Privacy Policy

  1. Cookies
    For information on our cookie policy, please check out our cookies page.
  2. Collection of personal data
    We collect your personal information within the terms of the Data Protection Act 1998 and the European General Data Protection Regulation. Via your order we collect your name, telephone numbers, email address, billing and delivery addresses and your willingness for your data to be shared with the Abacus Alliance (see para 4). We collect and retain fraud score information about your payment card.

    We do not collect payment card numbers on our own server. If you choose to save your card data when checking out, it is stored by our payment processor, Stripe. We do not have access to it although we are able to make an add-on charge (or refund you) if your order is amended. We cannot read your password for our website, although if we created it on your behalf during a telephone order, you would need to update it to be sure it was private. You can do this in the My Account section of our site. We urge you not to use the same password as you use for websites that need to be super-secure, such as financial sites.
  3. How we use this data in connection with your orders
    We use this data to process your order including phoning, emailing and sometimes texting you if we have any queries. We keep the data after fulfilling your order to help both you and us should you place a further order. All data is routinely updated either by you or by us at your request.

    We also use your data for marketing purposes. For instance we know from what you have ordered which kinds of fish you prefer and we might use this data to make special offers to you. We keep data on your communications preferences – for instance if you don’t want us to phone you with special offers, we make a record of this.
  4. Sharing your data with the Abacus Alliance.
    Unless you tick the box asking for your data not to be shared with other trusted retailers, we will share your data with the Abacus Alliance managed by Epsilon International UK Ltd on behalf of retailers in the following categories: clothing, collectables, food & wine, gardening, gadgets & entertainment, health & beauty, household goods, and home interiors. Abacus members share information about their customers and what they buy. Epsilon acts as a processor to help members understand consumers’ wider buying patterns. From this information, retailers can tailor their communications, sending individuals suitable offers that should be of interest to them, based on what they like to buy. You can learn more about how Epsilon Abacus processes your personal information in their Privacy Policy, which is available here.
  5. Access to your personal data by internet companies.
    We use outside companies such as Reviews.co.uk to help run our website and marketing, using the personal data gathered by us. If you ask to receive our promotional emails, we retain your email address and purchase history on our account with a marketing email service provider. We advertise on Google, Facebook and similar platforms. These companies may use the data we provide (or you provide if you interreact directly with them - for instance by writing a review on reviews.co.uk or clicking on our adverts) for limited purposes outside our own interests. If you are interested in these matters, we suggest as a starting point that you review the User Privacy Policy of Reviews.co.uk especially paragraphs 2.3, 2.4 and 4.
  6. Access by other companies.
    We pass your address and phone number to a courier company so it can deliver your parcel including calling you if necessary. We reserve the right to share your data with any reputable service provider for the purpose of promoting our objective of supplying you with our products.
  7. Your rights.
    If you want to know what personal information we hold about you or have any other questions about our privacy policy, please ask. At your request, we will delete your information unless we suspect fraudulent use of your account.
  8. In relation to the General Data Protection Regulation
    We are The Fish Society and you can contact us at team@thefishsociety.co.uk or on +44 1428 687768. Our Data Protection Officer is Alistair Blair. We have no joint controllers. We retain data in electronic form on the following categories: customers, employees, job applicants, investors and other parties we may deal with such as suppliers. We maintain and process data in order to run the business efficiently and for no other purpose. The categories of personal data we process are described above as are the recipients. Data which we share with internet companies might be maintained by them outside the EEA. We would not work with any organisation that did not seem to have a good reputation and we would assume that its data processing was compliant with EU legislation.

    We have never experienced the need for an exceptional transfer of data and cannot envisage such a need. We review the personal data we hold every 5-10 years, at which time we would normally delete all data relating to customers we have not dealt with over the previous ten years. Our company security is intended to be comply with the Payment Card Industry Data Security Standard. Sensitive data processed on our website is encrypted. Staff are routinely reminded of the need to protect your personal data. All PCs and key systems such as email and our administration website are protected by passwords. We do not receive data on customers from third parties other than fraud evaluations on card transactions and data from the Abacus Alliance. We do not believe any of our activities creates a high level of risk to our data subjects.
  9. Privacy of job candidate data
    If you apply for a job with us we will keep all the information provided by you and by people and organisations responding to our enquiries about you. We will use this to assess your prospects of working successfully for us and for other purposes directly related to recruitment. We do not carry out automated decision making. We comply with data protection law and principles, including purpose, fairness, security and relevance.

    Your data will not be shared by us with anyone else and will be kept confidential and secure. At your request, we will provide a copy of the information we hold about you. The information will be kept on our server for the long term unless you ask us to erase it no earlier than six months after your application.