Effective: April 18, 2018
Effective date: 11 August 2022
Synergy Retail Support Limited (“us”, “we”, or “our”) operates the https://synergyretailsupport.co.uk website (the “Website”) and provides Multichannel Fulfilment, Fashion Logistics, 3PL and Value Added Services (the “Services”) under contacts with our Customers.
This page informs you of our policies regarding the collection, use, and disclosure of Personal Data when you use our Website or where a Customer contracts for our Service
Cookies are small pieces of data stored on a device.
Customer Data means any information relating to the Customer’s customers that is provided by the Customer to us as part of the Customer’s use, or Synergy’s provision, of the Services, including goods delivery data, any information derived from such information and including any Customer Personal Data therein.
Customer Personal Data
Customer Personal Data means any Personal Data contained within any Customer Data.
Data Protection Law
Data Protection Law means the GDPR and any legislation that implements, supplements or replaces it under the law of England and Wales;
GDPR means the UK General Data Protection Regulations.
Data Controller has a meaning set out in Data Protection Law and means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, Processed.
Data Processor (Or Service Providers)
Data Processor (or Service Provider) means any person (other than an employee of the Data Controller) who Processes the data on behalf of the Data Controller.
Data Subject has a meaning set out in Data Protection Law and is any living individual who is the subject of Personal Data.
Personal Data has a meaning set out in Data Protection Law and means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
Process (Or Processing)
Process (Or Processing) has a meaning set out in Data Protection Law and means use of Personal Data.
Usage Data is data collected automatically either generated by the use of the Website or from the Website infrastructure itself (for example, the duration of a Website page visit).
For all Website users:
- we are a Data Controller of your Personal Data;
- We may use the services of various Service Providers in order to Process your Personal Data more effectively;
- you are a Data Subject in respect of your Personal Data.
We use your Personal Data to provide and improve the Website. By using the Website, you agree to our collection and use of your Personal Data in accordance with this policy.
Types Of Personal Data Collected
We collect several different types of Personal Data for various purposes to provide and improve our Website.
While using our Website, we may ask you to provide us with certain Personal Data about yourself which may include, but is not limited to:
- Email address
- First name and last name
- Phone number
- Address, State, Province, ZIP/Postal code, City
Personal Data Obtained Indirectly
Your Personal Data may be shared with us by third parties including, for example, your colleagues, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers and search information providers. To the extent we have not done so already, we will notify you when we receive information about you from them and tell you how and why we intend to use that information.
We may also collect information how the Website is accessed and used (“Usage Data”). This Usage Data may include information such as your computer’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Website that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.
Examples of Cookies we use:
- Session Cookies. We use Session Cookies to operate our Website.
- Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
- Security Cookies. We use Security Cookies for security purposes.
Use Of Personal Data
We use your collected Personal Data for various purposes:
- To provide and maintain our Website and Service (including the performance of contracts to which you or your business is a party or in order to take steps at your request prior to entering into a contract)
- To notify you about changes to our Website and Service
- To allow you to participate in interactive features of our Website and Service when you choose to do so
- To provide customer support
- To gather analysis or valuable information so that we can improve our Service
- To monitor the usage of our Website and Service
- To detect, prevent and address technical issues
- To provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information. You may opt-out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send.
The law requires us to rely on one or more lawful grounds to Process your Personal Data. We consider the grounds listed below are relevant:
- Where you have given consent to us for a particular purpose (for example, if you have signed up to receive updates about our Service).
- Where necessary so we can comply with a legal obligation (for example where we are obliged to share your personal information with regulatory bodies who govern our work and services).
- Where necessary for the performance of a contract to which you or your employer are a party or to take steps at your request prior to entering a contract (for example if enter into a contract to receive our Services).
- Where there is a legitimate interest in us doing so – The law allows us to collect and use Personal Data if it is reasonably necessary to achieve our legitimate interests (as long as that processing is fair, balanced and does not unduly impact your rights).
Retention Of Data
We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.
Transfer Of Data
If you are located outside United Kingdom and choose to provide information to us, please note that we will store and Process your Personal Data in the UK or within the European Economic Area (“EEA”). However, we may use agencies and/or supplies to Process personal data on our behalf. Your personal information may therefore be transferred or stored outside, and/or otherwise processed by Processors, outside, the UK or EEA who work for us or for one of our suppliers. This includes staff engaged in, among other things, the processing of your payment details and the provision of support services.
Some countries outside of the UK or EEA have a lower standard of protection for personal information, including lower security requirements and fewer rights for individuals. Where your Personal Data is transferred, stored and/or otherwise processed outside the UK or EEA, we will take all steps reasonably necessary to ensure that the recipient implements appropriate safeguards (such as by entering into the standard contractual clauses) to protect your Personal Data and that your Personal Data is treated securely and in accordance with this Notice. If you have any questions about such safeguards, please contact us.
Disclosure Of Data
Disclosure For Law Enforcement
Under certain circumstances, we may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).
We may disclose your Personal Data in the good faith belief that such action is necessary to:
- To comply with a legal obligation
- To protect and defend our rights or property
- To prevent or investigate possible wrongdoing in connection with the Service
- To protect the personal safety of users of the Service or the public
- To protect against legal liability
Security Of Data
The security of your Personal Data is important to us, and we endeavour to ensure that there are appropriate and proportionate technical and organisational measures to prevent the loss, destructions, misuse, alteration, unauthorised disclosure of or access to your Personal Data but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.
We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.
Whenever made possible, you can update your Personal Data directly within your account settings section. If you are unable to change your Personal Data, please contact us to make the required changes.
If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.
