Privacy Policy
Our Privacy Statement
At Hemp Point we are committed to maintaining your privacy.
Controller
Cannatural s.r.o. trading as Hemp Point is the controller and responsible for your personal data (collectively referred to as “COMPANY”, “we”, “us” or “our” in this privacy notice).
We have appointed a data protection officer (DPO) who is responsible for questions in relation to this privacy notice. If you have any queries about this privacy notice, including any requests to exercise your legal rights, please contact the DPO using the details set out below:
Tomas Biroscik: support@hemppointcbd.co.uk
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the opportunity to deal with your query before you approach the ICO so please contact us in the first instance.
The data we collect about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you, such as the following:
Identity Data including first name, maiden name, last name, username or similar identifier, title, date of birth and gender.
Contact Data including billing address, delivery address, email address and telephone numbers.
Financial Data including bank account and payment card details.
Transaction Data including details about payments to and from you and other details of products and services you have purchased from us.
Technical Data including internet protocol (IP) address, your login data, browser type and version, location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Profile Data including your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
Usage Data including information about how you use our website, products and services.
Marketing and Communications Data including your preferences in receiving marketing from us and our third parties and your communication preferences.
If you fail to provide personal data
Where we need to collect personal data to fulfil the terms of the contract we have with you or by law and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
How is your personal data collected?
We use different methods to collect data from and about you including through:
Direct interactions. You may give us by completing forms or by corresponding with us by post, telephone, email or other means. This includes personal data you provide when you:
- apply for our products or services;
- create an account on our website;
- subscribe to our service or publications;
- request marketing to be sent to you;
- enter a competition, promotion or survey; or
- give us some feedback.
We operate an opt-in policy in terms of communicating via post, telephone, email or other means. By subscribing to our mailing list, you are opting to receive communications by email, post and text (mobile ). However, every time we contact you after this, you will have an opportunity to unsubscribe from our mailing list.
Automated technologies or interactions. As you interact with our website, we may automatically collect Technical Data. We collect this personal data by using cookies, and other similar technologies.
Third parties or publicly available sources. We may receive personal data about you from various third parties as set out below:
- analytics providers such as Google;
- advertising networks such as Adwords, Facebook based outside the EU; and
- Contact, Financial and Transaction Data from providers of technical, payment and delivery services such as PayPal, Total Processing Payments, Viva Wallet Payments, Splitit Card Based Installment Payment Solutions.
How we use your personal data
Most commonly, we will use your personal data in the following circumstances:
- Where we need to perform the contract, we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third party direct marketing communications to you via email or. You have the right to withdraw consent to marketing at any time by contacting us.
Purposes for which we will use your personal data
Beneath is a description of all the ways in which we plan to use your personal data, and which of the legal bases we rely on to do so.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.
Purpose/Activity | Type of data | Lawful basis for processing including basis of legitimate interest |
To register you as a new customer | (a) Identity
(b) Contact |
Performance of a contract with you |
To process and deliver your order including:
(a) Manage payments, fees and charges (b) Collect and recover money owed to us |
(a) Identity
(b) Contact (c) Financial (d) Transaction (e) Marketing and Communications |
(a) Performance of a contract with you
(b) Necessary for our legitimate interests (to recover debts due to us) |
To manage our relationship with you which will include:
(a) Notifying you about changes to our terms or privacy policy (b) Asking you to leave a review or take a survey |
(a) Identity
(b) Contact (c) Profile (d) Marketing and Communications |
(a) Performance of a contract with you
(b) Necessary to comply with a legal obligation (c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services) |
To enable you to partake in a prize draw, competition or complete a survey | (a) Identity
(b) Contact (c) Profile (d) Usage (e) Marketing and Communications |
(a) Performance of a contract with you
(b) Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business) |
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) | (a) Identity
(b) Contact (c) Technical |
(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)
(b) Necessary to comply with a legal obligation |
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you | (a) Identity
(b) Contact (c) Profile (d) Usage (e) Marketing and Communications (f) Technical |
Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy) |
To use data analytics to improve our website, products/services, marketing, customer relationships and experiences | (a) Technical
(b) Usage |
Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy) |
To make suggestions and recommendations to you about goods or services that may be of interest to you | (a) Identity
(b) Contact (c) Technical (d) Usage (e) Profile |
Necessary for our legitimate interests (to develop our products/services and grow our business) |
DATA RETENTION
How long will you use my personal data for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances you can ask us to delete your data by a request for erasure.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Your legal rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data. Such as the following;
- Request access to your personal data.
