Privacy Policy
Who we are
Ildi Busy Bee is committed to protecting and respecting your personal data. We take very seriously the privacy of our customers , visitors or any other individuals with whom we engage
We want to share with you how we treat personal data that we receive about you.
We only collect personal data about you if you choose to provide information to us when you opt in or show interest in receiving updates from Ildi Busy Bee.
This Privacy Notice explains in detail the types of personal data we may collect about you when you interact with us and how we use, store and keep safe your data.
It also details your rights and how you can stop the use of your personal data.
For the purpose of the relevant data protection legislation, which includes the General Data Protection Regulation (GDPR) the data controller is Ildi Busy Bee, 36D, Victoria Road, Milton Keynes.
The legal framework
The law on data protection sets out several different reasons for which a company may collect and process your personal data, including:
- In specific situations, we can collect and process your data with your consent – for example when you opt in to receiving information or updates from us.
- Legitimate interest. In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business, and which does not materially impact your rights, freedom or interests – for example when you have shown interest in receiving information or updates from us. Where we are relying on legitimate interests as the lawful; basis for processing your personal data you have a right to object.
- Contractual obligations. In certain circumstances, we need your personal data to comply with our contractual obligations.
- Legal compliance. If the law requires us to, we may need to collect and process your data.
In some limited circumstances, we may also need to collect and process special category personal data about you. We will only do so based on your explicit consent or where there is specific legal basis for doing so.
The occasions on which we collect your data include, but are not limited to
- When you visit our website and enter information about yourself.
- When you order / pre-order from our website.
- When you contact us or correspond with us by any means with enquiries, complaints etc.
- When you engage with us on social media.
- When you choose to complete a survey, research or feedback form, for example in relation to your experience with us.
- When you provide your personal or employment details to enter a prize draw, competition or to receive any other communication.
- When you fill in any forms.
- When you use our Wi-Fi networks to access the internet.
- When you download or install our app.
- When you apply for a loyalty or gift card.
- When you apply for a job vacancy.
- When you leave comments on the site.
- When you’ve given a third party permission to share the information they hold about you with us.
What personal data do we collect?
The personal data which we may collect depends upon the means by which you choose to engage with Ildi Busy Bee information that you choose to provide. This may include the following:
Personal data you choose to give us
- Your name, gender and date of birth.
- Your address, postcode, e-mail address and mobile/telephone contact information.
- Your financial information.
- Your personal description and photograph.
- Your data shown in the comments form
- Your IP address and browser user agent string, to help spam detection.
- Your experiences, reviews, interests and preferences.
- Your business card details, for example job title and employer’s details or cv details when applying for a job vacancy.
- Your social media username, if you interact with us through those channels, to help us respond to your comments, questions or feedback.
- Your transactional details relating to your purchase of a product or service
- Information about your qualifications and experience where relevant to your application for a job vacancy.
Information we may collect about you
- We generate personal data about you during our dealings and correspondence with you. This includes keeping records of our engagement with you.
- Your image may be recorded on CCTV when you collect or visiting our Registered Office, for security and safety reasons.
- Your vehicle registration number may be recorded at our Registered Office for security and safety reasons.
- An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.
- To deliver the best possible web or app experience, we may automatically collect the following: technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, geographic location, browser plug-in types and versions, operating system and platform.
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the page and any phone number used to call us. We may track where you came to our site from and where you went when you left our site and how often you visit and use our site.
- Via cookies on our website to distinguish you from other users. This helps us to provide you with a good experience when you browse our website and allows us to improve our site. For detailed information on the cookies, we use and the purposes for which we use them see our Cookie Policy.
Information we receive from other sources about you
- We may receive information about you if you use any of the other websites we operate or the other services we provide. We also work closely with third parties (for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, customer insight companies, credit reference agencies, recruitment agencies and job boards) and may receive information about you from them.
- If you are applying for a job vacancy, we may undertake verification checks to establish if the information you have provided is correct, including taking up references about you.
How we use your personal data?
We want to give you the best possible customer experience by combining the data we have about you to provide you with updates, offers and promotions on our products and shops that are most likely to interest you. In the case of loyalty scheme members, we’ll also offer you relevant rewards.
