Last updated 7th June 2018
The thebookyard.com web site (referred to as ‘the Site’) is operated by The Bookyard Ltd. (referred to as ‘We’/‘Us’/‘Our’) who act as the data processor and whose principal place of business is at: ‘Unit 18 Matchworks, 140 Speke Road, Liverpool L19 2RF ‘ We can be contacted on 08456 800 256 or via email@example.com
This policy informs the user of the Site (referred to as ‘You’/’Your’) of the procedures and security measures We employ to comply with the General Data Protection Regulations (GDPR).
Where the Site contains links to other web sites, these other site are not governed by this policy and You should view the particular privacy policies of those sites for further information.
Collection, Use and Retention of Personal Information
Personal information is data that can be used to identify or contact a single person.
You will be asked to provide the following pieces of personal information when ordering products/services from the Site or when making contact with Us through the Site contact form.
1) Ordering info
- IP address (obtained automatically from Your WEB browser)
- Telephone number
- Email address
Personal information gathered during the Site ordering process is used solely for the purpose of fulfilling the order, allowing You to manage that order and place subsequent orders.
Your name, address, telephone number and email address will be supplied to UPS or Royal Mail to facilitate delivery of your order.
Your email address will be used to provide status updates during the processing of Your order up until it has been delivered.
Your email address and telephone number may be used to contact you if there is a query or problem processing Your order or to appraise you of the progress of your service (e.g. repairs).
Your Password is stored encrypted on Our systems and allows You to log into the Site to review your order history, raise return requests and place subsequent orders without the need to re-enter all your personal information. We do not use Your personal information for unsolicited correspondence.
Personal information gathered during the Site ordering process constitutes Our proof of sale to You which we are required to keep for at least 6 years for tax purposes. We will retain this information indefinitely unless otherwise instructed to provide account history and simpele order placement capability to our customers.
2) Enquiry info
- IP address (obtained automatically from your WEB browser)
- Email address
Personal information transferred to Us by email via the Site contact form is only used to provide email replies to Your query. Since these enquiries often form part of the agreed terms for a subsequent sale, We retain these emails for at least 5 years unless otherwise instructed.
We do not use Your personal information for unsolicited correspondence.
Protection of Personal Information
We take the security of Your personal information very seriously. Our Site operates via https and We protect Your personal information during transit using encryption such as Transport Layer Security (TLS).
When Your personal data is stored by Us, We use computer systems with limited access housed in data facilities using physical security measures. Our data centre is operated by UK Servers Ltd. and their GDPR statement can be seen at https://www.ukservers.com/gdpr-statement
Any paper printout containing Your personal information including shipping labels or order confirmation emails are destroyed by cross-cut shredder.
Subject Access Requests
Under EU data protection law, You can make an Access Request for a report on all personal data We hold for you, and We will execute this in a timely manner.
You may also request that We delete all the personal data We store for you and We will comply where We are not required to retain the data by law or for legitimate business purposes. We may decline to process requests that are frivolous/vexatious, jeopardize the privacy of others, are extremely impractical, or for which access is not otherwise required by local law. We may also decline aspects of deletion or access requests if We believe doing so would undermine Our legitimate use of data for anti-fraud and security purposes as described earlier. Access and deletion requests should be made directly to firstname.lastname@example.org.
Data on Your device sent for repair
If you send Us your device for repair, We advise You to backup all data before shipping it to Us due to the risk of loss of data during transit by courier (hardware is insured). We employ strict data handling procedures for all devices We receive and upon delivery to Our secure, alarmed (police response) premises, all devices are transferred directly to Our “hot zone” cage where they remains until being repackaged for return to You. This area and access to it is under 24/7 CCTV coverage and access is restricted to Our DBS checked, vetted engineers.
If any additional data media is found with/in Your device (e.g. cards/usb/disks), the storage item will be assigned it’s own asset ID and will remain within Our “hot zone” until it is returned to You with Your device. Unless instructed by Yourself to do so, We never access any data stored on your hard disk, SSD, memory card, USB stick or optical disk, and all testing of computers is carried out using an external boot drive. Solid state devices such as the iPhone, iPad, Apple TV, Apple Watch etc. can only be operated using their internal storage and so any stored personal data may be accessible while we work on your device.
Cookies and Other Technologies
If you want to disable cookies you can do so through your web browser preferences although the method will change from browser to browser.
As is true of most internet services, We gather some information automatically and store it in log files. This information includes Internet Protocol (IP) addresses, browser type and language, Internet service provider (ISP), referring and exit websites,, operating system and date/time stamp.
We use this information to understand and analyse trends, to administer the site, to learn about user behaviour on the site, to improve Our service, and to gather demographic information about Our user base as a whole.
In some of Our email messages, We may use a “click-through URL” linked to content on the Site. When customers click one of these URLs, they pass through a separate web server before arriving at the destination page on Our website. We track this click-through data to help Us determine interest in particular topics and measure the effectiveness of Our customer communications. If you prefer not to be tracked in this way, you should not click text or graphic links in the email messages.