This policy explains how bob&lulu collects and uses your personal information.
‘Your personal information means any information about you, that is provided to us by you yourself or by any third parties. It is information that is produced in relation to services offered or provided to you’.
- Customers and prospective customers
- Visitors to our websites
- Applicants for job opportunities
At bob&lulu it is important to us to be transparent in how we process any information we have about you and this policy is intended to help you understand exactly how we do that.
What personal information do bob&lulu collect about you:
Personal Contact Information (Name, Title, Home Address, Telephone Number(s) and email address(es))
Other Personal Information (gender, age, date of birth, marital status, country of origin, nationality, child status, previous addresses, personal references, IP addresses from analytics)
Work Related Information (job title, email address(es), telephone number(s), employer name, work address, work grade/level, salary, length of service, employment history, references)
Payment/Financial Details (bank account details, payment card information, credit scores, account debt)
Contact and Marketing Preferences (whether you have provided or withdrawn consent to our contact methods for example; emails or telephone calls, marketing campaigns, news or competitions)
Social Media Content (if provided by you in accordance an acceptance of this policy, such as reviews and blogs)
Job Application Information (CV’s covering letters, references, interview notes and any supporting documentation)
How do we collect this information:
Bob&lulu collect their information from the following resources:
- Direct contact from you whether it be over the telephone, email, social media, via a contact form on one of our websites or a job application
- Online Purchase– Purchases bought directly on our website
- Your Employer sending us your information in regards to an enquiry or confirmation/payment for services provided by us.
- Mailchimp – We use mailchimp to gather email addresses for marketing purposes. New customers must opt in to receive these emails, through a sign up form on our website. We never add emails we have gathered from any other method of collecting information.
Why we collect this information and how we use it:
The information we collect is used solely for the intention that we gather it for. We never sell personal information to any third party.
Information collected is used:
- To provide you with our products and services.
- To collect any references required for legitimate business reasons.
- To communicate with you about our services & products.
- To comply with client or third party contracted requirements
- To protect our legitimate business interests and legal rights
- To develop our business and provide what our customers want
- To help protect against fraud or other criminal activity
- To comply with any legal obligations
- To comply with any law enforcement agencies if required
- To respond to any data requests from you
- Any other legitimate business reason that complies with our obligations
The cookies in use on our websites are described in below
These cookies are used to store information, such as what time your current visit occurred, whether you have been to the site before, and what site referred you to the web page.
These cookies will use your computer’s IP address to know from where in the world you are accessing the Internet.
Google stores the information collected by these cookies on servers in the United States. Google may transfer this information to third-parties where required to do so by law, or where such third-parties process the information on Google’s behalf.
Cookie Consent– catAccCookies
Used by the Cookie Consent plugin for WordPress to record the acceptance of cookies on the website.
It stops the cookie message showing every time you visit the website.
Opt out of google analytics
For more information on the usage of cookies by Google Analytics please see the Google website. A link to the privacy advice for this product is provided below for your convenience.
- Internet Explorer
- Google Chrome
- Mozilla Firefox
- Apple Safari
How we store and secure the personal information:
At bob&lulu we use multiple services to securely store personal information. These companies are all GDPR compliant and their privacy policies can be checked by visiting their websites:
Emails – We use Googlemail services & Microsoft as our email servers. Read more about their privacy policies here.
Stripe– Stripe is our on-line payment provider that stores information on our customers (name, address, email address and payment information)
Security – As standard, all our company computers, tablets and mobiles, that have access to our data are protected by passwords to ensure client privacy. Employees can not add company emails/calendars to their personal devices. Our websites have up to date SSL certificates that provide robust authentication and encryption, to reassure you that your information and transactions are secure.
Hard Copy Information – Any information we receive that has been printed, is transferred where possible to secure electronic storage. If not possible, printed data is stored securely in our office with limited access.
Bob&lulu have policies and training in place to ensure our staff are aware of their responsibility and obligation to protect your personal information.
How long we store information:
The length of time we store information for depends on the type of information and how/why we received and processed the information.
Marketing Information – Information gathered for Marketing purposes is kept for a maximum of 6 years unless you choose to opt out and then the information will be deleted from our systems. You can opt out from marketing communication at anytime.
Electronic Files and Emails – bob&lulu store active and undeleted files and emails for a maximum of 3 years unless they are of a nature where we are legally obliged to keep them for a maximum of 7 years for legitimate business reasons.
Financial Information – If you have been invoiced for services provided by bob&lulu paid for services via bank transfer, cheque or card payment or been paid by bob&lulul for services provided to us all information relating to this will be retained for a maximum of 7 years in order to comply with our legal obligations.
Complaints – All complaints, responses and relevant communication will be retained for no longer than 3 years from closure.
In any cases not mentioned above all personal information will be stored for the length of time needed for the purpose in which the information was collected. As good housekeeping, every 6 months an information check is completed and any old or irrelevant email records stored locally and on any of our cloud based systems will be deleted.
Who can access the information and how is it shared with them:
Bob&lulu never sell your information to another company or person.
bob&lulu only share your personal information where it is necessary to do so for our legitimate business purposes or when you have provided us with consent to do so. Personal information is shared with the relevant people within our team to allow them to carry out their work as necessary.
As part of our business procedures we do use third party providers to process personal information on our behalf and to assist us in the daily running of the business .This would be the case for the business purposes stated below:
- Process payment and refund transactions
- Provide marketing, financial, audit, operational and technology services
- Analyse and improve the information we hold
- To comply with legal, regulatory or law enforcement
- To oversea the administration and maintenance of our digital services
Please note where we use another organisation to process information, we still control your personal information and we will only share this information with companies in our supply chain that have verified they are operating within the regulation and are handling your information securely. All companies within our supply chain have signed a Data Handling Agreement with us.
GDPR provides you with the right to access the information we hold on you and for it to be removed from our systems at any time. It also gives you the right to request rectification of any incorrect information we hold about you and to restrict processing of your information. We may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
How You Can Contact Us to Access and Control Your Information
If you have any questions, would like to know what information we are holding on you, or you would like to discuss your personal information with us please contact:
Lisa Durward at:
Or write to us at:
32 Ashley Road
If requesting information about the personal data we hold on you, please provide us with the following:
- Full Name
- Email Address
- Telephone Number
- Proof of ID (this must be a certified copy of a passport, driving licence or any other government issued form of identification)
We will process your request within 14 days.
We may update this policy from time to time by publishing a new version on our website.
You should check this page occasionally to ensure you are happy with any changes to this policy.
We may notify you of significant changes to this policy by email.