1. YOUR ACCEPTANCE OF THE STATEMENT
This Statement governs Your use of the Services, including any dispute concerning privacy. By using the Services, You accept this Statement in full. You should read the Statement carefully and ensure that You understand its effect before proceeding to use the Site and the Interactive Services. We reserve the right to modify this Statement at any time without Notice by posting the changes on this page. Your continued use of any portion of the Site following the posting of the updated Statement will constitute Your acceptance of the changes.
2. WHAT INFORMATION IS COLLECTED AND HOW IS THE INFORMATION USED?
2.1 Personal Data
2.1.1 The Site asks You to provide various types of Personal Data to enhance the quality of the Services We can provide to You, including granting You Membership, and the more accurate the information You provide, the better We are able to respond to Your requirements. As part of the process of using the Site, e.g. when registering for an Account to become an Approved IDEx Member, IDEx needs to collect details such as the name, business name, postal address and email address of the applicant. This Personal Data may need to be passed on to third party companies or service providers for the sole purpose of fulfilling the Services only and will not be passed to a third party for the purpose of making marketing communications in accordance with the new Data Protection Act (GDPR) in place on 25th May 2018.
2.1.2 You acknowledge that Your Personal Data may be used by IDEx to contact You by post, phone or by electronic mail when necessary in connection with the Exchanges entered into by You on the Site. From time to time, IDEx may contact You, by post or electronic mail with a newsletter or information or offers regarding upcoming products, promotions, services or customer surveys.
2.1.3 Your Personal Data is used by IDEx for the sole purpose of enabling IDEx to transact and/or communicate with You and to provide You with information about Items on the Site and is not shared with any person or company without Your express consent in writing. A Buyer Member’s delivery details, however, shall be shared with a Seller Member solely for the purposes of effecting Delivery. Any Data that is held with IDEx shall be retained in accordance with the Data Protection Act 25th May 2018 (GDPR) and related legislation and/or our retention schedule culminating in its permanent deletion.
OPTING OUT: If You do not wish to be contacted by IDEx in respect of future marketing communications (excluding the Feature Item publication and emails relating to an Exchange which cannot be opted out of as they are an integral part of the Services), please contact IDEx by sending an email to firstname.lastname@example.org with “URGENT – UNSUBSCRIBE REQUEST”] in the subject line or send Your request by post to IDEx at the contact address below.
2.1.4 Other de-personalised data which does not record Personal Data, for example, information such as the date of the visit to the Site, the path taken, the browser used, the IP address etc., is used primarily to aid the technical administration of the Site, to better understand how the Site is functioning for IDEx Members and to draw conclusions upon demographic information.
2.1.5 Non-member communications: IDEx would like to contact Non Members with newsletters and offer information periodically. The contact details of these Non Members will not be passed to a third party in accordance with GDPR (25th May 2018).
2.2 FINANCIAL DATA
2.2.1 If You are purchasing an Item, where IDEx makes the option available, You can pay by online banking. You will be required to provide the third party partner with Financial Data (i.e. Your banking details) in order to authorise payment and bill You for the Item. When You purchase Items on the Site, Your consent is given to provide Your Financial or Personal Data necessary to process Your Exchanges with IDEx. If You are using online banking, Your own bank’s terms and conditions shall apply. Except as provided here, We will not share Financial Data with third parties (including a Seller Member) without Your prior consent.
3. WHO HAS ACCESS TO YOUR DATA?
3.1 Disclosure of Your Data in Compliance with Laws
You should be aware that We may release Your Data only when it is necessary to comply with laws or regulations, to assist law enforcement, to enforce the terms under which You transacted with IDEx, or to protect the rights, property or safety of IDEx, IDEx Members or third parties.
3.2 Transfer of Your Data outside of the EEA
From time to time, We may transfer Your Data to a related company, agent or contractor in order to improve our Services or to assist our security, credit risk or fraud protection activities. Such companies may be located outside of the EEA and You consent to the transfer of Your Data to such companies for the purposes set out here in accordance with this Statement and as permitted by the Data Protection Legislation.
3.3 Transfer of Data in the Event of the Sale of IDEx or its Assets
In the event that IDEx is sold or transfers some of its assets to another party, Your Data could be one of the transferred assets. If Your Data is transferred, its use will remain subject to this Statement. Your Data will be passed on to a successor in interest in the event of a liquidation or administration of IDEx.
3.4 Other Sites and their Privacy Policies and Cookie Policies
The Site may contain links to other websites. IDEx is not responsible for the privacy practices or the content of such websites or for the privacy policies, cookie policies and practices of other third parties, so You should be careful to read and understand those website policies independently.
4. HOW DO WE PROTECT YOUR DATA?
4.1 The privacy and protection of Your Data is important to us. In addition, any IDEx Member statistics that We may provide to prospective partners regarding Your usage of the Services are provided in the aggregate only and do not include any individually identifiable Data.
4.2 You acknowledge that email messages sent over the internet are not encrypted and are not secure. Despite efforts to protect Your Personal Data, We cannot ensure or warrant the security of any Data You transmit to us, via, to, or from our Site. You accept that IDEx cannot be held liable for any breaches of confidentiality that may occur as a result of the use of email including the IDEx Mailer. IDEx use Mailchimp to send newsletters and other information. Your Data is protected by Mailchimp under Their own policies. If there is any sensitive or confidential Data which You do not wish to communicate by email, please contact IDEx by telephone or post to arrange an alternative method of communication.
You transmit all such Data at Your own risk.
4.3 Once We receive Your Exchange transmission, We use our best efforts to ensure its security on our systems. The Site has security measures in place to protect the loss, misuse and alteration of the Data under our control where applicable. 128 bit industry standard Secure Server Software (SSL) is used by us which encrypts all of Your Data in respect of a transaction so that it cannot be read as the Data travels over the Internet.
6. COMPLAINTS OR QUERIES
IDEx tries to meet the highest standards when collecting and using Data. For this reason, We take any complaints We receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of Data is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures. This Statement does not provide an exhaustive detail of all aspects of IDEx’s collection and use of Data. However, We are happy to provide any additional information or explanation needed. Any requests for this should be sent to the address below.
IDEx tries to be as open as it can be in terms of giving people access to their Data. Individuals can find out if We hold any Personal Data by making a ‘subject access request’ under the Data Protection Act 925th May 2018). If We do hold Data about You We will let You have a copy of that Data. To make a request to IDEx for any Personal Data that We may hold, You need to put the request in writing addressing it to the address provided below. There may be an administrative charge applied in accordance with the applicable legislation.
8. HOW TO CONTACT US
Requests for information about our Statement or a ‘subject access request’ can be emailed to email@example.com or by writing to:
Interior Design Exchange (Internal Compliance Department)
The Old Stores
9. CHANGES TO THIS STATEMENT
We keep our Statement under regular review. This Statement was last updated on 22 May 2018.