Hatcher and Sons Limited (“Hatchers”) are committed to complying with the General Data Protection Regulation and associated regulations. Looking after the personal information you share with us is very important to us, and we want you to be confident that your personal data is kept safely and securely and to understand how we use it to offer you a better and more personalised shopping experience.
We have published this notice to help you understand:
• how and why Hatchers collect information from you;
• who we share your information with, why and on what basis; and
• what your rights are.
If we make changes to this notice we will notify you by updating it on our website and having updated hard copies available in store.
Hatchers is the ‘Data Controller’ of the personal data you provide to us and we will sometimes refer to ourselves in this notice as “we” or “us”. By Data Controller, this means Hatchers determines the purposes and way in which any personal data are, or will be, processed.
This notice only relates to the personal data of our customers.
What information do we collect and why?
• If you choose to become a Hatchers Loyalty Cardholder we will ask you to provide some personal information including:
name; address; telephone number and email address so that we may carry out the functions and services we offer for our
• If you shop with us using a credit or debit card, we will securely collect and store payment card information to ensure only
genuine payments are processed
• If you require us to deliver, install or maintain products, or be notified about future stock availability, we will record relevant
personal information to enable us to fulfil these services
• Details of your interactions with us by any means. For example: we collect notes from our conversations with you; details of
any complaints or feedback you make; web pages you visit on our websites and how or when you contact us. This gives us a
better understanding of your requirements of us to enable us to provide you with the best service possible
• Details of your shopping preferences. For example, on which products you earn and redeem your loyalty points; details of
web browser. This lets us better tailor each customer's experience with us in the future - eg we may choose to send you more
appropriate voucher offers based on your purchase history on your loyalty card
• Personal details to help us to recommend items of interest. For example, female loyalty cardholders may be sent more offers
from our ladieswear range than our menswear range
• If you contact us through social media, we record your social media username to help us respond to your comments,
questions or feedback
• We use CCTV for security monitoring purposes in our store and may record your image
When do we collect your personal data?
• When you visit our shop or any of our websites and buy certain products and services
• When you create an account with us
• When you open a loyalty account with us
• When you purchase a product or service from us and require it to be delivered to you
• When you request us by any method to contact you in regarding the availability of stock, or for information about a product or
• When you contact us by any means with other queries, compliments or complaints etc
• When you engage with us on social media
• When you enter any of our prize draws or competitions
• When you choose to complete any surveys we send you
• When you comment on or review our products and services. Any individual may access personal data related to them,
including opinions. So if your comment or review includes information about a member of our staff who provided that service,
it may be passed on to them if requested
• When you fill in a form (EG if an accident occurs in store, we may collect your personal data)
• When you have given a third party permission to share the information they hold about you with us
• When our finance suppliers share information with us about the product/service you place on a finance agreement
• We collect data from publicly available sources (eg: the Electoral Role) when you have given your consent to share information
or where the information is made public as a matter of law
• When you visit us, we may operate CCTV for the security of both customers and staff. These systems may record your image
during your visit
How do we use your information?
We can only use your information where we have a valid reason to do so. The reasons are labelled by law, and include:
• Consent: where you give clear consent for us to process your personal data for a specific purpose, such as maintaining your
loyalty cardholder account with us
• Contract: where we process information necessary for a contract you have with us, or because you have asked us to take
specific steps before entering into a contract. For example, so we may deliver goods you purchase from us to you
• Legitimate Interests: where we have interests in managing our business to provide you with the best service you expect from
us, which may include transferring your data to a third party. For example, we may use your purchase history with us to send
you more relevant offers via our loyalty cardholder scheme
• Legal obligation: the processing is necessary for us to comply with the law (outside of our contractual obligations). For
example for law enforcement purposes
We do not make wholly automated decisions when we process your personal data.
We do not transfer your data to a third party outside of the European Economic Area. We, our suppliers and support partners make use of cloud/hosted technology to store data.
We want to give our customers the best possible customer experience. To help us achieve that we build a picture of who you are by combining the data we have about you. We can then use this picture to offer you promotions, products and services that are most likely to interest you. In the case of loyalty scheme members, we’ll also offer you rewards that we believe are most relevant to you. The data privacy law allows this as part of our legitimate interest in understanding our customers and providing the highest levels of service.
