Privacy and Security

Bioaware Ltd are dedicated to safeguarding and preserving your privacy. This Privacy Policy provides an explanation as to what happens to any personal data that you provide to us, or that we collect from you. As a data controller we comply with our obligations under the General Data Protection Regulations by keeping personal data up to date, be it: storing and destroying it securely; not collecting or retaining excessive amounts of data; protecting personal data from loss, misuse, unauthorised access and disclosure, and ensuring that appropriate technicalmeasures are in place to protect personal data.

We want to be completely open and transparent with how your data is used and give you control over what we do with it. We are compliant with the General Data Protection Regulation (GDPR) which came into effect on 25th May 2018.

Our principles:

- Your information belongs to you, so you have control over it and you should be comfortable with everything that we do with your information

- We will be clear and open with the information we collect, why we collect it, how it is used.

- We will only collect, keep use and share your information for genuine business purposes which you have not objected to and where we are legally required to do so.

- Security of data is highly important to us, we take all appropriate steps to ensure your data is safe with us and regularly review policies and practices.

On the My Account page you can check which services you are opted in to and change whenever you like.

How we contact you

If you have opted in to marketing emails you will receive updates on new products and offers from BIOAWARE.

We may pass on your email to Royal Mail for delivery notification updates. These are service emails necessary for the delivery of your order and will not contain any marketing. These couriers will not pass on your email address to any third parties.

You can opt out of email marketing at any time, either through your My Account page, by simply clicking on the ‘Unsubscribe’ link which is at the bottom of all of our emails or by contacting our Customer Care team (please note this might take a few days for all our systems to update). If you choose to opt out of marketing emails you will still receive order notification and delivery updates which are necessary for the delivery of your order as well as updates from DPD, Hermes or Royal mail but these emails will not contain any marketing.

Telephone

We may contact you to assist the processing of your order, for example if there is a problem with delivery.

Recommendations

We have a range of products so it is important that we show you the products that you are more interested in. A recommendations system which will show product recommendations based on a number of factors such as previous purchases, what other customers bought and what products are popular right now. The data used for this is anonymised and is not shared with any other organisations. These recommendations will appear on BIOAWARE and within our promotional emails.

What information we store on you

Personal details

We store your personal details such as your name, email, phone number and postal address details. We use your emails for marketing purposes to send you our latest offers if you have opted in to do so. If you choose to opt out we will still hold your details for the purpose of processing your orders. You can update your information and preferences at any time on the My Account page.

Order history and communications

We keep a record of all of your previous orders. This data must be held for accounting purposes and also to help with any queries you have on your previous purchases, deliveries etc.

Survey information

We may occasionally run customer surveys to get your opinions and find out how we can provide you with a better service and better products. We keep the information collected from here for future reference and analysis.

Competitions

We regularly run competitions, we store details of all entrants for the purpose of administering the competition and notifying winners.

IP Address

Your IP address is an identifying number for the device you are using to connect to the internet. We store IP addresses of customers and visitors. We use this information to analyse market trends, gather broad demographic information, and to prevent abuse of our services.

Cookies are small pieces of information in the form of text files that are sent to your browser from our web server and are stored on your computer. Cookies are essential to using the BIOAWARE website.

There are three different categories these cookies are split into:

Essential to Site function cookies – these cookies allow you to browse the site, search for products and add items to the basket.

Helpful, non intrusive cookies – these help improve your experience on the site, for example by recognising your location therefore displaying appropriate delivery options in a banner, and reminding you of your recently viewed items.

Third Party Cookies – to help us record customer experience and to allow us to test new services, to help us improve the customer journey on the website.

Site Analytics and Tracking

Google Analytics

We analyse the performance of our website and improve customer experience using Google Analytics. You can read more about Google Analytics in their Privacy Policy.

Google Ads

We may advertise the products we sell through Google Ads (previously called Google Adwords). Sales through our site are recorded by Google Ads so we can track the performance of our adverts. As part of this we use remarketing to show adverts on 3rd party websites for products we think you will like based on your purchases and the products you have viewed on our site. You can opt out of this by visiting Google’s Ads Settings page.

