Privacy Policy

1.0 What is the purpose of this privacy policy?

  1. This privacy policy is to tell you what personal data we collect from you and why and what we will do with this data. It also tells you about some of the key rights which you have under data protection laws. From 25 May 2018 onwards, you and your personal data will be protected by the EU General Data Protection Regulation (which is otherwise known as GDPR) and a new UK Data Protection Act 2018. In this privacy policy, we refer to this legislation as data protection laws.
  2. We will only process your personal data as set out in our privacy policy or otherwise notified to or agreed by you or as we are otherwise permitted to do in accordance with data protection laws.

2.0 What is our role in relation to your personal data?

  1. For the purposes of data protection laws, we, G A Lomer & Son Limited, are a data controller in respect of the personal data you provide us with.
  2. Our full details are:
    1. Full name of legal entity: G A Lomer & Son Limited
    2. Email address: [email protected]
    3. Postal address: Newpound, Wisborough Green, West Sussex RH14 0AZ
    4. Telephone number: 01403 820215

3.0 What is my personal data and what do you mean by process?

  1. When we refer to personal data, we mean any information which relates to an identified or identifiable individual.
  2. We may process certain types of personal data about you as follows:
    • Identity Data may include your first name, maiden name, last name, username, marital status, title, date of birth and gender.
    • Contact Data may include your billing address, delivery address, email address and telephone numbers.
    • Financial Data may include your bank account and payment card details.
    • Transaction Data may include details about payments between us and other details of
      purchases made by you.
    • Sensitive Data We do not collect any Sensitive Data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.
  3. Where we refer to process or processing, we mean anything which we may do with your personal data including collecting, storing, using, disclosing to third parties and erasing it.

4.0 What personal data will we collect from you and why?

  1. We collect personal data from and about you whenever you use our services, or if you are in touch with us in any way, whether this is directly or indirectly.
  2. Examples of personal data which we might collect include (but are not limited to):
    1. Purpose/Activity Type of data Lawful basis for processing
      To register you as a new customer (a) Identity

      (b) Contact

      Performance of a contract with you
      To process and deliver your order including:

      (a) Manage payments, fees and charges

      (b) Collect and recover money owed to us

      (a) Identity

      (b) Contact

      (c) Financial

      (d) Transaction

      (e) Marketing and Communications

      (a) Performance of a contract with you

      (b) Necessary for our legitimate interests to recover debts owed to us

      To manage our relationship with you which will include:

      (a) Notifying you about changes to our terms or privacy policy

      (b) Asking you to leave a review or take a survey

      (a) Identity

      (b) Contact

      (c) Profile

      (d) Marketing and Communications

      (a) Performance of a contract with you

      (b) Necessary to comply with a legal obligation

      (c) Necessary for our legitimate interests to keep our records updated and to study how customers use our products/services

      To administer and protect our business and our site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) (a) Identity

      (b) Contact

      (c) Technical

      (a) Necessary for our legitimate interests for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise

      (b) Necessary to comply with a legal obligation

      To deliver relevant content and advertisements to you and measure and understand the effectiveness of our advertising (a) Identity

      (b) Contact

      (c) Profile

      (d) Marketing and Communications

      (f) Technical

      Necessary for our legitimate interests to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy
      To make suggestions and recommendations to you about goods or services that may be of interest to you (a) Identity

      (b) Contact

      (c) Technical

      (d) Usage

      (f) Profile

      Necessary for our legitimate interests to develop our products/services and grow our business
  3. Where we are required to collect personal data by law, or under the terms of the contract between us and you do not provide us with that data when requested, we may not be able to perform the contract (for example, to deliver goods or services to you). If you don’t provide us with the requested data, we may have to cancel a product or service you have ordered but if we do, we will notify you at the time.

5.0 How do we protect your personal data?

  1. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
  2. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

6.0 Can we use your personal data to send you information about services in the future?

  1. We will only use your personal data for the purposes for which we collected it.

7.0 Disclosures of your personal data

  1. We may have to share your personal data with the parties set out below for the purposes set out in the table above:
    • Service providers who provide IT and system administration services.
    • Professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.
    • HM Revenue & Customs, regulators and other authorities based in the United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances.

8.0 Can you withdraw your consent to our processing your personal data?

  1. Yes, you can withdraw your consent to receiving marketing material or other communications from us, either generally or in any particular way, at any time by e-mailing us at [email protected]. Alternatively you can telephone us.

9.0 How can you find out what information we are holding about you?

  1. You are entitled to ask us (by letter or e-mail) what personal data of yours is being held or processed, for what purpose and to whom it may be or has been disclosed. No fee will be charged for responding to this request unless it is obviously unfounded or excessive or we have previously provided the same information. We promise to respond to your request without delay and in any event within 1 month unless the request is complex or you have made numerous requests in which case we may be able to extend our response time by a further 2 months.

10.0 What should you do if the personal data we are holding is inaccurate, out of date or incomplete?

  1. If you believe this is the case, please tell us by e-mail as soon as possible. We will rectify the problem within 1 month or within 3 months if the rectification request is complex.

11.0 How long can we retain and process your personal data?

  1. We will not process your personal data in a form which enables you to be personally identified for any longer than is necessary in order to fulfil the purpose for which it was originally collected or for any other legitimate business purpose.
  2. Where your personal data has been provided for the purpose our services you have contracted, we are entitled to retain this data for a period of at 6 years after those arrangements have been completed. In certain limited circumstances, we may be able to retain it for a longer period. You have the right to request for your personal data to be deleted in certain circumstances.

12.0 Can this privacy policy be changed?

  1. Yes, from time to time we may need to make changes to this privacy policy. These may be required as a result of changes in data protection laws or in the guidance issued by regulators such as the Information Commissioner’s Office (which is usually referred to as the ICO) or where we make changes to our procedures. The latest version of this privacy policy can be found on our website

13.0 Cookies

  1. Yes, as is the common practice, our website uses cookies. A ‘cookie’ is a small data file which our website server stores on your computer in order to collect information about your visit and to remember you when you visit again at a later date. The main purpose of a cookie is to identify users and to personalise their visit by customising web pages for their use. We may also use third parties who will collect data which is not personally identifiable to analyse site visits and carry out other similar activities. In the course of doing so, they may place their own cookies on your computer so that they can collect information about your visit. You may if you wish disable or delete such cookies through your internet browser. However, doing so may mean you will be unable to access our website or parts of it, your experience of our website may be adversely affected and/or you may not receive information which is relevant to your personal interests.

14.0 What should I do if I have a complaint about the processing of my personal data?

  1. If you have any complaint about the way in which your personal data has been dealt with, please let us know by e-mail to [email protected] We will investigate and respond to you as soon as we reasonably can. If you remain dissatisfied, you may complain to the Information Commissioner’s Office. For further details, see