This policy is designed to provide you with information about how we use the personal data and information that you provide to us during your use of www.morleycomputers.com website (the “Site”), when you order products from us over the phone, and any related communication between us.
We are Morley Computer Sales & Repairs Ltd, a company incorporated in England with company number 11717601 (“we” “us” or “our”). Our registered address is 1 Perry Square, Morley, Leeds, LS27 0FY. We are the data controller.
What information do we collect from you?
We will collect and process the following data about you:
Opening an account, placing an order and managing your account
- Information provided by you to us when opening an account and placing an order with us. This information will include your name, delivery address, billing address, e-mail address, telephone number, financial information (such as credit or debit card number, and expiry date, which is stored in a tokenised format) and unique identifiers (such as your username and password). Passwords are hashed so they are not visible to us.
- Information relating to orders you have placed with us and payments to and from you.
Using our website
- Information that you provide by filling in forms on our Site.
- Information that we automatically receive and record from your browser or your mobile device when you visit our Site, such as your IP address or unique device identifier, the cookies you accept and data about which pages you visit.
- Device-specific information that we may automatically collect when you use our Site. This information may include information such as the hardware model, operating system information, browser information and device identifiers.
- Information about how you use our Site.
- Information that you provide us with if you enter a competition or other promotional feature on our Site, such as name, address, e-mail address, telephone number and country of residence.
- Records of any correspondence we have with you. We may monitor or record any communications we have with you, including phone calls and emails.
How do we use this information?
We use information about you in the following ways:
Opening an account, placing an order and managing your account
- To open your account on our Site and maintain your records
- To process your order and arrange delivery or collection of your products
- To contact you in relation to your order
- To process payments from you or to you
- To respond to your requests and queries
- To check that your payment card is not being used without your consent
- Asking you to leave a review of our service.
Ensuring the Quality of our Service & Effectiveness of our Site
- To help train our staff and improve our customer service.
- To ensure that content from our Site is presented in the most effective manner for you and for your device.
Marketing & Competitions
- To make suggestions and recommendations to you about products that may be of interest to you or to make you aware of special offers or promotions. This may be via the Site, or by email, SMS, telephone, social media or post.
- To telephone you to check if you need any help with your orders.
- To run competitions and to contact you if you are the winner.
- If you are on a social media platform, we may use the contact details we collected from you when you set up your account and/or placed an order and combine this with information which the social media platform holds. We will do this so that we can find your social media platform account. We may then contact you or market to you via the platform.
Internal Business Purposes
- For internal purposes, such as website and system administration.
- To carry out data analytics, including which parts of our Site you visit in order to improve our Site, for marketing purposes and to improve our customer experience.
- To comply with our legal and regulatory obligations, including for crime and fraud prevention purposes.
On what basis are we entitled to process your data?
We will only use your personal data when the law allows us to. Data protection law sets out a number of different legal grounds upon which data controllers can legally process personal data.
In most cases, we process your data in order to take steps at your request before entering into a contract with you, or because the processing is necessary to perform our contract with you. If the processing is not related to your contract, we will process your information on one of the following bases:
- You have given clear consent for us to process your personal data.
- Our legitimate interests, which include:
- developing our products and growing our business
- carrying out data analytics to help us predict future market trends and customer behaviour
- to improve our Site and your experience of using it, including customising your experience
- to understand the types of products that you are interested in
- to develop our business and inform our marketing strategy
- to run our business, administer our Site and ensure its security
- to prevent fraudulent purchases on our Site
- to improve service quality and compliance.
In accordance with data protection law, we make sure we consider and balance any potential impact on you and your rights before we process your data for our legitimate interests. If the potential impact on you and your rights overrides our legitimate interests, we will not process your data, unless we are able to do so using a different legal basis.
- Where the processing is necessary to comply with our legal obligations, a court order or to exercise or defend legal claims.
How long we will keep your data for?
If you have ordered through our website, we will keep your data for a maximum of 7 years. This is to enable us to retrieve your data if there is a dispute or you bring a claim against us during the statutory 6-year limitation period and to comply with HMRC’s requirements in relation to keeping records. Our customer database is cleansed annually and all customer data that is no longer required is deleted.
Who do we disclose your information to?
Our service providers
- our authorised repairer ALB Repairs Ltd
- our payment services providers
- third party payment providers who are integrated into our Site. When you pay using one of these methods e.g., PayPal, you are redirected to the provider’s portal. Your use of these services is subject the terms and conditions and the privacy policies of these payment providers. This includes where you choose to pay by finance.