In certain circumstances, you have the right:
- To access and receive a copy of the Personal Data we hold about you
- To rectify any Personal Data held about you that is inaccurate
- To request the deletion of Personal Data held about you
You have the right to data portability for the information you provide to us. You can request to obtain a copy of your Personal Data in a commonly used electronic format so that you can manage and move it.
Please note that we may ask you to verify your identity before responding to such requests.
We may employ third party Service Providers, to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.
These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
We may use third-party Service Providers to monitor and analyze the use of our Service.
Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our Service. This data is shared with other Google services. Google may use the collected data to contextualize and personalize the ads of its own advertising network.
For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: http://www.google.com/intl/en/policies/privacy/
Google AdWords Google AdWords remarketing service is provided by Google Inc.
You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads
Google also recommends installing the Google Analytics Opt-out Browser Add-on – https://tools.google.com/dlpage/gaoptout – for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics.
For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: http://www.google.com/intl/en/policies/privacy/
Facebook remarketing service is provided by Facebook Inc.
You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950
To opt-out from Facebook’s interest-based ads follow these instructions from Facebook: https://www.facebook.com/help/568137493302217
Facebook adheres to the Self-Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. You can also opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the USA http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or opt-out using your mobile device settings.
For more information on the privacy practices of Facebook, please visit Facebook’s Data Policy: https://www.facebook.com/privacy/explanation
Links To Other Sites
Our Service may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party’s site.
We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.
Our Service does not address anyone under the age of 13 (“Children”).
We do not knowingly collect personally identifiable information from anyone under the age of 13. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.
Where a Customer contracts with us under a signed agreement to receive our Services (“Agreement”) the terms defined in our Agreement shall apply in this Policy and the following provisions shall apply.
The Customer and Synergy acknowledge that for the purposes of Data Protection Law, the Customer is the Data Controller and Synergy is the data processor in respect of any Customer Personal Data.
Synergy shall Process the Customer Personal Data only for the purpose of providing the Services and in accordance with Customer’s instructions from time to time and shall not Process the Customer Personal Data for any purpose other than those strictly necessary for providing the Services or otherwise as expressly authorised by the Customer.
Synergy shall take reasonable steps to ensure the reliability of all its employees who have access to the Customer Personal Data.
Each party warrants to the other that it will Process the Customer Personal Data in compliance with all applicable laws, enactments, regulations, orders, standards and other similar instruments.
Having regard to the state of technological development and the cost of implementing any measures, Synergy will take appropriate measures to ensure the security of Processing of Customer Personal Data including inter alia as appropriate:
- the pseudonymisation and encryption of Customer Personal Data;
- the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
- the ability to restore the availability and access to Customer Personal Data in a timely manner in the event of a physical or technical incident; and
- a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the Processing of Customer Personal Data.
When processing Customer Personal Data Synergy shall:
- subject to what we say below only engage sub-processors with the prior consent of the Customer (such consent not to be unreasonably withheld or delayed) and under a written contract;
- assist the Customer by appropriate technical and organisational measures in providing subject access and allowing Data Subjects to exercise their rights under Data Protection Law;
- assist the Customer in meeting its obligations under Data Protection Law in relation to the security of Processing of Customer Personal Data, the notification of personal data breaches and data protection impact assessments (in relation to Customer Personal Data);
- assist the Customer in ensuring compliance with the obligations pursuant to Articles 32 to 36 of the UK GDPR (for as long as it applies under English law) taking into account the nature of processing and the information available to Synergy;
- with regards to audits and inspections, provide the Customer with whatever information it needs to ensure that they are both meeting their UK GDPR Article 28 obligations (for as long as they apply under English law), and tell the Customer immediately that it becomes aware that if has been asked to do something infringing Data Protection Law; and
- immediately inform the Customer if, in the Data Receiver’s opinion, an instruction from the Data Discloser infringes Data Protection Law.
Each party agrees to indemnify and keep indemnified and defend at its own expense the other party against all costs, claims, damages or expenses incurred by the other party or for which the other party may become liable due to any failure by the first party or its employees or agents to comply with any of its data protection obligations under this Policy.
The Customer acknowledges that Synergy is reliant on Customer for direction as to the extent to which Synergy is entitled to use and Process the Customer Personal Data. Consequently:
- the Customer undertakes to secure all Processing consents necessary from Data Subjects to enable Synergy to provide the Services; and
- Synergy will not be liable for any claim brought by a Data Subject arising from any action or omission by Synergy, to the extent that such action or omission resulted directly from Customer’s instructions or Synergy’s delivery of the Services that are otherwise in accordance with the Agreement.
Synergy may authorise a third party (sub-contractor) to process the Customer Personal Data without the need for the Customer’s consent provided that the sub-contractor’s contract is on terms which where the data protection provisions are substantially the same as those set out in this Agreement
The Customer accepts that where the Customer instructs Synergy to Process the Customer Personal Data:
- in a manner that is inconsistent with any terms of this Agreement; or
- which is prohibited under Data Protection Law
Synergy shall be entitled to terminate the Agreement with immediate effect
Our registered address is at The Octagon Suite E2, 2nd Floor, Middleborough, Colchester, Essex, England, CO1 1TG, UK but our business address is at Unit 3, 4-8 Ravens Way, Crow Lane Industrial Estate, Northampton, NN3 9UD, UK.
By email: firstname.lastname@example.org
By phone: (0044)(0)3453 402 980
By Post: Unit 3, 4-8 Ravens Way, Crow Lane Industrial Estate, Northampton, NN3 9UD, UK
Please feel free to download our Ethical Policy here.