Privacy Policy

WUNDER-BAUM AG Privacy Policy

 

This is the privacy policy for http://www.little-trees.euhttp://www.wunderbaum.com, and http://www.arbremagique.com (“Privacy Policy”). It explains who we are, how we obtain and use personal data about you, why we are allowed to do so by law, who has access to your personal data, and what your rights are. Please review it carefully. 

You have the right to object to us processing your personal data for our legitimate business purposes or for direct marketing purposes (including any related profiling we do to help ensure that our marketing is relevant to our customers’ interests). For more information about your right to object and how you can exercise it, please see the section “Your rights”.

 

About us 

We are WUNDER-BAUM AG, a division of H. Young (Operations) Limited, a private limited company incorporated in (and subject to the laws of) England and Wales with registration number 00706712 (referred to in this Privacy Policy as "we", "us" or "our"). Our registered address is at Buckingham House, West Street, Newbury, Berkshire RG14 1BD, UK.

 

We take your privacy very seriously and comply with applicable data protection law when handling your personal data. We are the “data controller” of the personal data we collect about you, which means that we determine the purposes and the means of use of the personal data we collect about you for the purposes of applicable data protection law. This Privacy Policy contains details of our practices and what your rights are.

 

What personal data we collect and how

Personal data is any information which identifies you personally whether directly (for example, your name) or indirectly (for example, information about your use of our website, products, and services).

We collect the following personal data from you:

  • Basic contact details: If you send us an email message through our website, we collect the following personal data from you: your name, title, country, and email address.
  • Correspondence and feedback: We collect any additional personal data that you may provide to us from time to time if you contact us by email, letter, or telephone, through our website, or by any other means. We also obtain information about you from other sources:
    • Cookies: When you visit our website, we collect information about your browsing activity using cookies. Please see our Cookie Policy to find out more.

 

Why we use your personal data

We use your personal data for the following purposes:

 

  • To manage and improve our website, available services, and communications

We rely on the use of personal data to build a clearer picture of our customers both as a group and as individuals, including by using cookies and similar technologies to analyse your use of our website and services and our communications with you.

This enables us to serve you better as a customer as the information we gather helps us to work out how we can improve our website and the information technology systems (including security) that are used to operate it and the services we provide through the website. It also helps us to improve the effectiveness of our communications to you.  

Please see our Cookie Policy to find out more about our use of cookies and how you can manage your cookie preferences.

 

  • To provide and improve customer support

We use your personal data to be able to provide and improve the customer support we provide to you (for example, where you have questions about our products and services).

 

  • To respond to enquiries, complaints, and disputes

We use the personal data we hold about you to help us address any enquiries or complaints you have made, or deal with any dispute which may arise in the course of us providing our products and services to you. 

 

  • To maintain our records and improve data accuracy

Like any business, we process personal data in the course of maintaining and administering our internal records. This includes processing your personal data to ensure that the information we hold about you is kept up to date and accurate.

 

  • To comply with our legal obligations and to detect, prevent, and investigate other actual or suspected violations of law or misuse of our website

In certain circumstances, we use your personal data only to the extent required in order to enable us to comply with our legal obligations, including to detect, prevent, and investigate fraud or to facilitate the exercise of your consumer rights. In addition, we may need to use your personal data to detect, prevent, and investigate any other actual or suspected violations of law or misuse of our website.  

 

Legal grounds for using your personal data 

Data protection law requires us to only process your personal data if we satisfy one or more legal grounds. These are set out in data protection law and we rely on a number of different grounds for the processing we carry out. These are as follows:

 

Necessary for the purposes of our legitimate business interests

It is sometimes necessary to collect and use your personal data for the purposes of our legitimate interests as a business, which are to:

  • provide our customers with services that are as useful and beneficial as possible;
  • develop and improve our website;
  • safeguard the security and effective operation of our website;
  • better understand our customer base by addressing any enquiries or complaints our customers make and conducting research into, and analysis of, the personal data we collect so that we can improve our services, the selection of products available on our website, our marketing activities, and other communications (all of which could also benefit you);
  • ensure effective operational management and internal administration of our business, document retention, compliance with regulatory guidance, and exercise or defence of legal claims; and
  • for the purposes of sending your details to our distributor in your country.

 

Please note that where we wish to rely on this legal ground, we are required by data protection law to consider whether our legitimate interests are overridden by your interests or your fundamental rights and freedoms. We may continue to process your personal data on the basis of our legitimate interests only if we determine that your interests, rights, and freedoms are not overridden by our legitimate interests.

 

We have considered these matters and where we think there is a risk that your interests or fundamental rights and freedoms may be affected, we will not process your personal data unless there is another legal ground for us to do so (either that we have obtained your consent to the processing or it is necessary for us to perform our contract with you or to comply with our legal obligations).

 

Who we share your personal data with and where it is stored?

 

The personal data we collect about you is stored on servers located within the UK/EEA.

We may from time to time provide your personal data to:

  • our services providers and distributors who perform certain business services for us and act as “data processors” of your personal data on our behalf

In addition, we may disclose your personal data:

  • if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to protect the rights, property or safety of our business, our customers, or others. This includes, in specific cases, sharing information with law enforcement or regulatory agencies, or authorised third parties, in response to a verified request relating to a criminal investigation or actual or suspected violation of law or misuse of our website that may expose us and/or any customer or third party to legal risks or liability; and   
  • to successors in title or replacement operators of all or part of our business.

