facebook contacts are run through Freshdesk.

What we share

The information held includes your name and contact details including e-mail address and location along with the content of any communication we have with you, which may include sensitive information. In addition, we may supplement this information with notes we make to help process your order.

What safeguards are in place?

Freshworks, Inc. participates in and has certified its compliance with the EU-U.S. and Swiss-US Privacy Shield Framework. Freshworks, Inc. is committed to subjecting all personal data received from European Union (EU) member countries and Switzerland, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce’s Privacy Shield List [https://www.privacyshield.gov/list].

Algolia

Why we use them

We use Algolia to support our online search functionality.

What we share

We pass through limited details such as name and contact details which are indexed and stored in Algolia’s systems. We do not send any sensitive personal information.

What safeguards are in place?

Algolia, Inc. is a USA based company with subsidiaries in France and UK operating our services globally in more than 15 regions. Your data primarily stay in regions where you decide your data to reside. Logs of search queries and operations can be processed outside of the EU but always stay in a system respecting privacy and security.https://www.algolia.com/security

AWS

We use AWS servers to keep all of your data and to process that information in order to deliver the services you request from us. Our servers use the highest levels of security available including encryption at rest, London based servers using DMZ and encryption of data in transit using SSL.

The personal data we hold is:

Account details

Name, Addresses, E-mail, Gender, Date of Birth, Telephone number.

Order details

Status of order, internal notes relating to your order, the content of your order, how much you paid, delivery tracking details, IP address, any data passed back from payment providers, any information we needed to collect to verify your order.

Options

If you opt-in to receive different types of communication.

Notes

Relating to your order including any communication we have had with you, this may include sensitive information.

Partner orders

As above.

Noibu


Why we use them

To alert us to errors you experience on our website and assist our developers to fix them.

What we share

We record session data and details of errors encountered whilst you use our website. We redact sensitive and personal data before sending to their platform.

What safeguards are in place?

Noibu is an eCommerce error monitoring platform powering the world’s best eCommerce experiences. A copy of our DPA agreement with Noibu can be found here: Click Here

Lexis Nexis Risk Solutions 


Why we use them

We use Lexis Nexis Risk Solutions to verify your identity when you buy certain medicines, we use identity verification agents to search the files of credit reference and fraud prevention agencies (who will record the search).

If you provide false or inaccurate information and/or we suspect fraud, we will record this and we will be unable to fulfil your order.

Where we need to share information with our service providers, we give them only the minimum amount they need to provide services to us and you. Those we share your information with are not allowed to use it to try to sell their own services to you.

This is only done the first time you order or if you update your personal details. This check may appear on your credit record, however, will not affect your credit score. If you are alerted that a check has been performed by a credit agency, please contact us for more information or click on the link below.

What we share

We pass through limited details such as name Date of Birth and address details which are indexed and stored in Lexis Nexis Risk Solutions’ systems.

What safeguards are in place?

LexisNexis  Risk Solutions is part of the RELX Group™ of companies which is publicly listed, with shares traded on the London Stock Exchange, Amsterdam Stock Exchange and New York Stock Exchange (London: REL, Amsterdam: REN, New York: RELX). For more information please click here: https://risk.lexisnexis.co.uk/processing-notices/business/faq