If you wish to change how we use your data, you’ll find details in the ‘What are my rights?’ section below. Remember, if you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide some services you’ve asked for. For example, if you’ve asked us to let you know when an item comes back into stock, we will not be able to do that if you’ve withdrawn your general consent to hear from us.
Here is a list of the ways that we may use your personal information, and which of the reasons described above we rely on to do so:
What we use your Personal Our Reasons
Information for (Legal Basis) Example / Further Explanation
To process your orders Contract If we don’t collect your personal data during the sale process of certain products and services, we won’t be able to
process your order and comply with our legal obligations
Notify you of your order status Consent To enable us to arrange delivery / collection
To process debit and credit card
payment and prevent fraudulent
transactions Consent This helps protect our customers and us from fraud
Manage your account and provide Contract / Your details may need to be passed to a third party to supply
customer services to you Legal Obligation / or deliver the product or service that you ordered. We may keep
Legitimate Interests your details for a reasonable period afterwards in order to fulfil
(depending on nature of services) any contractual obligations such as refunds & guarantees.
Handling your information also enables us to respond to your
subsequent queries, requests & complaints. We may also keep a
record of any future communication with you to record how we
communicated with you.
To protect our business and your Legal Obligation / This includes using your personal data to maintain, update
account from fraud and other Legitimate Interests and safeguard your account
To operate your Loyalty Consent / To analyse your purchases with us and accrue the appropriate
Cardholder Account Legitimate Interests quantity of points, and subsequently issue you money off
vouchers based on your total points accrued. To provide you with tailored offers, printed with your till receipt at the end of a shopping trip; or additional vouchers by mail or email also based on an analysis of purchases made with your Loyalty card. You are under no obligation to take advantage of these offers.
Marketing communications to Legitimate Interests This is another benefit of being a Loyalty Account holder, and
inform you of special offers, new keeps you fully informed of reasons to visit our store
lines and Sales. Also about
enhancements to our services or
website which may be of interest
To send you surveys and feedback Legitimate Interests This helps make our products or services more relevant to you
requests to help improve our
To build a detailed picture of who Legitimate Interests For example, combining this data will help us personalise your
you are and what you like, and to shopping experience with us and decide which content
assist our business decisions, we’ll and offers to share with you
combine data captured from our
contact with you, with third parties
and data from publicly-available lists
To help protect our customers, Legitimate Interests Our in-store CCTV systems may record images for security
assets and staff from crime
To send you communications Legal Obligation For example, updates to this Privacy Notice; product recall notices;
required by law; notifications of and legally required information relating to your orders.
potential safety issues; or updates These service messages will not include any promotional content
which are necessary to inform you and do not require prior consent when sent by any method
about our changes to the services
we provide you
To administer any of our prize draws Consent If we do not record your details, we would not be able to contact
or competitions which you enter you if you were to win
Who we share your information with and why?
We will not share your information with other companies for their marketing purposes. We do work with a number of trusted third parties to provide you the high quality goods and services you expect from us. Some examples of the categories of third parties with whom we share your data are:
• Supplier and Delivery Companies
Most of our delivery and installation services are carried out by our own staff, but in some instances, we work with a number of trusted businesses who supply products and services on our behalf. These third parties will only hold the minimum amount of personal information needed in order to fulfil the orders you place or provide a service on our behalf
• IT Companies
Hatchers works with businesses who support our website and other business systems
• Payment Processing
We use trusted third party payment processing providers in order to securely process credit and debit card payments
• Manufacturers and Suppliers (or nominated insurer)
For the purpose of product warranty registration or providing external cashback/add-on or similar offers
• Finance / Credit
offering you finance
• Marketing Companies
We work with marketing companies who help us manage our electronic communications with you or carry out surveys and
product reviews on our behalf. We also work with marketing companies to manage postal communications with you
• Online Marketers such as Google and Facebook
This will help us show you products that might interest you while you’re browsing the internet or social media. This is based on either your marketing consent with those companies or us, or your acceptance of cookies on our websites
• Law Enforcement / Legal Compliance
We may allow law enforcement bodies to access and use your personal data to detect, investigate and prevent crime. If we
determine that you pose a fraud or money laundering risk, we may refuse to provide the goods or services you have requested
• Transfer or Sale of Business
We may, from time to time, expand, reduce or sell the business and this may involve the transfer of divisions or the whole
business to new owners. If this happens, your personal data will, where relevant, be transferred to the new owner or controlling
party under the terms of this Privacy Notice
How we protect your personal data?
