CREW & TAILOR Limited (we/us/our/the Company) are committed to protecting and respecting your privacy.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed, stored and disclosed by us. Please read the following (and any short-form privacy notices we may provide on specific occasions when we are collecting or processing personal data about you) carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting www.crewandtailor.com (the Site), purchasing any product through the Site or using any services offered through or associated with our Site (the Services), you are deemed to have accepted and consented to the practices described in this policy.
The Site is owned and operated by CREW & TAILOR Limited (10272165), a company registered in England and whose registered and main trading address is at 27 Old Gloucester Street, London, England, WC1N 3AX (our Company Address).
CREW & TAILOR Limited processes personal data as a Data Controller and Data Processor, as defined in the Directive and the General Data Protection Regulation (GDPR). CREW & TAILOR Limited has appointed a Data Protection Officer (“DPO”) who is responsible for matters relating to privacy and data protection. This Data Protection Officer is Sienna Roebuck and they can be reached at the following address: 27 Old Gloucester Street, London, England, WC1N 3AX.
The Site contains links to and from the websites of our partner networks, advertisers and affiliates or to websites, plug-ins and applications shared by us or other users. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
The Site is not intended for children and we do not knowingly collect data relating to children.
Data We Collect About You
We collect and process personal information so we can provide our Services (including our products) to you. It’s important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us. You must respect the privacy of others and it is your responsibility to obtain (and you warrant that you have obtained) the prior permission of any third parties in advance where you disclose their personal details to us.
The data we collect and process about you is explained in the sections below.
Data You Give Us
You may give us information about you by filling in forms on our Site or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you request a quote, subscribe to our marketing database or newsletters, subscribe to our services, search for a product or service, place an order on our site, enter a competition, promotion or survey, report a problem with the Site.
The information you give us may include names, job title/position, address, email address, phone number, business information, username or similar identifier, financial and credit/debit card information, billing address, location data (delivery address).
We rely upon explicit consent to use and process the data described above.
Data We Collect
We may also collect, use, store and transfer the following information about you:
Transaction data, including details about payments to and from you and other details of products and services you have purchased from us;
Profile data, including your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses;
Marketing and communications data, including your preferences in receiving marketing from us and our third parties and your communication preferences.
Each time you visit or use our Site, we automatically collect the following information:
technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, location, network data, browser plug-in types and versions, languages, operating system and platform;
information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from the Site (including date and time); pages you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
We use this information as statistical data about your browsing actions and patterns, for system administration, and to evaluate, provide, protect or improve our Services (including by developing new products and services).
We do not collect any Special Categories of Personal Data (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
How We Use Your Data
We will only use your personal data when the law allows us to. We use your data to operate and administer our Site, and to supply our Services, most commonly in the following ways:
To provide you with information you request from us, and to carry out any other obligations arising from any contracts entered into between you and us.
To ensure that content from our Site is presented in the most effective manner for you and for your device.
To personalise and tailor your experience on our Site.
To respond to communications from you and to provide you with information about our Services.
To carry out market research.
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
Where we need to comply with a legal or regulatory obligation.
We also use your data to make our Site, and Services better in the following ways:
To administer the Site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
As part of our efforts to keep the Site safe and secure, e.g. by conducting analysis required to detect malicious data and understand how this may affect your IT system.
To notify you about changes to our Site, or Services.
We will not send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect your rights and comply with our obligations under applicable data protection laws. We may use your personal data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you. You will receive marketing communications from us if you have requested information from us or purchased goods or services from us and, in each case, you have not opted out of receiving that marketing.
You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please notify us in writing or by email at email@example.com.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
How We Secure Your Data
All of your personal information is protected and we have put in place appropriate physical, electronic, and management procedures to safeguard and secure the data we collect. Your information is stored on secure cloud databases, internal servers, and on third party software. Your information is only accessible by employees who have authorised access rights and a need to know to such information. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. All of your payment information is encrypted using SSL technology. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Site; any transmission is at your own risk. Once we have received your information, we use strict procedures and the security features described above to try to prevent unauthorised access.
How Long We Store Your Data and Where
We only keep your personal information for as long as it’s necessary for our original legitimate purpose for collecting the information (including for the purposes of satisfying any legal, accounting, or reporting requirement) and for as long as we have your permission to keep it. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Some or all of your data may be stored outside of the European Economic Area (the “EEA”). (The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein). You are deemed to accept and agree to this by using our Site and submitting information to us. If we do store data outside the EEA, we will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the UK and under the Data Protection Act 1998 / GDPR (as applicable).
Disclosure to Third Parties
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We use third parties such as for payment, delivery and marketing. These third parties have access to data we share with their platforms.
The only circumstances under which we would share your personal data are:
If the third party is a member of our group (which means any subsidiaries or ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006).
In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
If the Company or substantially all of its assets are acquired by a third party, in which case personal data will be one of the transferred assets and the purchaser will be permitted to use the data for the purposes for which it was originally collected by us.
