Language
Default Store View
Toggle Nav
Search
Advanced Search
  • My Wish List
  • My Account
  • My Orders
  • Login
  • Create an Account
    • My Cart
    Menu
    Account
    Settings
    Language
    Default Store View
    Free UK Delivery on all orders over £50
    30 Day Money back Guarantee
    24 Hour Hotline 0800 208 8562

    PRIVACY POLICY

    Introduction

    John Mills Ltd (ICO registration Z5266132) (“JML”) is committed to protecting your privacy and handling your personal data transparently and securely. This Privacy Notice explains the personal data we collect, how we use it, who we share this with, how long we keep it and your rights under UK data protection law.

    Contact Details:

    John Mills Ltd
    610 Chiswick High Road 
    London
    W4 5RU

    [email protected]

    UK Customers – 0800 781 7831

    Republic of Ireland Customers – 041 978 0003

    Our data protection policy and procedures are designed to comply with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and all other applicable privacy and data protection laws and regulations.

    1 What information do we collect?

    We collect and process personal data about you when you interact with us and our products and when you purchase goods and services from us.

    The personal data we process includes:

    • Your name
    • Your username and password
    • Your home or work address, email address and/or telephone number
    • Your payment, billing and delivery details
    • Order history
    • Information related to the browser or device you use to access our website;
    • IP Address and website usage data;
    • Marketing preferences
    • Recordings of calls you make to our customer service team;
    • and/or any other information you provide

    2 What is the source of this information?

    The source of this information is either information you have given us directly when placing an order, when you have contacted us, when registering for marketing communications, when you use our website, through cookies and analytics technologies and from trusted third parties such as payment providers, and delivery partners.

    3 How do we use this information and what is the legal basis for this use?

    We process the personal data listed in section 1, for the following purposes:

    • as required to establish and fulfill a contract with you, for example, if you make a purchase from us or enter into an agreement to provide or receive services. This may include verifying your identity, taking payments, communicating with you, providing customer services and arranging the delivery or other provision of products or services. We require this information in order to enter into a contract with you and are unable to do so without it;
    • to comply with applicable law and regulation;
    • in accordance with our legitimate interests in protecting JML’s legitimate business interests and legal rights, including but not limited to use in connection with legal claims, compliance, regulatory and investigative purposes (including disclosure of such information in connection with legal process or litigation);
    • with your consent to respond to any comments, queries or complaints and to investigate complaints relating to our products, services or website, in accordance with our legitimate interests in maintaining customer service standards and resolving disputes.
    • we may use information you provide to personalise (i) our communications to you; (ii) our website; and (iii) products or services for you, in accordance with our legitimate interests;
    • to monitor use of our websites and online services. We may use your information to help us check, improve and protect our products, content, services and websites, both online and offline, in accordance with our legitimate interests;
    • if you provide a credit or debit card, we may also use third parties (such as POS payment providers) to check the validity of the sort code, account number and card number you submit in order to prevent fraud, in accordance with our legitimate interests and those of third parties;
    • we may monitor any customer account to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable law and our legitimate interests;
    • in circumstances where you contact us by telephone, calls may be recorded for quality, training and security purposes, in accordance with our legitimate interests; and
    • we may use your information to invite you to take part in market research or surveys. We do this because it is in our legitimate interests to improve our products and customer experience.
    • We may send marketing communications, where you have consented to receive them, where the soft opt-in applies under PECR or where we otherwise have a lawful basis to do so, including legitimate interests in relation to business contacts.
    • Where we rely on consent to use your information, you have the right to withdraw that consent at any time.

    4 Cookies & Website Analytics

    Our website uses cookies and similar technologies to help our website function properly, improve your browsing experience, analyse website traffic and support our marketing activities.

    Cookies are small text files placed on your device when you visit a website. They help websites recognise your device, remember your preferences and improve website functionality and performance.

    We use the following types of cookies:

    • Strictly necessary cookies – these cookies are essential for the operation of our website and enable core functionality such as security, network management, shopping basket functionality and accessibility. These cookies do not require your consent.
    • Analytics and performance cookies – these cookies help us understand how visitors use our website, monitor website performance and improve the way our website works.
    • Functionality cookies – these cookies allow our website to remember choices you make, such as language or region preferences, to provide enhanced features and a more personalised experience.
    • Advertising and targeting cookies – these cookies may be used to deliver relevant advertising, measure the effectiveness of advertising campaigns and track your browsing activity across websites.

    Where required by law, we will ask for your consent before placing non-essential cookies on your device. You can withdraw or update your cookie preferences at any time through our cookie settings tool or through your browser settings.

    Please note that disabling certain cookies may affect the functionality and performance of our website and some features may not operate correctly.

    Further information about the cookies we use, including their purpose and duration, is available through our cookie banner or cookie settings tool.

    To view cookies used on this website: click here

    5 With whom and where will we share your personal data?

    Personal data may be shared with government authorities and / or law enforcement officials if required for the purposes above, if mandated by law or if needed for the legal protection of our legitimate interests in compliance with applicable laws.

    Personal data may also be shared with third-party service providers (processors) who will process it on behalf of JML for the purposes above. We will only use processors who have demonstrated sufficient compliance guarantees.