We will also use your personal data in the following ways:
- To carry out our obligations arising from any contracts or agreements entered between you and us, for example to process any pre-orders/reservations that you make by using our websites.
- To notify you about updates and information about our products, services and job vacancies that we think may be of interest to you, including special offers, discounts, promotions, events, competitions etc.
- To provide you with information about other products, services and job vacancies we offer that are like those that you have already purchased, booked or enquired about.
- To administer any of our prize draws or competitions which you enter, based on your consent given at the time of entering.
- To help us make improvements to our systems, products and services.
- For research and marketing purposes.
- To respond to your queries and complaints. We may also keep a record of these to inform any future communication with us and to demonstrate how we communicated with you throughout.
- To ensure that content from our site, mobile apps and other services and activities is presented in the most effective manner for you and for your computer.
- To protect our company, customers, premises, assets and staff from crime.
- To comply with our contractual or legal obligations to share data with law enforcement.
- To send you communications required by law, or which are necessary to inform you about our changes to the services we provide you.
- Google Analytics: We also use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
- Meta / Facebook: Customer activity data is shared with Meta companies using the Facebook Pixel, advanced matching, and Conversions API to help improve advertising performance. You can read more about how Meta / Facebook use this data to power relevant advertising here. You can disconnect this data from your Facebook account by changing their settings for Off-Facebook Activity.
- Pinterest: We use Pinterest to share information and images of, and adverts for our products. We pass certain aspects of your personal data to Pinterest to enable them to improve the relevance of and to personalise the information they show to you. Your personal data is handled in accordance with the Pinterest Privacy Policy.
- TikTok: We use TikTok to share information and images of, and adverts for our products. We pass certain aspects of your personal data to TikTok to enable them to improve the relevance of and to personalise the information they show to you. Your personal data is handled in accordance with the TikTok privacy policy.
How do we protect your personal data?
We will treat your data with the utmost care and take appropriate steps to protect it and we have defined security and privacy controls, processes and procedures to protect your data.
Our systems comply with high-standard business-grade specifications, including:
- Secure access to all transactional areas of our websites and apps using ‘https’ technology.
- Access to your personal data being password-protected and sensitive data (such as payment card information) being secured by SSL encryption.
- Regularly monitoring our system for possible vulnerabilities and attacks, as well as carrying out penetration testing to identify ways to further strengthen security.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
How long will we keep your personal data?
Whenever we collect or process your personal data, we’ll keep it no longer than is necessary for the purposes for which the personal data is processed.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
Your personal data will then either be deleted or destroyed
Who do we share your personal data with?
If you request a password reset, your IP address will be included in the reset email.
We may share your personal data with any member of our group, as defined in section 1159 of the UK Companies Act 2006.
In certain situations, we may disclose your personal data to third parties.
If we sell any business or assets, in which case we may disclose your personal data to the prospective buyer of such business or assets.
If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use and other agreements; or to protect the rights, property, or safety of Patisserie Valerie, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
We may sometimes share your personal data with selected, trusted third parties, including but not limited to:
- Business partners, suppliers and service providers for the performance of any contract we enter with them or you
- IT companies who support and improve our website and other business systems.
- Direct marketing, research and advertising companies that help us with our marketing strategy and communications with you.
- Data insight companies to ensure your details are up to date and accurate.
- We may also share your contact details with selected, trusted third parties who offer products and services that we believe may be of interest to you who will wish to contact you directly. We are careful about the amount of information that we share and consider this is in our legitimate interests, as well as those of the relevant third parties, and is not overridden by your privacy rights. You have the right to object to this.
We provide only the information to these trusted third parties that they need to perform their specific service. They are contractually bound to use your personal data that we share with them with the sole purpose of performing the services we have engaged them to provide.
Cookies
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
What cookies do we use?
This is a list of the main cookies set by our website, and an explanation of what each is used for:
- Google Analytics (_ga) – Expiry 2 years
- We use Google analytics, a web analytics service provided by Google, Inc. Google Analytics sets a cookie in order to evaluate your use of our website and compile reports on user activity.
