Privacy and Confidentiality Policy
All client details or registration details are considered confidential and except where legally required, (i.e. by court order or Police investigation), or necessary for the purpose of using our peer to peer trading platform will not be disclosed to any third party without prior consent.
Personal information that you submit for publication on our website will be published on the internet and may be available, via the internet, around the world. You expressly agree to such transfers of personal information.
Client details will never be passed onto other companies, mailing lists, etc.
All documents and files containing client data that require disposal, (such as redundant or expired files) are disposed of in a secure manner, normally by shredding and/or incineration.
Web site security
We host our web sites and services using 3rd party secure dedicated servers hosted in the UK and have in-house IT specialists who manage those systems.
Our website uses high security digital certificates to encrypt the communication between your browser and our servers. This ensures your privacy for any data you enter on our website forms and confidentiality of any files that you upload to us.
The Bid For Wine website contains links to other websites. We are not responsible for the privacy policies or practices of third-party websites.
The data we collect using cookies helps us understand our customers better so that we can provide a more focused user experience. Using the knowledge of your previous visits to our website, Bid For Wine can enhance subsequent visits by tailoring our content to match your requirements.
We only use temporary (session) cookies where they are strictly necessary to enable our web-forms and web analytics systems to operate and perform the requested service.
General Data Protection Regulation (GDPR) policy
The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation of the European Parliament, the Council of the European Union and the European Commission intended to strengthen and unify data protection for all individuals within the European Union (EU).
Basis of and scope of data storage:
We store and process data only as agreed by the client or as required in order to perform services requested by the client. We regard all details we do store as confidential.
How we obtain data:
Data we hold will consist solely of information that you provide to us (e.g. contact details you enter on forms or correspondence), or is determined through your direct interaction with our website (e.g. your IP address) or by electronic mail.
Data we hold consists of:
Your name. Company name (if applicable). VAT details (if applicable). Postal address. Country. Email addresses (if applicable). Telephone number (if applicable) Wine preferences (if applicable).
This is used so that we can contact you when needed (e.g. to send marketing communications, invoices, bidding information or to communicate information affecting your account or our service to you, etc.)
Payee name. Billing contact details (if applicable) Credit Card secure token (if applicable) Date and amount of payments.
The following are stored by our payment service providers for the purpose of creating a payment token and not by Bid For Wine. Card type (e.g. Amex, Visa) (card payments only). Last 4 digits of payment card (card payments only).
This data is kept purely to allow cross-checking in the event of accounting imbalance, customer payment enquiries or investigation by tax authorities (i.e. mandatory accounting requirements).
Enquiries we have received via email, web-form or post.
We may also store your IP address for security reasons and to enable us to investigate technical problems if you experience a fault whilst using our site.
We may use your personal information to:
- administer the website;
- improve your browsing experience by personalising the website;
- enable your use of the services available on the website;
- send to you goods purchased via the website, and supply to you services purchased via the website;
- send statements and invoices to you, and collect payments from you;
- send you general (non-marketing) commercial communications;
- send you email notifications which you have specifically requested;
- send to you our newsletter and other marketing communications relating to our business by email, post or similar technology. You can opt out of our mailing list by clicking the unsubscribe link on any marketing emails that we send to you.
- deal with enquiries and complaints made by or about you relating to the website
- resolve any problems you may experience whilst using the website
- assist third parties in their dealing with you via the site, including sharing your contact details if you are involved in a transaction with the third party; and where you submit personal information for publication on our website, we will publish and otherwise use that information in accordance with the license you grant to us.
We retain personal data that you supply for as long as you are a client with an active account, and for as long as we are legally required to do so (e.g. by tax and accounting regulations).
Where data may exist on back-ups, these are regularly changed and expired files (etc.) are securely disposed of when backup media is expired or replaced.
General enquiries via web-form, email or post:
These are generally kept for a number of years so that we can refer back to them if you send a follow up to our reply, after that they are deleted: At scheduled times throughout the year enquiries over the specified number of years old are removed.
The number of years will depend on the type of enquiry and how it was submitted:
Any correspondence that may potentially relate to a financial transaction, currently active registration or client account, is treated the same as as tax records (tax records are legally required to be stored for a minimum of 6 years) and deleted after 7 years.
Right of access and rectification
If you are a client and have need to check any information we hold about you, or need to correct inaccurate information, please contact our Data Controller in writing;
The Data Controller,
BFW 2018 Ltd
220 Queenstown Rd
For security reasons we will need to ensure that you are the account holder (and may ask you to provide proof of your identity) before we can release any information.
Right to erasure:
If you decide that you no longer need our services and want the data we hold to be deleted, you may cancel your account at any time and we will remove your data once we are legally able to do so.
(Note: for VAT invoices, and other financial records, there is a minimum retention period of 6 years specified under Paragraph 6, Schedule 11 of VAT Act 1994 and HMRC Notice 700/21 (December 2007), point 2.4. ).
If you are not a client, but have contacted us via email/letter, and want any emails, letters, or form submissions enquiries you have made erased please contact our Data Controller and we will arrange that.
Please note: for security reasons you must contact us from the address you want removed and we may ask you to prove your identity (i.e. you cannot delete someone else’s data without their consent).
If you take no action, the data will be securely disposed automatically in due course as part of our routine maintenance activities.
Complaints, corrections or objections
If you have any questions or concerns about information we hold about you, or need to correct inaccurate information, please contact our Data Controller in writing;
The Data Controller,
BFW 2018 Ltd
220 Queenstown Rd
Credit/debit card security
Bid For Wine do not store card details on their systems. Card details are collected and stored by our payment service providers over highly secure connections. Card details are never stored or transmitted in an unencrypted format and never on our web sites. The payment service providers we use are regularly audited by Visa and MasterCard to ensure that their systems conform to the latest security standards.
If you supply credit card details on a postal application form or by telephone, these are securely disposed of once payment has been taken.
3D Secure verification
Some transactions* processed by our 3rd party payment processers may also use ‘MasterCard SecureCode’, ‘American Express SafeKey’ or ‘Verified by Visa’ secure authentication. These systems (collectively known as ‘3D Secure’) use personal passwords or identity information to further protect card users against unauthorized use and are not part of the Bid For Wine web site. (*Dependant on participating bank and payment service provider)
BFW 2018 Ltd
220 Queenstown Rd