We treat your data with the utmost care and take all appropriate steps to protect it. We know how important data security is to all our customers. For example:
• We secure access to all transactional areas of our websites using ‘https’ technology
• Access to your personal data held electronically is password-protected, and sensitive data (such as payment card information
when held) is secured by SSL encryption
• We use trusted third party card payment processors equipment and software for all in-store transactions
• Any hard copies of your personal data are kept in physically secured storage locations on our property with restricted staff
access until it is securely destroyed at the appropriate time
• We regularly monitor our systems for possible vulnerabilities, attacks and for data breaches
How long we keep your information?
If we collect your personal information, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws.
We may need your personal information to establish, bring or defend legal claims. For this purpose, we will always retain your personal information for up to 7 years after the date it is no longer needed by us for any of the purposes listed under "How do we use your information" above. The only exceptions to this are where:
• the law requires us to hold your personal information for a longer or shorter period
• you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any
of the reasons permitted or required under the law
• we bring or defend a legal claim or other proceedings during the period we retain your personal information, in which case we
will retain your personal information until those proceedings have concluded and no further appeals are possible
• in limited cases, existing or future law or a court or regulator requires us to keep your personal information for a longer or
Some examples of our customer data retention periods include:
When you place an order for certain products or services, we will keep the personal data you give us for five years so we can
comply with our legal and contractual obligations. In the case of certain products, such as electrical and furniture items, we’ll
keep the data for 10 years
• Inactive Loyalty Card Accounts
If you do not use your Loyalty card account for two years, it will be flagged as inactive and we will anonymise the personal data
associated with it
• Warranties and Finance Sales
If your order included a warranty or was paid via a finance arrangement, the associated personal data will be kept until the end
of the warranty / finance period
What are Your Rights?
Your personal data is protected by legal rights, which include your rights to object to our processing of your personal data; request that your personal data is erased or corrected; request access to your personal data.
You are entitled to request the following from Hatchers (these are called your Data Subject Rights and there is more information on these on the Information Commissioners website www.ico.org.uk):
• Right of access - to request access to your personal information and information about how we process it
• Right to rectification - to have your personal information corrected if it is inaccurate and to have incomplete personal
• Right to erasure (also known as the Right to be Forgotten) - to have your personal information erased
• Right to restriction of processing - to restrict processing of your personal information
• Right to data portability - to electronically move, copy or transfer your personal information in a standard form
• Right to object - to object to processing of your personal information
Further clarification points:
• If we choose not to action your request we will explain to you the reasons for our refusal
• Whenever you have given us your consent to use your personal data, you have the right to change your mind at any time and
withdraw that consent
• In cases where we are processing your personal data on the basis of our legitimate interest, you can ask us to stop for reasons
connected to your individual situation. We must then do so unless we believe we have a legitimate overriding reason to
continue processing your personal data
• You have the right to stop the use of your personal data for direct marketing activity through all channels, or selected
channels. We must always comply with your request. Please note, if you wish to opt out of receiving postal marketing from us
for your loyalty account, you will effectively close your loyalty account as we will be unable to send you your vouchers. You may
continue to receive mailing for a short period while your request is dealt with
• To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you
make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to
prove they have your permission to act
For more information or to exercise your data protection rights, please write to:
Data Protection Department, Hatchers, 11 High Street, Taunton. TA1 3PQ
or email us at firstname.lastname@example.org
Our email marketing communications will have an "unsubscribe" link which you may use to stop further marketing emails.
Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.
You also have a right to complain to the Information Commissioner’s Office, which regulates the processing of personal data. The contact details for the Information Commissioner’s Office (ICO), the data protection regulator in the UK, are available on the ICO website www.ico.org.uk where your personal information has or is being used in a way that you believe does not comply with data, however, we encourage you to contact us before making any complaint and we will seek to resolve any issues or concerns you may have.