We are The Helpful Book Company Ltd, incorporated in England and Wales, company number 08747103, registered address 13B Devonshire Road Estate, Millom, Cumbria, LA18 4JS, phone 01229 777606.
How we collect your information
We collect your information when you complete our online forms, purchase our products over the phone or by filling in a paper form and posting it to us, request information about a product from us by phone or by filling in a coupon, when you pay for an order by phone or by post and when you join a service (for example our Tech Inner Circle) by phone or online and when you sign up for a free email newsletter by phone, post or online. Also when you leave comments on one of our blogs or on the Inner Circle “Clubroom”.
We also collect data that we obtain using cookies on our website.
The information we collect varies depending on the source but may include your name, address, email address, phone number, credit card details, what products you wish to order and any comments you leave on our blogs. We may also collect information that helps us provide the correct product or service such as what version of Windows or other operating systems you use or what device you use.
What we do with it
We use the information to send you the products you have ordered from us. If you have signed up to the free email newsletter then we use that information to send you emails including tips, advice and information about new or existing products from The Helpful Book Company.
We store your information on our servers in the UK. Some information is also stored in backups located in the Republic of Ireland. We also have some information stored on our cloud service provider’s servers in the USA (only ones who have signed up to the EU’s Safe Harbor policy or the subsequent EU Privacy Shield).
We may also use your details to send you information about new products you may find interesting in the post (or by email if you have signed up to an email newsletter). We may use details of previous orders you placed to avoid sending you information we don’t think you would find interesting and this may be automated based on what products you have ordered in the past.
We use your card details to place payments you authorise - they are then destroyed.
We keep this data as long as is necessary to provide the services properly and in some cases as long as legally required for tax or administrative purposes. In particular we keep details of customers’ orders and payments for 7 years as per HMRC guidelines (this does not include card details).
Giving us this data is not a statutory requirement however without this data we will not be able to provide the relevant service or product - eg without your address we cannot post products to you.
The lawful basis for most of our actions is your consent - for example you consent for us to post you the products you have ordered or the information you have requested. We undertake some actions under “legitimate interest” as defined under GDPR regulations. For example if you should forget to pay for an order, we may write to you to remind you.
Our legitimate interests under the GDPR are commercial - in particular delivering a great service to our customers, securing the rights of the business, maintaining the profitable nature of the business and protecting the rights of the employees. It may also include contacting particular customers by post to inform them about new products they may be interested in.
Whom we share it with
We share some data with organisations we work with to help deliver our services. These include:
- The Royal Mail, mailing/despatch companies and delivery couriers in order to deliver your package or “information pack”.
- IT service providers that help us with our internal IT needs
- Cloud providers that help us backup information (this is in encrypted form)
- Payment service providers that process your payment information on our behalf (eg banks for cheques and credit card companies for card payments)
- Lawyers representing us in the event of a legal claim or dispute
- Regulators and law enforcement agencies (if there is a legal reason to share your data with them)
- Data destruction companies when we no longer need to keep your data and have it properly destroyed.
You have certain rights concerning the data we have about you. These include:
- The right to withdraw any consent. If you have consented to us using your data (for example by placing an order) then you have the right to contact us and cancel that consent.
- The right to be forgotten. You can contact us to let us know that you wish us to remove all data we hold on you.
- The right to request a copy of all the data we hold on you.
- The right to complain to the Information Commissioner’s Office (ICO) about our behaviour (but of course if it’s something we can put right, it would be great if you’d let us know instead or first).
Phew - you’ve read it all! You probably deserve a cup of tea now (but only if you consent...)