- third party databases, against which we will validate your details in order to verify your identity and prevent fraud. To perform these checks your personal information may be disclosed to a registered Credit Reference Agency, which may keep a record of that information. This is done only to confirm your identity, a credit check is not performed and your credit rating will not be affected.
- providers of delivery services, such as Royal Mail and DPD
- providers of email distribution services
- to Google Customer Reviews, to enable you to rate your purchase experience with us.
Other third parties
We may provide your information to the manufacturer of any device you have bought, so that they can repair it under warranty.
On occasion, if we do not have items in stock, we may ask our supplier to send your items to you directly. In that case, we will need to provide them with your order and delivery details. We may disclose your personal information to any member of our group, which means our ultimate
holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
We may also disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- You request or authorise the disclosure of information to a third party.
- If we or substantially all of our assets are acquired by a third party, in which case personal data held by us about our customers is likely to be one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal or regulatory obligation.
Do we transfer your data outside of the UK?
We do not use any service providers outside the UK. We may however begin using other service providers based outside the UK in the future if we feel this is appropriate. If the service that these service providers provide involve the processing of your personal data, this will also involve a transfer of data outside the UK.
Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.
- Where we use certain service providers, we may use specific contracts approved for use in the UK which give personal data the same protection it has in the UK.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the UK.
As a data subject, you have the following rights:
- The right to request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
- The right to require the correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected.
- The right to request erasure of your personal data (commonly known as “the right to be forgotten”). This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it or where you have withdrawn your consent and there is no other legal ground for us to process the data.
- The right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law.
- The right to request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
- If you want us to establish the data's accuracy.
- Where our use of the data is unlawful but you do not want us to erase it.
- Where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims.
- You have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
- The right to object to the processing, on grounds relating to your particular situation, where we are relying on a legitimate interest (or those of a third party). In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes.
- In limited circumstances, you may have the right to request to receive personal data in a structured, commonly used and machine-readable format. You have the right to transmit the data in this format to another data controller.
We hope that once you understand the measures we employ to ensure secure transactions and privacy, that you will be as confident about the safety of your online transaction as we are.
In this Security Policy references to:
- “We”, “Us” and “Our” are to Morley Computer Sales & Repairs Ltd.
- “Person” means individual, or a body corporate or unincorporated, and “Persons” shall be construed accordingly.
- “You” or “Your” means the person using this site.
- We advise you not to disclose your password or user name to any other person.
- You are fully responsible for ensuring that no unauthorised access is obtained to the service through your registered account. You will be entirely liable for all activities conducted and charges incurred through your Registered Account whether authorised by you or not.
- We advise you not to disclose your password or user name to any other person.
- If we have reason to believe that there has been or is likely to be a breach of security or misuse of the service, we may change your password and notify you accordingly.
- You may change your password and registration details on-line.
- If you forget your password, please use the on-line password reminder service. If you are/have been unable to successfully use this service then please contact us directly and if you satisfy our security checks, we will issue you with a new password.
- You acknowledge that we may be obliged by law to store all of your communications or your material and activity logs for a period of time and that we may be required by law to disclose details to government, law enforcement officials and other such agencies.
How secure is your information?
We work to protect the security of your information. When you're submitting information to Morley Computer Sales & Repairs over the internet, security is handled as follows:
- When your browser (e.g. Internet Explorer) connects with the secure side of our server that connection is between you and the server alone.
- We ensure the security of all protected data transmitted to and from our site through the use of Secure Sockets Layer (SSL) a server-based encryption technology. As you enter personal information (such as your password, address and phone number, or credit card number), SSL scrambles the data so that it’s only available to you and Morley Computer Sales & Repairs. With this security, you can send your credit card number to us without risk of interception.
- Information that we store internally to enable us to process your order is kept on a computer system that operates independently of the web server.
- You can check that you are shopping in a secure environment by looking for an image of a locked padlock icon in Internet Explorer. This will appear on any page where you are entering personal information such as credit card details.
- We maintain procedural safeguards in connection with the collection, storage and disclosure of personally identifiable customer information. Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to you.
- Authorised third-party agents may require access to some of your personal information. For example, if we need to ship something to you, we must share name and address details with a courier. We only provide third-party agents with the minimum amount of information required to complete the requested service or transaction. We do not otherwise share your personal information with third-parties, unless you have granted us permission to do so.
We are aware that some people may be wary of ordering goods over the internet, and we will gladly deal with any issues that you may have over the telephone.
If you have any comments, suggestions, concerns or questions regarding this Security Policy, please click this link to email us or write to:
Morley Computer Sales & Repairs Ltd
1 Perry Square
Please remember to include your name, address and a contact number.