- We also use a number of suppliers who also set cookies on our website in order to deliver the services that they are providing. A list of all third-party cookies that are used is set out below.
- We use a web analytics service called Google Analytics to help us identify how our customers use our website, what they like and to see where improvements can be made.
- Google stores the information collected by the cookie on servers in the United States. Google may also transfer this information to third parties if they are required to do so by law or if the third-party processes information on Google’s behalf. The information collected is aggregated and anonymised.
- Google Maps: Some of our pages include interactive maps provided by Google. Google may set cookies to store information and preferences about maps or other associated Google services on pages where we embed Google maps
- Google does not associate your IP address with any other data held by Google.
- For more information on how Google uses cookies, please refer to their privacy policy https://www.google.com/policies/technologies/cookies/
Transfer of data outside EEA
All countries in the European Economic Area (EEA), which includes the UK, have similar standards of legal protection for your information. We may store your information on third party data centres located outside the EEA, where there is not a similar standard of data protection laws. If so, we will take steps to ensure that adequate levels of protection are applied to your information.
What are your rights over your personal data?
You are receiving relevant communications from us because you have previously consented to receiving communications from us, or you have engaged with us or shown interest in receiving updates about our products, services and job vacancies by providing such personal data to us.
The data protection laws allow us to treat your previous engagement as amounting to a “soft opt-in.
You have the right to ask us to stop sending you communications at any time if you wish, as described below
Under the data protection laws you have the right:
- To request a copy of the personal data we hold about you, free of charge in most cases.
- To ask us to correct your personal data when incorrect, out of date or incomplete.
- To ask us to stop using your personal data for direct marketing (either through specific channels, or all channels) or any other consent-based processing of your information.
- To ask that we delete your information if we do not have a good cause to retain it.
- To otherwise object to the way in which we use your information.
- If you wish to exercise any of these rights, or if you have any questions about, our use of your information, please contact us: Ildi Busy Bee , 36D, Victoria Road, Bletchley, Milton Keynes, MK2 2NQ, or email us to: ildiko@ildibusybee.com
- You also have a right to complain to the Information Commissioner’s Office or other appropriate regulatory authority in relation to your information held by us, and how we use it.
How can you stop the use of your personal data for direct marketing?
When you provide your personal data, we give you the opportunity to choose to receive further information about our products, services and job vacancies which we believe may be of interest to you.
There are several ways that you can opt out of receiving direct marketing communications from us:
- By clicking the ‘unsubscribe’ link in any email communication that we send you.
- By writing to or contacting Data Protection Coordinator, Ildi Busy Bee, 36D Victoria Road, Bletchley, Milton Keynes, MK2 2NQ .
Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated. If you ask us to stop sending you communications, we will continue to keep a record of you and your request. If we deleted all of your information from our database, we would have no record of the fact that you have asked us not to communicate with you and it is possible that you may start receiving communications from us at some point in the future, if we obtain your details from a different source
Links to other sites
You may, from time to time, receive links to and from third-party websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies, terms and conditions and we do not accept any responsibility or liability in connection with any access or use by you of these sites. Please check the policies, terms and conditions of such websites before you submit any personal data.
Status of Privacy Notice and updates
This Privacy Notice is non-contractual. We reserve the right to amend it from time to time. Amendments will be posted to our website and, where appropriate, through e-mail notification. Unless otherwise specified all such changes will take effect immediately upon posting to the website.
For the avoidance of doubt, no change to the Privacy Notice will change the content of your consent that you may have granted.
Security
Where we have given you (or where you have chosen) a password or PIN which enables you to access certain parts of our website, you are responsible for keeping this password or PIN confidential. We ask you not to share a password or PIN with anyone.
Visitor comments may be checked through an automated spam detection service.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Scope of This Privacy Notice
This Privacy Notice is directed at our guests, customers, job applicants, and any external individuals with whom we engage. In relation to personal data our current and former employees are covered by separate internal documentation and operational practices, including individual employee contracts and company rules, policies, processes and procedures.
Media
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.).
Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.