Privacy & Cookies
Lemon Sorbet is committed to protecting and respecting your privacy.
This policy explains how, when, and why we collect personal information about you, how we use it, the conditions under which we may disclose it to others, and how we keep it secure.
We may change this policy from time to time so please check our website occasionally to ensure that you’re happy with any changes. By using our website, you’re agreeing to be bound by this policy.
Questions regarding this policy and our privacy practices should be sent by email to firstname.lastname@example.org or by writing to Lemon Sorbet, 125 Montreal Avenue, Bristol, BS7 0NJ, United Kingdom.
How we collect information about you
We collect information about you whenever you:
- Visit our website
- Purchase goods or services from us
- Create a customer account (or we create an account on your behalf)
- Visit our social media channels
- Contact us through our website, social media channels, email, post or phone
- Comment or engage with our social media channels
- Sign up for our newsletter or other marketing material
Where possible we will gain explicit consent to collect this information. Visiting our website, contacting us, and visiting or engaging with our social media channels will imply consent and we will provide notification that we are collecting information about you where possible, for example through the use of a cookie banner.
Types of information collected about you
The personal information we collect can include:
Visiting our website
- IP address
- Computer demographics (browser, screen size, operating system, make, technology)
- Search terms used to find our website and used on our website
- The website or service that referred you to our website
- Location (country, city)
- Language settings of your web browser
- Advertising you clicked on that brought you to our website
- Demographics determined by our analytics partners including age, gender, interests
- Pages you visit on our website
- Time you spend on our website
- Your use of our website
- Items you are considering purchasing (e.g. contents of your shopping basket on our website)
Purchasing goods or services & creating a customer account
- Shipping address, country and postcode
- Billing address, country and postcode
- Email address
- Phone number
- Items you are purchasing or have purchased from us
- Payment method
- Payment information (card number, expiry date, name on card)
Interacting on social media
Social media platforms are owned and operated by the respective platform and will have their own privacy policies associated with that platform. We may collect the following information from platforms that we engage with:
- Social media handle
- Engagement (for example likes and comments)
- Contact address
- Email address
- Phone number
- Social media handles
- Enquiry details
- Contact address
- Email address
- Phone number
- Social media handles
- Demographics (e.g. age, gender, location, interests)
- Items you are considering purchasing from us
Categories of Data Subject
- Prospective customers
How we use your information
We may use your information to provide the following services:
- Online shop
- Marketing websites (e.g. blogs)
- Marketing communication (e.g. emails)
- Order fulfilment
- Customer service
How long do we keep your information
We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations (for example details of orders and purchases for our financial records).
We will hold your personal information on our systems for as long as is necessary for the relevant activity.
Who has access to your information?
We will not sell your information to third parties. We will not share your information with third parties for marketing purposes other than the marketing of Lemon Sorbet.
Lemon Sorbet may use nominated third parties working on behalf of Lemon Sorbet for the purpose of providing services to you. This may include marketing controlled by and about Lemon Sorbet.
Third party service providers working on our behalf
We may pass your information to our third party service providers or subcontractors for the purposes of completing tasks and providing services to you on our behalf. However, when we use third party service providers, we disclose only the information that is necessary to deliver the service. Please be reassured that we will not release your information to third parties beyond this unless you have requested us to do so, or we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
Primary third party providers
We use the following third party providers as part of supplying you with goods and services. They may collect data about you on our behalf and we may share your data with them.
- Shopify - website hosting, shopping application, payment processing
- Google - communication and website analytics
- Royal Mail - postal delivery services
Our store is hosted on Shopify Inc. They provide us with the online e-commerce platform that allows us to sell our products and services to you.
Your data is stored through Shopify’s data storage, databases and the general Shopify application. They store your data on a secure server behind a firewall.
If you choose a direct payment gateway to complete your purchase, then Shopify stores your credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information (payment card details) is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, Mastercard, and American Express.
PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
For more insight, you may also want to read Shopify’s Terms of Service (https://www.shopify.com/legal/terms) or Privacy Statement (https://www.shopify.com/legal/privacy).
We will not directly contact you for marketing purposes by email, phone, text message or social media unless you have given prior consent.
When using social media we may contact you publicly (for example by replying or commenting) but will ask for consent before sending you a direct message unless you have direct messaged us.
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, or visit our website, we imply that you consent to our collecting it and using it for that specific reason only.
If we ask for your personal information for a secondary reason, like marketing, we will ask you directly for your explicit consent.
If you wish to withdraw consent, including withdrawing from marketing communication, then this can be done by contacting customer support at email@example.com
Accessing and updating your information
The accuracy of your information is important to us. You may update your account details through our website if you have an account with us. If the data we hold about you is inaccurate or if you wish to make a Subject Access Request you can contact us by emailing firstname.lastname@example.org
Transferring your information outside of Europe
As part of the services offered to you, and the third parties we use to provide these services, the information which you provide to us may be transferred outside of Europe. Modern websites use content delivery networks and distributed hosting to ensure that all customers are given the best website experience. Our third party providers, including Shopify and Google, are global organisations and host data on servers located across the world.
The security of your personal information is important to us. When you browse our website or enter sensitive information, we encrypt the transmission of that information using secure socket layer technology (SSL).
We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. If you have any questions about security on our website you can contact us at email@example.com
Where you have been given (or chosen) a password which enables you to access certain parts of our website, you are responsible for keeping that password confidential. We ask you not too share your password with anyone.
In accordance with the EU Cookie Directive, we now provide information about how we use these cookies. Where possible, we also provide the means to control whether these cookies are stored. Note that the mechanism used to control cookie usage has to use a cookie to remember your preference.
Cookies created and used by Shopify
- _session_id, unique token, sessional, Allows Shopify to store information about your session (referrer, landing page, etc).
- _shopify_visit, no data held, Persistent for 30 minutes from the last visit, Used by our website provider’s internal stats tracker to record the number of visits
- _shopify_uniq, no data held, expires midnight (relative to the visitor) of the next day, Counts the number of visits to a store by a single customer.
- cart, unique token, persistent for 2 weeks, Stores information about the contents of your cart.
- _secure_session_id, unique token, sessional
- storefront_digest, unique token, indefinite If the shop has a password, this is used to determine if the current visitor has access.
Cookies created and used by Google Analytics
Information on cookies created and used by Google Analytics can be found on the Google Analytics website:
Your web browser can control how and when cookies are created and for what purpose. Settings are web browser specific and further information on how you can configure your web browser can be found on the About Cookies website or by reading your web browser help and tutorial guides.
Links to other websites
You can contact us by writing to the address below:
Data Protection Officer
125 Montreal Avenue