STORE POLICY

 

Privacy Policy

 

In accordance with Art. 12 of the General Data Protection Regulation (hereinafter referred to as the GDPR), we are obliged to inform you about the processing of your data when you use our website. We take the protection of your personal data very seriously and this privacy policy informs you about the details of the processing of your data and about your legal rights in this regard.

We reserve the right to adapt the privacy policy with future effect, in particular in the event of further development of the website, the use of new technologies or changes to the legal bases or the corresponding case law.

We recommend that you read this privacy policy from time to time and take a printout or a copy for your documents.

DEFINITIONS

  • In the following, website means all of the controller’s pages at www.angellabs.co.uk

  • personal data means any information relating to an identified or identifiable natural person. A person is identifiable if they can be identified, either directly or indirectly, in particular by means of assignment to an identifier such as a name, to an identification number, to location data, to an online identifier or to one or more special features that are an expression of the physical, physiological, genetic, psychological, economic, cultural or social identity of that natural person. Personal data is therefore, for example, a person’s name, email address and telephone number, but may also include information about preferences, hobbies and memberships;

  • processing means operations or sets of operations carried out with or without the aid of automated procedures in connection with personal data, such as the collection, recording, organisation, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment, combination, restriction, erasure or destruction;

  • pseudonymisation means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data cannot be attributed to an identified or identifiable natural person;

  • consent means any freely given, specific, informed and unambiguous indication of the data subject’s wishes in a particular case by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;

  • Google means Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; reachable in the European Union at: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, fax: +353 (1) 436 1001;

SCOPE

This privacy policy applies to all pages of www.angellabs.co.uk It does not cover any linked websites of other providers.

RESPONSIBLE PROVIDER

The following party is responsible for the processing of personal data within the scope of this privacy policy:

Angel Labs Ltd

Unit 2, Forest Road

Binfield

Berkshire

RG40 5SE

01189099045

SECURITY

We have taken comprehensive technical and organisational precautions to protect your personal data from unauthorised access, abuse, loss and other external disruption. To this end, we regularly review our security measures and adapt them to current standards.

YOUR RIGHTS

You have the following rights with regard to the personal data concerning you that you can assert against us:

  • right of access (Art. 15 GDPR)

  • right to rectification (Art. 16 GDPR) or erasure (Art. 17 GDPR)

  • right to restriction of processing (Art. 18 GDPR)

  • right to object to processing (Art. 21 GDPR)

  • right to withdraw your consent (Art. 7(3) GDPR)

  • right to receive the data in a structured, commonly used, machine-readable format (data portability) and the right to transfer the data to another controller, if the prerequisites of Art. 20(1) (a), (b) GDPR are fulfilled (Art. 20 GDPR).

You can assert your rights by informing us using the contact details specified above under ‘Responsible provider’ or by contacting the data protection officer designated by us.

You also have the right to lodge a complaint with a data protection supervisory authority about our processing of your personal data (Art. 77 GDPR).

USE OF THE WEBSITE, ACCESS DATA

In principle, you can use our website for purely informational purposes without disclosing your identity. When you access the individual pages of the website in this sense, this only results in access data being transferred to our web hosting service so that the website can be displayed to you. This is the following data:

  • browser type/browser version

  • operating system used

  • language and version of the browser software

  • hostname of the accessing device

  • IP address

  • website from which the request comes

  • content of the request (specific page)

  • date and time of the server request

  • access status/HTTP status code

  • referrer URL (website visited before)

  • volume of data transferred

  • time zone difference from Greenwich Mean Time (GMT).

Temporary processing of the IP address by the system is necessary to make it technically possible to deliver the website to your device. This requires processing of your IP address for the duration of the session. The legal basis of this processing is Art. 6(1) Sentence 1(f) GDPR.

The access data is not used to identify individual users and is not combined with other data sources. The access data is erased when it is no longer required for achieving the purpose of its processing. In the case of recording the data to provide the website, this is the case when you end your visit to the website.

IP addresses are stored in log files to ensure the functionality of the website. In addition, the data serves us to optimise the website and to ensure the security of our information technology systems. No evaluation of the data for marketing purposes takes place in this context either. In principle, data is erased after seven days at the latest; further processing is possible in individual cases. In this case, the IP address is erased or so transformed that an assignment of the retrieving client is no longer possible.