Privacy and cookies

Privacy and cookies

Collecting and managing customer data is an essential part of our business, In doing so, we observe EU and UK data protection legislation, and are committed to protecting and respecting your privacy and rights.

In order that you are reliably informed about how we operate, we have developed this Privacy Statement. Together with any additional Privacy Notices which you may see as you navigate around this website, this Privacy Statement describes the ways in which we collect, manage, process, store and share information about you as a result of you visiting this site. This Privacy Statement also provides you with information about how you can have control over our use of your data.

Please note that we will be updating this Privacy Statement on a regular basis in order to keep you fully up-to-date with our approach to data protection and privacy. If you have any comments or queries regarding our use of your data, or you wish to unsubscribe from receiving marketing communications from us, please contact us by email at: gitti50@hotmail.es or by post at: Brigitte Monika Jansen / Colina del Sol 20A / 03710 Calpe .

Personal Data

The information that we collect about you may include your name, home address, e-mail address, telephone number, as well as relevant financial and credit card information. This is referred to as your “personal data”. We collect this data in a number of different ways. For example, you may provide this data directly when filling in forms on this website, or when corresponding with us by telephone, e-mail or letter.

Even if you do not register with us, we may collect technical information about you such as your Internet Protocol (IP) address which connects your computer or mobile device to the internet, your login information, browser type and version, operating system type and version, the country and telephone code where your computer is located, and information about your visit including products you viewed or searched for, page response times, download errors and length of visits to certain pages.

Cookies

We use both ‘session’ cookies and ‘persistent’ cookies on this website. ‘Session’ Cookies are erased from your computer when you close your browser. ‘Persistent’ cookies remain on your computer until the expire or are deleted. The Toy Vault EU Ltd uses cookies for essential operations (such as keeping you logged in and storing items in your cart) and to track patterns of visitors to this website in order to help us improve its functionality.

All Computers have the ability to automatically accept or decline cookies. This can be done by activating the setting on your browser which determines how to deal with cookies. Please note that should you choose to decline cookies, your experience on our website will be restricted.

How We Use Your Data

Currently, we use your data for the following purposes:

To assist in the processing of your order / to carry out our obligations arising from any contracts entered into between you and us. For example, this could include packing and delivering orders, forwarding order details, order fulfilment, the processing of credit/debit card transactions, fraud prevention, registering warranties and the provision of corresponding customer services.

In certain circumstances, it may be necessary for us to provide your information to external companies with which we contract to assist us in providing these critical services to you including payment providers and couriers. We assure you that these companies are not permitted to use your information for any other purpose. For further information please see the section on How We Share Data below.

Where you have given us your specific consent, we will use your data to provide you with marketing services. This allows us to tell you about new products or services that may be of interest to you. Again, we do use a number of external companies to help us provide such marketing services. However, these companies are prohibited from sharing your data with any other company. This means that by consenting to receive marketing from us, you will not receive marketing communications from anyone else.

To ensure that the information contained within this website is presented in the most effective manner for you and for your computer or mobile device. This information allows us to update and improve the contents of our site, and ensure the smooth operation of internal processes, such as troubleshooting, data analysis, testing, research, statistical and survey purposes, and to keep our website as safe and secure as possible. For further information, please refer to the section on Cookies.

How Long Will We keep Your Data?

Unless you ask us to do so, we will never keep your data for longer than is necessary for us to complete the activity for which your data was collected in the first place. However, sometimes there is a legitimate and/or legal reason that means we need to retain your data. In the coming months, we will add further detail to this Privacy Statement, setting out further information about our practices.

How We Share Data

We will never sell your personal data to any external organisation.

We will share your data with companies that are essential to providing our services to you. This includes organisations which are critical to fulfilling customers orders including payment providers and couriers as well as those that help us with marketing.

We assure you that we will only exchange your data with another organisation where (i) we have your express permission to do so; or (ii) it is necessary in order to honour a contract between you and The Toy Vault EU; or (iii) we have a legal obligation to share the information; or (iv) it is in the public interest; or (v) it is necessary for the establishment, exercise or defence of legal claims; or (vi) it is necessary to protect the vital interests of you or another person.

Accessing Your Data

You have the right to ask us, in writing, for a copy of all the personal data we hold about you. This is known as a “Subject Access Request”. Except in exceptional circumstances (which we would discuss and agree with you in advance), you can obtain this information at no cost. We will send you a copy of the information within 30 days of your request.

To make a Subject Access Request, please contact by email at: privacy@forbiddenplanet.com or by post at: PBrigitte Monika Jansen / Colina del Sol 20A / 03710 Calpe

Updating or Amending Your Personal Data

If, at any time, you want to update or amend your personal data or consent preferences, you can do this on the web site through your account.

Data Privacy and Security

We maintain a comprehensive data management work programme, which includes processes for ensuring that data protection is a key consideration of all new and existing IT systems that hold customers personal data. Where any concerns, risks or issues are identified, we conduct relevant impact assessments in order to determine any actions that are necessary to ensure optimum privacy.

We also maintain an active information security work programme which seeks to protect the availability, confidentiality and integrity of all physical and information assets. Specifically, this programme helps us to:

Protect against potential breaches of confidentiality.
Ensure all IT facilities are protected against damage, loss or misuse.
Increase awareness and understanding across our business of the requirements of information security, and the responsibility of colleagues to protect the confidentiality and integrity of the information that they handle.

We recognise that the security of data and transactions on this website is of primary importance. We therefore ensure that all connections to the site are securely encrypted and authenticated using strong protocols, key exchanges and ciphers. Our servers are updated with the latest security patches and fixes on a regular basis.

Card Payment Security

We hold no customer credit card details in our databases. Both our wallet system and during the checkout process customer credit card details are hosted by our payment gateway company SagePay. SagePay is a level 1 payment service provider (the highest level) under the Payment Card Industry Data Security Standards (PCI DSS). More information can be found in SagePay’s security policy.

In addition we at The Toy Vault EU are proud to have also been awarded a PCI DSS compliant website and our PCI DSS status is examined regularly by Security Metrics, with our compliancy reported to the card schemes annually.

Disclaimers

Every effort is made to ensure that the information provided on this website, and in this Privacy Statement, is accurate and up-to-date, but no legal responsibility is accepted for any errors or omissions contained herein.

We cannot accept liability for the use made by you of the information on this website or in this Privacy Statement, neither do we warrant that the supply of the information will be uninterrupted. All material accessed or downloaded from this website is obtained at your own risk. It is your responsibility to use appropriate anti-virus software.

This Privacy Statement applies solely to the data collected by us, and therefore does not also apply to data collected by third party websites and services that are not under our control. Furthermore, we cannot be held responsible for the Privacy Statements on third party websites, and we advise users to read these carefully before registering any personal data.