Protecting Your Privacy
The European Union (EU) established The General Data Protection Regulation (GDPR) privacy law on May 25h 2018. This law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:
1. Consent Collecting and processing your personal data for a specific purpose with your consent. For example, when you tick a box to receive email newsletters.
2. Contractual Obligations Using personal data to meet a contractual obligation. For example, when you order a Cwtchy Care Kit for a friend, we’ll collect address details to deliver your gift, and pass them to our courier.
3. Legal Compliance Passing on data because the law requires us to do so. For example, we could pass on the details of someone involved in fraud to the police.
4. Legitimate interest Collecting data to explore our legitimate interests. We'd always do this in a way which might reasonably be expected as part of running our business and which does not impact your rights, freedom or interests. For example, we collect data about how our website is used to help us develop new products and improve customer experience.