Privacy

Introduction
February London Ltd t/a Latch ‘The Company’ and any trading names of The Company is committed to protecting the personal data of its customers and complying with the General Data Protection Regulation (GDPR). This policy outlines the procedures that February London Ltd follows to ensure the security and privacy of personal data.

Scope
This policy applies to all personal data that February London Ltd collects, processes, and stores, including customer names, email addresses, phone numbers, and payment information. February London Ltd processes personal data in accordance with the GDPR and obtains customer consent for data processing where necessary.

Data Protection Principles
February London Ltd adheres to the GDPR's seven data protection principles, which include:

  • Lawfulness, fairness, and transparency: February London Ltd collects personal data lawfully and with transparency, and ensures that data subjects are informed of their rights.

  • Purpose limitation: February London Ltd only collects personal data for specific, legitimate purposes and does not process data beyond what is necessary for those purposes.

  • Data minimisation: February London Ltd collects only the minimum amount of personal data necessary for the purposes of processing.

  • Accuracy: February London Ltd ensures that personal data is accurate and up to date.

  • Storage limitation: February London Ltd stores personal data only for as long as necessary for the purposes of processing.

  • Integrity and confidentiality: February London Ltd ensures the security and confidentiality of personal data through appropriate technical and organisational measures.

  • Accountability: February London Ltd is accountable for complying with GDPR and takes responsibility for its data processing activities.

Data Subject Rights
Data subjects have the following rights under GDPR:

  • Right to access personal data: Data subjects have the right to request access to their personal data and receive a copy of that data.

  • Right to rectify inaccuracies: Data subjects have the right to request that inaccurate personal data be corrected or completed.

  • Right to erasure: Data subjects have the right to request the erasure of their personal data in certain circumstances, such as when the data is no longer necessary for the purposes of processing.

  • Right to restrict processing: Data subjects have the right to request the restriction of the processing of their personal data in certain circumstances, such as when the accuracy of the data is contested.

  • Right to object to processing: Data subjects have the right to object to the processing of their personal data in certain circumstances, such as when the data is being processed for direct marketing purposes.

  • Right to data portability: Data subjects have the right to receive their personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.

  • Right to withdraw consent: Data subjects have the right to withdraw their consent for data processing at any time.

February London Ltd responds to data subject requests in a timely manner and at no cost to the data subject, except in certain circumstances, such as when the request is manifestly unfounded or excessive.

Data Security
February London Ltd implements appropriate technical and organisational measures to ensure the security and confidentiality of personal data, including:

  • Access controls to limit access to personal data to authorised personnel.

  • Regular staff training on data protection and GDPR compliance.

  • Regular testing and monitoring of security measures.

  • In the event of a data breach, February London Ltd follows the GDPR's procedures for reporting and responding to the breach, including notifying the appropriate authorities and affected data subjects within 72 hours of becoming aware of the breach.

Data Processing
February London Ltd processes personal data in accordance with GDPR and obtains customer consent for data processing where necessary. February London Ltd only processes personal data for specific, legitimate purposes and does not process data beyond what is necessary for those purposes. February London Ltd does not share or use customer data for any other purpose than its intended, original purpose. Any sharing of customer data with third parties is done in compliance with GDPR and with the customer's explicit consent.

Data Protection Officer
February London Ltd has appointed a Data Protection Officer (DPO) who is responsible for ensuring GDPR compliance and addressing any data protection issues that may arise. The DPO can be contacted at [email protected]

ICO Registration
February London Ltd is registered with the Information Commissioner's Office (ICO) under registration number ZA374098. As a registered data controller, February London Ltd is committed to complying with GDPR and other relevant data protection legislation.

Policy Review
February London Ltd reviews and updates its GDPR policy on a regular basis to ensure compliance with GDPR and to address any changes in the company's data processing activities. This policy was last reviewed in December 2022.

Making a complaint 
The supervisory authority in the UK for data protection matters is the Information Commissioner (ICO). If you think your data protection rights have been breached in any way by us, you are able to make a complaint to the ICO.


This website uses cookies

We use cookies to make this website work, and to understand how you use it. This helps us to improve our service and your online experience. Cookies may also collect limited data about your interactions with websites that we may use to provide you with specific content, or to share relevant offers on other websites and social media. You can read our cookie policy to find out more about the cookies that we will store on your computer or device. For the best experience, we recommend that you accept all cookies.