Your personal data will be collected and processed in compliance with the applicable data protection regulations, in particular the General Data Protection Regulation (GDPR).
1 Controller and data protection officer
Zoot Enterprises Limited
31 – 32 Park Row,
Leeds, LS1 5JD, United Kingdom
is responsible for the collection, processing and use of your personal data within the meaning of Art. 4 No. 7 GDPR
Data protection officer:
If you want to object to the collection, processing or use of your personal data by us in accordance with these data protection regulations as a whole or for individual measures, you can address your objection to the Controller.
2 General purposes of processing
We use personal data for the purpose of operating the website, for responding to your establishing contact and in preparation for a business relationship.
3 What data do we use and why
3.1 Operation of the website
The hosting services we use serve to provide the following services: infrastructure and platform services, computing capacity, storage space, security services and technical maintenance services that we use for the purpose of operating the website.
We, or our hosting provider, process contact data, content data, usage data, meta and communication data from customers, prospects and visitors to this website based on our legitimate interests in the efficient and secure provision of our website in accordance with. Art. 6 para. 1 sentence 1 f) GDPR in conjunction with Art. 28 GDPR.
3.2 Access data
When you use this website, information about your interactions is automatically collected and data about your computer or mobile device is saved. We collect, save and use data about every access to our website (so-called server log files). The access data include:
- The name and URL of the file accessed
- Date and time of access
- The amount of data transferred
- Notification of successful access (HTTP response code)
- Browser type and browser version
- Operating system
- Referrer URL (i.e. the previously visited page)
- Websites that are accessed by the user’s system via our website
- Internet service provider of the user
- IP address and the requesting provider
We reserve the right to check the log data retrospectively if there are reasonable grounds to suspect illegal use. We store IP addresses in the log files for a limited period of time if this is necessary for security purposes. We delete the IP address if it is no longer required for security purposes. We also save IP addresses if we have a specific suspicion of a crime in connection with the use of our website.
We use so-called session cookies to optimise our website. A session cookie is a small text file that is sent by the respective server when you visit a website and is temporarily stored on your hard drive. This file contains a so-called session ID, with which various requests from your browser can be assigned to the common session. This enables your computer to be recognised when you return to our website. These cookies are deleted after you close your browser.
We also use persistent cookies to a small extent (also small text files that are stored on your device), which remain on your device and enable us to recognise your browser the next time you visit. These cookies are stored on your hard drive and delete themselves after the specified time. Their lifespan is between 1 month and 10 years. This allows us to present our offer to you in a more user-friendly, effective and secure manner and, for example, to show you information on the page that is tailored to your interests.
The following data and information is stored in the cookies:
- Log-in information
- Language settings
When the cookie is activated, it is assigned an identification number and your personal data is not assigned to this identification number. Your name, IP address or similar data that would enable the cookie to be assigned to you are not inserted in the cookie. Based on the cookie technology, we only receive pseudonymised information, for example about which pages of our website were visited, which pages were viewed, etc.
You can set your browser in the way that you are informed in advance about the setting of cookies and can decide in individual cases whether you deny the acceptance of cookies for certain cases or in general, or that cookies are completely prevented. This can limit the functionality of the website.
3.4 E-Mail contact
If you contact us (e.g. via the contact form or by email), we will process your information to respond to your request and in the event that follow-up questions arise.
If the data processing is to carry out pre-contractual measures that takes place upon your request, the legal basis for this data processing is Art. 6 Para. 1 S. 1 b) GDPR.
We only process other personal data if you consent to it (Art. 6 Para. 1 Clause 1 a) GDPR) or we have a legitimate interest in processing your data (Art. 6 Para. 1 Clause 1 f) GDPR). A legitimate interest lies e.g. for example, responding to your email.
4 Website analysis services
We do not use any website analysis services.
5 Storage period
Unless specifically stated, we only store personal data for as long as it is necessary to fulfil the purposes pursued. In some cases, the legislator provides for the storage of personal data, for example in tax or commercial law. In these cases, the data will only be stored for these legal purposes, but it will not be processed otherwise and will be deleted after the statutory retention period has expired.
6 Your rights as data subjects
According to the EU data protection basic regulation, you are entitled to the following rights:
If your personal data is processed, you have the right to receive information about the data stored about you (Art. 15 DSGVO).
If incorrect personal data is processed, you have the right to have it corrected (Art. 16 DSGVO).
If the legal requirements are met, you can request the deletion or restriction of the processing and lodge an objection to the processing (Art. 17, 18 and 21 DSGVO).
If you have consented to data processing or if a contract for data processing exists and the data processing is carried out using automated procedures, you may have a right to data transferability (Art. 20 DSGVO).
If you wish to exercise these rights, please send your request by e-mail or by post, clearly identifying yourself, to the address mentioned in point 1.
6.1 Right to object
You also have the right to object to the lawful processing of your personal data by us if this is justified by your particular situation and our interests in the processing do not outweigh it. We will then no longer process the personal data unless we can prove compelling reasons for processing worthy of protection which outweigh your interests, rights and freedom, or the processing serves to assert, exercise or defend legal claims.
6.2 Right to withdraw consent under data protection law
You have the right to withdraw your consent to the processing of personal data at any time. This does not affect the lawfulness of data processing based on consent until its revocation.
6.3 Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your residence, your place of work or the place of the alleged violation, if you believe that the processing of your personal data is unlawful. Alternatively, you can also contact the supervisory authority relevant for us:
Information Commissioner’s Office
Wycliffe House, Water Lane
Wilmslow, SK9 5AF
+44 (0) 303 123 1113
7 Data security
We strive to ensure the security of your data within the framework of the applicable data protection laws and technical capabilities. However, we would like to point out that data transmission over the Internet (e.g. when communicating by email) can have security gaps. It is not possible to completely protect data from third-party access. To secure your data, we maintain technical and organisational security measures in accordance with Art. 32 GDPR, which we regularly adapt to the state of the art. We do not guarantee that our website will be available at all times; disruptions, interruptions or failures cannot be excluded.
8 Disclosure of data to third parties, no data transfer to non-EU countries
Essentially, we only use your personal data within our company.
In the event that we outsource certain parts of data processing (“order processing”), we contractually oblige the respective processor to use personal data only in accordance with the requirements of data protection laws and to ensure the protection of the rights of the person concerned. If data is transferred to locations whose registered office or place of data processing is not located in a member state of the European Union or in another contracting state of the Agreement on the European Economic Area, we will ensure that outside of legally permitted exceptional cases, the recipient will have either an adequate level of data protection before disclosure (e.g. through an adequacy decision of the European Commission, through suitable guarantees such as self-certification of the recipient for the EU-US Privacy Shield or the agreement of so-called EU standard contractual clauses of the European Union with the recipient).