Privacy and GDPR – General Data Protection Regulation
We at Cross & Woods respect the privacy of all users of our website and shall ensure that the personal information you give us will be treated confidentially.
We will process the personal data concerning you, including the data concerning your use of the Website, such as visited page, time spent on different parts of the Website, the Internet address of the website from which the you arrived at the Website, and the products and services that you ordered. We will use your information for performance of concluded agreements, including measures to enhance the service provision or to provide offers or information to you.
If you sign up to the Cross & Woods newsletter, we will also use your data for sending you our newsletters. These newsletters may contain offers from Cross & Woods. We will not send you this newsletter if you have not subscribed. If you wish to unsubscribe, please log in to your account and deselect the Newsletter check box. In addition, we may occasionally use your information for customer inquiries concerning our website. If you send us a question, or contact us, we will use your information to send you a reply.
You shall upon request be granted access to the data that we have collected about you and may correct any mistakes. You have the right to request us to remove your account or block access to such records. We shall respond to such request within 72 hours.
All GDPR data removal requests will be complete within 72 hours with 100% compliance to your request. Depending on the weight of your request, we will do our best inform you how this will limit or prevent you from using our website or services.
So why keep any data?
In order for us to communicate with or send products and services to you, it is necessary for us to retain your contact details, address and telephone number in some cases. If we do not have this data we cannot perform our service for you.
You do have the right to be forgotten, and as such, it is your right to request the removal of your data, after you have concluded your service from Cross & Woods. Use our Data Access Request page to do so.
Cross & Woods (Pauline Kettlewood and Eloise DelaCroix) are your data processors. We process your data in order to continue service with you. Please call our shop telephone in order to talk with us about how we process your data.
INDABATH (John Tweedlie) is the data controller. It is INDABATH’s responsibility for the control of your data. Your data is stored in a data center within the Netherlands, an EU country where GDPR is applicable. GDPR protection only applies to EU citizens.
Connection to crossandwoods.com over the internet uses 256SHA 4096RSA encryption, preventing man-in-the-middle attacks and your data from being stolen.
The data center is ISO27001 certified, the global standard for security complaince. More information can be read here: https://www.leaseweb.com/certifications
If you would like to discuss the data control from Cross & Woods, please contact Cross & Woods by telephone to arrange a conversation with INDABATH.