 

In some cases, the personal data we collect from you may, for the purposes set out above, be transferred outside the European Economic Area (“EEA”) and such destinations may not have laws which protect your personal data to the same extent as in the EEA. We are required by data protection law to ensure that where we or our “data processors” transfer your personal data outside the EEA, it is treated securely and is protected against unauthorised access, loss or destruction, unlawful processing, and any processing which is inconsistent with the purposes set out in this Privacy Policy.

 

The table below sets out details of the third parties to whom we currently disclose your personal data. The table also explains how these recipients use your personal data, whether or not they are our "data processors", any processing they perform outside the EEA, and the safeguards that are used to protect your personal data if this happens. This information may be updated from time to time.  

 

Please ask us if you would like more information about the safeguards that are used to protect your personal data when it is processed outside the EEA (please visit the Contact us page).

 

Name of recipient

Type of recipient

 

Why your personal data is shared

 

Location of processing

Safeguards used to protect personal data processed outside the EEA (if applicable)

 

CAR-FRESHNER Corporation

Data Processor

Processing customer enquiry

UK/USA

Covered by GDPR compliant contract/agreement

Oomph and Pantheon

Data Processor

Website developer/hosting service

UK/USA

Covered by GDPR compliant contract/agreement

Various non-EEA distributors        (please see distributor page)

Data Processor

Processing customer enquiry

Europe and Africa

Covered by GDPR compliant contract/agreement

Various EEA distributors        (please see distributor page)

Data Processor

Processing customer enquiry

UK/EEA

Covered by GDPR compliant contract/agreement

 

How long we keep your personal data 

We retain your personal data for no longer than is necessary for the purpose(s) for which it was provided. What this means in practice will vary between different types of data. When determining the relevant retention periods, we take into account factors including:

  • legal obligation(s) under applicable law to retain data for a certain period of time;
  • statute of limitations under applicable law;
  • the warranty period for any products you have purchased from us;
  • potential or actual disputes; and
  • guidelines issued by relevant data protection authorities.

Otherwise, we securely erase your personal data from our systems when it is no longer needed.

 

Your rights 

You have the following rights with regard to your personal data:

 

Rights

What does this mean?

Right to be informed

 

You have the right to be provided with clear, transparent, and easily understandable information about how we use your personal data and your rights. This is why we are providing you with the information in this Privacy Policy.

Right of access

You have the right to obtain access to the personal data that we hold about you and certain other information (similar to that provided in this Privacy Policy).

Right to rectification

You have the right to request that we rectify any personal data that we hold about you if it is inaccurate or incomplete.

Right to erasure

This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of the personal data that we hold about you. This is not a general right to erasure; there are exceptions. For example, we have the right to continue using your personal data if such use is necessary for compliance with our legal obligations or for the establishment, exercise, or defence of legal claims.

Right to restrict processing

You have the right to restrict further use of your personal data where you believe the data that we hold about you is inaccurate, our use of such data is unlawful, or if we no longer need to use the data for the purposes for which we hold it. When processing is restricted, we can still store your personal data, but may not use it further.

Right to data portability

You have the right to obtain and reuse the personal data that we hold about you in a structured, commonly used and machine-readable format, and (where technically feasible) to have such information transmitted to another "data controller", where: (a) this is personal data you provided to us; (b) we are processing such data on the basis of your consent or to perform a contract with you; and (c) the processing is carried out by automated means.

Right to object to processing

You have the right to object to us processing your personal data for our legitimate business purposes or for direct marketing purposes (including in each case any related profiling).

Right to withdraw consent to processing

If you have given your consent to us to process your personal data for a particular purpose (for example, in respect of marketing communications), you have the right to withdraw your consent at any time (although if you do so, it does not mean that any processing of your personal data up to that point is unlawful).

Right to make a complaint to the data protection authorities

You have the right to make a complaint to the Information Commissioner’s Office (ICO) if you are unhappy with how we have handled your personal data or believe our processing of your personal data does not comply with data protection law.

 

For more information about your rights or if you would like to exercise any of your rights, you are welcome to contact us using the contact details set out below.

 

Please note that if you ask us to stop using your personal data in a certain way or erase your personal data, and this type of use or personal data is required by us in order to facilitate your use of our website in any way, you may not be able to use our website as you did before. This does not include your right to opt out of receiving marketing communications from us, which you can do so at any time without restriction.

 

How you can contact us

If you would like to exercise your data protection rights or if you are unhappy with how we have handled your personal data, please contact us by:

  • emailing: info@wunder-baum.eu
  • writing to: WUNDER-BAUM AG Buckingham House, West Street, Newbury, RG14 1BD, UK; or
  • calling: our general enquiries line on +1 315 788 9438.

 

If you’re not satisfied with our response to any enquiry or complaint or believe our use of your personal data does not comply with data protection law, you can make a complaint to the Information Commissioner’s Office (ICO) by:

  • writing to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF; 
  • calling: +44 303 123 1113; or submitting a message through the ICO’s website at: www.ico.org.uk.

 

Children’s personal data

We do not knowingly collect personal data from children under the age of 16. If you become aware that your child or any child for which you have parental responsibility has provided their personal data to us without your consent, please contact us using the contact details set out above.

 

Links to other websites 

Our website may, from time to time, contain hyperlinks to third party websites or websites for other divisions of H. Young (Operations) Limited. This Privacy Policy does not apply to your use of those other websites. We encourage you to read the privacy statements on the other websites you visit, as they will govern the use of any personal data you provide when visiting those websites.

 

Changes to this Privacy Policy 

This Privacy Policy may be updated from time to time so you may wish to check it each time you provide personal data to us. We will post the updated terms on our website.   

 

This Privacy Policy was last updated on the 8th of December 2021.