Bing Ads

We may advertise products we sell through Bing Ads. Sales through our site are recorded by Bing Ads so we can track the performance of our adverts. Bing Ads privacy policy.

Who we send data to

Delivery and order processing

We use a number of courier services to get your order safely out to you. In order for this to be done we must supply these couriers with your name, address and sometimes the telephone number and email address so they can complete the delivery and contact you if there are any problems with the delivery. These courier services do not own this data and so will not use it for any other purpose.

We currently use these courier services:

Royal Mail – See Royal Mail website for their Privacy Policy

Payment Processing

When we process orders a fraud review is automatically conducted. If you chose to pay by card or our payment provider Shopify Pay will process the payment. For the purpose of processing the payment securely your name, address and order details are passed on to Shopify Pay. When ordering with your credit or debit card we do not see or store your full card details, these are processed by Shopify Pay.

If you choose to pay with PayPal we pass your name, address, email address and order details to PayPal. PayPal will confirm with us when the payment is completed through their systems. We do not see or store your bank or card details at any point in this process.

If you choose to pay with Google Pay we pass your name, address, email address and order details to Google Pay. Google Pay will confirm with us when the payment is completed through their systems. We do not see or store your bank or card details at any point in this process.

If you choose to pay with Apple Pay we pass your name, address, email address and order details to Apple Pay. Apple Pay will confirm with us when the payment is completed through their systems. We do not see or store your bank or card details at any point in this process.

How long we keep your information for

For the purposes stated above we will keep your information as long as your account is active or as needed to provide our services to you.

If legally required or if it is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our Terms and Conditions, we may also retain some of your information for a limited period of time as required, even after you have closed your account or it is no longer needed to provide the Services to you.

You have the right to see the data we hold about you

You have the right to see what personal data we hold about you.

Should you wish to obtain a copy of the personal information we hold about you, or information on how it is being used, you may do so by submitting a request in one of the following ways:

- Write to us BIOAWARE, Waterside Workshop, Brimscombe, Stroud, GL5 2TA, United Kingdom

- Contact our customer services team via email sales@bioaware.co.uk or by phone on 01453 298815

We will respond to any request for such information in a prompt manor, without any undue delay and within one month of receipt.

Please be aware that in some circumstances it may be necessary for you to provide us with more information so we can correctly confirm your identity matches that of the subject access request.

There is no fee for submitting a subject access request. However, excessive requests will be subject to a reasonable fee for the administrative costs of complying with the request.

You also have the right to request at any time to have any inaccurate personal information we hold about you rectified.

Your right to be forgotten

You have the right to have some of the personal data held on you removed. If you would like your information removed please write to us at Write to us BIOAWARE, Waterside Workshop, Brimscombe, Stroud, GL5 2TA, United Kingdom

Or contact us by email at sales@bioaware.com.

Please note there are some exceptions to this where we must adhere to legal compliance, for example we have to keep financial information for at least six years. We can also retain information to comply with a legal obligation or for the prevention of fraud.

We will not sell your information

We do not sell data – at no point will sell your personally identifiable information – including your name, address, e-mail address, or credit card information - to any third party.

Security

For orders through the Shop, we work to protect the security of your payment information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input.

The Site uses reasonable security methods to protect the personal data (e.g., contact details) that resides on our servers. However, no security system is impenetrable. Bioaware.co.uk cannot warrant or guarantee the security of its or its partners' servers, nor can it guarantee that information that Shop Users supply will not be intercepted while being transmitted to bioaware.co.uk or its partners over the Internet.

When you register to purchase products on the Shop, you will be asked provide your email and password. You must keep your passwords confidential and must not disclose it to or share it with anyone. You are responsible for all activities that occur under your login details for the Shop. If you know or suspect that someone else knows your password, notify us immediately at sales@bioaware.co.uk