    Such third parties include, but are not limited to:

    • our professional advisors, such as our auditors and external legal and financial advisors;
    • marketing and communications agencies where they have agreed to process your personal data in line with this Privacy Notice;
    • market research companies;
    • our suppliers, business partners and sub-contractors; and/or
    • search engine, web analytics and social media platforms.

    In the event that our business or any part of it is sold or integrated with another business, your details will be disclosed to our advisers and those of any prospective purchaser and will be passed to the new owners of the business.

    We do not sell your personal data to third parties for their own marketing purposes.

    6 Klarna Privacy Policy

    In order to offer Klarna’s payment options at checkout, we may share certain personal data with Klarna, including your contact details, billing information and order details. Klarna uses this information to assess your eligibility for its payment methods, administer your payment arrangement and tailor the payment options presented to you.

    Klarna processes your personal data in accordance with its own privacy notice and acts as an independent controller in relation to that processing.

    Further information about how Klarna processes personal data is available in Klarna’s privacy notice: Click here

    7 How long will you keep my personal data?

    We will not keep your personal information for any purpose for longer than is necessary and will only retain the personal information that is necessary in relation to the purpose. We are also required to retain certain information as required by law or for as long as is reasonably necessary to meet regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions.

    Retention periods may vary depending on the type of data and purpose of processing e.g. Orders and transactions will be held for 6 or 7 years for tax and Marketing suppression records may be retained after you opt out to ensure we continue to respect your marketing preferences. Call recordings are held for a minimum of 12 months from the date of the last contact we had with you, the customer.

    8 Data Storage & International Transfers

    Some of the personal data we collect may be transferred to and stored in countries outside the UK and/or the European Economic Area (“EEA”). Where we transfer personal data internationally, we will ensure that appropriate safeguards are in place to protect it in accordance with applicable data protection laws. These safeguards may include:

    • transferring personal data to countries that have been recognised by the UK government and/or the European Commission as providing an adequate level of data protection; or
    • putting in place approved standard contractual clauses or other lawful transfer mechanisms.

    Further information about international data transfers and the safeguards we use is available from our Privacy Team.

    9 Security of your personal data

    We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised or unlawful processing, accidental loss, destruction or damage.

    These measures are designed to safeguard personal data from unauthorised access, disclosure, alteration, misuse or loss and are regularly reviewed to ensure they remain effective and appropriate to the nature of the personal data we process.

    10 What are my rights in relation to my personal data?

    At any point while we are in possession of or processing your personal data, you, the data subject has the following rights:

    The right to be informed

    We will inform you of what personal information we collect and how this is used. This privacy notice is how we inform you of this information.

    We will inform you of any changes to the way we process your data.

    The right of access

    You have the right, with some exceptions and qualifications, to ask us to provide a copy of any personal data we hold about you.

    The right of rectification

    If the information we hold about you is inaccurate or incomplete, you can notify us and ask us to correct or supplement it.

    The right to erasure

    You have the right to request that we erase your personal data in certain circumstances, including:

    1. a) where you withdraw your consent and there is no other lawful basis for processing your personal data;
    2. b) where your personal data is no longer necessary for the purposes for which it was collected or processed;
    3. c) where you object to the processing and we do not have overriding legitimate grounds to continue processing your personal data; or
    4. d) where your personal data has been processed unlawfully.

    The right to restrict processing

    You have the right to ask us to restrict the processing of your personal data in certain circumstances. This means that we may continue to store your personal data but will temporarily limit the way in which we use it.

    This right may apply where:

    1. a) you contest the accuracy of your personal data, and we are verifying its accuracy;
    2. b) the processing is unlawful, but you do not want us to erase your personal data;
    3. c) we no longer need your personal data, but you require it for the establishment, exercise or defence of legal claims; or
    4. d) you have objected to our processing of your personal data, and we are considering whether our legitimate grounds override your rights and freedoms.

    The right to data portability

    In certain circumstances, you have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format and to transmit that data to another organisation, where technically feasible.

    The right to object

    You have the right to object to the processing of your personal data where we rely on legitimate interests as our lawful basis for processing and your particular situation gives rise to the objection.

    You also have the right to object at any time to the processing of your personal data for direct marketing purposes. If you object to direct marketing, we will stop processing your personal data for those purposes.

    The right to lodge a complaint

    You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe that our processing of your personal data infringes applicable data protection laws.

    Rights in relation to automated decision-making and profiling

    We may use automated fraud screening tools during online transactions to help detect potentially fraudulent activity. These checks are designed to protect both our customers and our business from fraud and security risks.

    Where solely automated decision-making producing legal or similarly significant effects is carried out, we will ensure that appropriate safeguards are in place, including the right to request human intervention, express your point of view and contest the decision.

    You have the right to withdraw your consent at any time.

    11 Contacting Us & Complaints

    Should you have any queries regarding this privacy notice, about JML's processing of your personal data or wish to exercise your rights you can contact JML’s Data Protection Team using this email address:

    [email protected]

    If you are not happy with our response, you can contact the Information Commissioner's Office:

    Wycliffe House
    Water Lane
    Wilmslow
    Cheshire
    SK9 5AF

    www.ico.org.uk

    UK Calls - 0303 123 1113

    Outside UK - +44 1625 545 700

    © JML Direct 2024