Privacy & Data Protection Policy

Who we are

1. Falk Copper Cookware is a trading style of Europe Copper Limited.

2. For customers within the European Union, Europe Copper Limited operates its business from its EU Head Office at Dijkstraat 52, 3150 Wespelaar, Belgium.

3. All aspects of order fulfilment and day-to-day operations for EU customers, including customer support, are managed from this address.

4. Europe Copper Limited is registered as a data controller with the Information Commissioner’s Office in accordance with the Data Protection Act 2018.  For EU customers, personal data is processed in accordance with the EU General Data Protection Regulation (GDPR).

5. We are committed to providing excellent-quality products and services to our customers, and this commitment extends to how we collect, use and protect your personal information.

6. If you have any questions about how we look after your personal data, you can contact us:

   • By post: at our head office address above, marked for the attention of the Data Protection Officer

   • By email: dpo@falkcopperpans.com

   • By telephone: + 32 2 401 94 42

The information we collect and how we use it

1. When you place an order with Falk Copper Cookware via our website, by telephone or by post, we collect personal information necessary to fulfil your order.

2. The information you share with us may also be used to keep you informed about promotional offers, new products and account-related updates. You can change your preferences or opt out of marketing communications at any time.

3. We collect information including your name, delivery address, email address (for online orders), payment card details and a contact telephone number. This information is required to process your order and, where necessary, to contact you regarding issues relating to your order or delivery.

   Where appropriate, we may share your contact telephone number with our courier or delivery partners solely for delivery-related purposes.

4. If you register an account with us, you may receive occasional communications about special offers, promotions and product updates. You are always in control of how we contact you.

   You can manage your preferences through your online account, opt out at the time of ordering, or unsubscribe using the link included in any marketing email.

5. We use your personal data to:

   • Process and fulfil your orders.
   • Manage your customer account and preferences.
   • Communicate with you about your purchases.
   • Improve our product range and services.
   • Personalise communications and promotions.
   • Verify your identity.
   • Detect and prevent fraud and illegal activity.
   • Conduct research to improve customer experience.
   • Provide customer support.
   • Comply with legal and regulatory obligations.

6. When processing orders, we rely on contractual necessity as our lawful basis. For marketing and business improvement activities, we rely on legitimate interests.

7. Our legitimate interests include operating and improving our business, providing a secure and effective service, and offering products and communications relevant to our customers.

8. Where we rely on legitimate interests, we carefully balance these against your rights and expectations. We will not process your personal data where your interests override ours, unless required or permitted by law.

9. For example, we may use your information to tailor marketing communications or to protect you from fraud. These activities are designed to benefit both you and our business.

10. We may receive personal data from third-party partners where they have informed you that your data may be shared for marketing or advertising purposes and where they have a lawful basis for doing so.

Security of your information

1. Our website uses secure server software and encryption to protect your personal data during transmission. We also apply appropriate technical and organisational measures to safeguard the information we store.  These measures are designed to comply with the EU GDPR and applicable data protection laws.
   

   We will never sell your personal data or share your email address or telephone number with retail partners.

2. Internally, access to personal data is restricted to authorised staff who require it to perform their duties. Security controls and access permissions are reviewed regularly.

Your rights

1. You have several rights under data protection law.  If you are located in the European Union, these rights arise under the EU General Data Protection Regulation (GDPR).  If you wish to exercise any of these rights, please contact us using the details above.

2. Right to be informed
   This policy explains how we process your personal data. We review it regularly and update it as required.

3. Right of access
   You may request a copy of the personal data we hold about you. We will normally respond within one month, although this may be extended for complex requests. If we refuse a request, you will be informed of your right to complain to the Information Commissioner’s Office.

4. Right to rectification
   If you believe the information we hold about you is inaccurate or incomplete, please let us know and we will correct it.

5. Right to erasure
   You may request deletion of your personal data, subject to legal and regulatory obligations. In some cases, we may need to retain limited information for compliance or fraud-prevention purposes.

6. Right to restrict processing
   You may ask us to restrict how we process your data, for example to stop marketing communications while still allowing order fulfilment.

7. Right to object and profiling
   We may use profiling to personalise offers and communications. You can object to this at any time. Please note that doing so may limit the relevance of communications you receive.

8. You have the right to request that we provide the personal data you have given us in a structured, commonly used and machine-readable format (for example, CSV or JSON). You may also ask us to transmit this data directly to another data controller, where it is technically feasible to do so.
   

   This right applies to personal data that you have provided to us and that we process on the basis of your consent or for the performance of a contract. If you wish to exercise this right, please contact us using the details in section 1.6.
   

   You also have the right to lodge a complaint with your local supervisory authority within the European Union if you believe your personal data has been processed unlawfully.

Data retention

1. We retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, or as required by law. The retention period will depend on the nature of the data and the reason for processing.

2. As a general guide:

   • Order and transaction records are retained for seven years from the date of purchase, in line with HMRC requirements and applicable tax legislation.
   • Customer account information is retained for as long as your account remains active. If your account is inactive for more than three years, we may contact you to confirm whether you wish to keep it open before taking any further action.
   • Marketing preferences and consent records are retained for as long as you remain subscribed to our communications. If you unsubscribe, we will retain a limited record of your opt-out to ensure we respect your preferences.
   • Website analytics and cookie data are retained in accordance with our Cookie Policy. Most analytics data is anonymised and aggregated.

3. When personal data is no longer required, we will securely delete or anonymise it. Where deletion is not immediately possible (for example, because the data is held in backup systems), we will ensure it is isolated and protected until deletion can be carried out.

International transfers

1. Our EU operations are based in Belgium, and personal data relating to EU customers may be stored or processed within the European Union, Switzerland or the United Kingdom.

2. In some circumstances, your personal data may be transferred to, stored in, or accessed from countries outside the European Union. This may occur, for example, where our service providers (such as payment processors, cloud hosting providers or email delivery platforms) operate or maintain servers in other jurisdictions.

3. Where we transfer personal data outside the European Union, we ensure that appropriate safeguards are in place to protect your data in accordance with EU GDPR. These safeguards may include:

   • Transfers to countries subject to an EU adequacy decision.
   • Standard contractual clauses approved by the European Commission.
   • Other lawful transfer mechanisms recognised under applicable data protection law.

When we share your personal data

1. We share personal data with trusted service providers where necessary, including couriers, payment processors, fraud prevention services and IT providers.

2. All third parties are required to protect your personal data and only use it for specified purposes.

3. We may share personal data with regulators or law enforcement agencies where required by law or where necessary to protect our business or customers, including for the prevention or investigation of fraud or other illegal activity.

Registered office and statutory information

1. Europe Copper Limited is a private company registered in England and Wales (company number 08479418).

2. Our registered office is at 483 Green Lanes, London, N13 4BS, United Kingdom.