- Request correction of your personal data.
- Request erasure of your personal data.
- Object to processing of your personal data.
- Request restriction of processing your personal data.
- Request transfer of your personal data.
- Right to withdraw consent.
If you wish to exercise any of the rights set out above, please contact us to discuss further.
SSL and Encryption Technology
We have implemented internet security technology to ensure that it is safe for you to shop with us. We use encryption technology to scramble your personal data when you give it to us. This process is known as SSL (secure sockets layer) and we are constantly updating our technology to provide you with the maximum level of security.
To check you are in a secure area of our website, you can look in your browser window and you will see a closed padlock or an unbroken key. This indicates that SSL is enabled and your transaction is secure.
Additionally, we do not hold any of your credit card details anywhere on our website. They are simply passed securely to our e-payments processor for authorisation by your bank.
AMEX SafeKey, MasterCard SecureCode and Verified by Visa (3D Secure)
AMEX SafeKey, MasterCard SecureCode and Verified by Visa are new services that let you shop online with added confidence and security and protect you from fraud.
To use AMEX SafeKey, MasterCard SecureCode and Verified by Visa all you need to do is register your card once, and create a password. Then, when you make a purchase online, AMEX SafeKey, MasterCard SecureCode or Verified by Visa window will appear. Simply enter the characters requested from your password and click on the submit query button. Your identity is verified and the purchase is secure.
If you are registered for the scheme and have a password already, you will be asked to enter characters from your password after you have entered the card details and clicked on the ‘continue to payment’. Your card provider will then verify the characters you have entered and, if it matches their records, verify your transaction.
If your card provider is registered for the scheme but you personally are not, we will offer you the chance to sign up and create a password during the check out process. This is all handled through AMEX SafeKey, MasterCard SecureCode or Verified by Visa themselves. We simply pass your encrypted details on to your card provider securely.
If you would like further information, please contact your AMEX, MasterCard or Visa issuer.
What you can do to stay secure
There are things you can do to protect your personal information and transactions when shopping online. Here are a few of them:
When using a public computer, always log out and close the browser when you have finished.
Do not share your password with anybody else or write it down anywhere.
When you create a password, use at least 8 characters and a combination of letters and numbers. Do not use any personal information in your password (such as your name) that can be easily obtained. We also recommended that you change your password often.
Use different passwords for your different online accounts.
Cookies / What are Cookies and what are they used for?
Cookies are small pieces of information that are stored by your browser on your computer’s hard drive. Cookies do not contain any recognisable personal information but are used by websites, including this one, to better understand how visitors are accessing and using their site. This information may be used to improve website usability and for marketing purposes.
How can I stop Cookies being used?
Most browsers are automatically set to accept Cookies but usually you can alter the settings of your browser to prevent automatic acceptance. Please be aware that restricting Cookies will have a negative impact on your experience of this and many other websites. However, if you choose not to allow Cookies, you will still be able to use most of the features of our website, including the ability to purchase items. For more information on Cookies and how to disable them, visit www.allaboutcookies.org.
Cookies Used by Hemp Point Cookies are used by our website. However, we do not collect any personal data through Cookies on your computer. When you visit our website, we collect a series of standard data relating to your visit. This may include such things as the number of times you visit our website, which pages you visit, which products you look at and your geographical location.
We also use Cookies to store the things you add to your shopping bag and remember you when you return to our website. You cannot be personally identified by any information we collect via Cookies. Please refer to the table below, to see what Cookies we use and why we use them.
Cookies used / What we use them for
Order Processing Cookies
We use these Cookies to provide essential services to our customers, relating to the processing of their order.
Site Analytics Cookies (Google Analytics)
These Cookies are used to better understand how customers are using our site so we can improve and optimise our site, creating the best possible experience for shoppers.
How will I know if this Privacy Policy changes?
If our policy changes in the future – to comply with a new legislation, for example – we will update this page with the new details. Please check back to keep up to date with any changes.
Klarna.
We use Klarna as the provider of our checkout. This means that we might transfer your personal data in the form of contact and order details to Klarna when the checkout is loaded, in order for Klarna to manage your purchase. Your personal data transferred is processed in line with Klarna’s own privacy notice.”