If we’re under a duty to disclose or share your personal data in order to comply with any legal obligation, enforce or apply our Terms & Conditions and other agreements, or to protect the rights, property, or safety of the Company, our customers, or others (including exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction).
We will ensure that your personal data is processed lawfully, fairly, and transparently and that it will only be processed if at least one of the following bases applies:
You have given your clear consent to the processing of your personal data for a specific purpose.
Processing is necessary for the performance of a contract to which you are a party (or for us to take steps at your request prior to entering into a contract with you).
Processing is necessary for our compliance with the law.
Processing is necessary to protect the vital interests of you or another person.
Processing is necessary for us to perform a task in the public interest or in the exercise of official authority and the task/function has a clear basis in law.
Processing is necessary for our legitimate interests or the legitimate interests of a third party, except where there is a good reason to protect your personal data which overrides those legitimate interests, such as allowing us to effectively and efficiently manage and administer the operation of our business, maintaining compliance with internal policies and procedures, monitoring the use of our copyrighted materials, offering optimal, up-to-date security and obtaining further knowledge of current threats to network security in order to update our security.
Data Subject Rights
Under the GDPR, in certain circumstances you have the right to:
Withdraw your consent to the processing of your personal data at any time. Please note, however, that we may still be entitled to process your personal data if we have another legitimate reason for doing so (such as to comply with a legal obligation).
Be informed of what data we hold and the purpose for processing the data, as a whole or in parts.
Be forgotten and, in some circumstances, have your data erased by ourselves and our affiliates (although this is not an absolute right and there may be circumstances where you ask us to erase your personal data but we are legally entitled to retain it).
Correct or supplement any information we hold about you that is incorrect or incomplete.
Restrict processing of the information we hold about you (for example, so that inaccuracies may be corrected—but again, there may be circumstances where you ask us to restrict processing of your personal data but we are legally entitled to refuse that request).
Object to the processing of your data.
Obtain your data in a portable manner, request a transfer of your data to a third party and reuse the information we hold about you.
Challenge any data we use for the purposes of automated decision-making and profiling (in certain circumstances—as above, there may be circumstances where you ask us to restrict our processing of your personal data but we are legally entitled to refuse that request).
Complain to a supervisory authority (e.g. the Information Commissioner’s Office (ICO) (www.ico.org.uk in the UK) if you think any of your rights have been infringed by us. (We would, however, appreciate the chance to address your concerns, so please contact us prior to taking this step).
If you wish to exercise any of the rights set out below, please contact us. You will not have to pay a fee to access your personal data (or to exercise any of the other rights described above) unless your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You have the right to ask us not to process your personal data for marketing purposes. We will get your express opt-in consent before we use your data for such purposes or share your personal data with any third parties for such purposes, but you can exercise your right to prevent such processing by contacting us at the Company Address, via email at firstname.lastname@example.org, or by unsubscribing using the links contained in the marketing emails.
We will notify you and any applicable regulator of a breach of your personal data when we are legally required to do so.
Some of the cookies we use are essential for the Site to operate. If you use your browser settings to block all cookies (including essential cookies), you may not be able to access all or parts of our Site.
Our Site may place and access certain first party cookies (i.e. those placed directly by us) on your computer or device.
Before any non-essential cookies are placed on your device, you will be shown a pop-up message requesting your consent to setting those cookies. By giving your consent to the placing of Cookies you are enabling Us to provide the best possible experience and service to you. By default, most internet browsers accept cookies, but you can choose to enable or disable some or all cookies via the settings on your internet browser. Most internet browsers also enable you to choose whether you wish to disable all cookies or only third party cookies. For further details, please consult the help menu in your internet browser.
We use the following cookies:
Strictly necessary cookies. These cookies are required to save your session and to carry out other activities that are strictly necessary for the operation of the Site. They include, by way of general example, cookies that enable you to log into secure areas of the Site, use a shopping cart, or make use of e-billing services. These cookies are session cookies, which means they’re temporary and will expire when you close your browser.
Analytical/performance cookies. These cookies allow us to recognise and count the number of visitors and to see how visitors move around the Site when they’re using it. These cookies help us improve the way the Site works by, for example, ensuring that users are finding what they’re looking for easily.
Functionality cookies. These cookies are used to recognise you when you return to the Site. They enable us to personalise our content for you, greet you by name and remember your preferences.
Targeting cookies. These cookies record your visit to the Site, the pages you visit, and the links you follow. We use this information to make the Site and the advertising displayed on it more relevant to your interests. We also share this information with third parties for the same purpose.
Social Media cookies. These cookies work together with social media plug-ins. For example, when we embed photos, video and other content from social media websites, the embedded pages contain cookies from these websites. Similarly, if you choose to share our content on social media, a cookie may be set by the service you have chosen to share content through.
Changes To Our Privacy & Cookie Policies
Any changes we may make to our Privacy & Cookie Policies in the future will be posted on this page and, where appropriate, notified to you by email. You will be deemed to have accepted the terms of the updated Privacy & Cookie Policies on your first use of the Site following the alterations. Please check back frequently to see any updates or changes to our Privacy & Cookie Policies.