Privacy Policy & Cookies

The Raw Chocolate Pie Company (“We”) are committed to protecting and respecting your privacy.

This policy ( together with our terms of use and any other documents referred to on it ) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purpose of the Data Protection Act (the Act) and GDPR, the data controller is The Raw Chocolate Pie Company of Chycoggan Studio, Trencrom, Lelant Downs, Cornwall, TR27 6NU, United Kingdom.

Information you provide to us

When using the the forms on our site, whilst emailing us or over the phone you will typically provide us with the following information:

  • Name & billing address
  • Delivery address
  • Email address
  • Email marketing preferences
  • Card summary information, eg last 4 digits, type and expiry, which our payment processor may provide to us

Information we may passively collect

We may collect your IP address and browser user agent string ( eg “Chrome” ) when you submit forms on the site, this is used for anti-fraud purposes and to identify and block abusive users of the site ( anti-abuse, eg form spam ).

Information we may pass on to third parties

When you pay online, we need to supply your billing address to the payment processing company ( we use a service called Stripe, as well as PayPal ), as your bank requires it for anti-fraud checks during processing as part of their address verification system ( to prove that we know your correct address ). The processing company stores the details of the transaction which includes your name and address and summary card details ( brand, last 4 digits, expiry date ) as well as optionally a “continuous authority token” if you have opted to remember your card. If you subscribe to our mailing list/s we will need to pass on your name and email to our mailing list service provider ( we use a service called MailChimp ). They use those details to deliver our email as well as track delivery failures so we can prune no longer functional addresses from our list.

Information third parties may collect

We use a traffic analysis service called Google Analytics, they report aggregate stats about site usage to us, so we do not have the ability to inspect the activity of single “session”, only for instance the number of views a page has had throughout the day with numbers by hour, they may also collect your ip address and browser information to populate network and browser level stats.

Where and how your information is stored

The information you provide to us is stored in the United Kingdom and as such within the European Economic Area (EEA). If you have subscribed to our newsletter your name and email address may be stored in the USA ( at present, but potentially elsewhere ) via our mailing service provider MailChimp. If you pay online, data held by our chosen payment processors Stripe & PayPal may be transferred to or stored outside of the EEA by them or their upstream providers as well as your bank.

Our site as well as that of all of our chosen service providers use SSL/TLS enforced/encrypted connections to protect your information during transit over the Internet. At the time of writing we maintain PCI scan compliance despite not needing to.

On our servers your personal details are partially encrypted ( the high resolution components of your address, telephone numbers and email address ) using currently deemed secure methods ( primarily AES 256 with both site and account level keying ).

Your password, if provided is not stored in a recoverable format, a representation of it is stored hashed using a high workload key derivation function, which includes site and per-account level salting, the method we use is currently ( at the time of writing, mid 2018 ) deemed secure for password storage by current industry standards.

What do we use your information for?

We use your information for processing your orders and sending you orders related as well as requested material, such as emails and possibly letters. If you have subscribed to our special offers or news mailing, your name and email will be used to send you occasional special offers or product news. Any information we may collect passively as indicated in the section/s above are used to maintain a smooth operation of the site and to track errors as well as performance.

Cookies

We use cookies ( temporary “variables” ) required for essential function of the site as well as for customer support and performance monitoring of the site. This includes session cookies, and cookies placed by Google for the function of those services.

Cookie in use by this site: SID_RCP15, ANYA_RCP15 and sessFallback.

You may disable cookies by following the instructions for your chosen web browser, however the site will cease to fully function correctly for you.

Your access to information

The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. All of the information that you have provided to us is also visible to you within your online account if you created one during registration.

Right to be forgotten

If you wish to have us remove any information that we may have related to you, you may request that we remove that information from our systems where possible. Please note that if you have made financial transactions with us we are required to keep detailed records of those and will not be able to remove information related to those. We can remove your email address, telephone numbers along with anything that may be used for email or online marketing purposes upon request.

Changes to our privacy policy

We may change our privacy policy from time to time. We will always update the privacy policy on our website, so please try to read it when you visit the website.

Contact

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to mail@rawchocpie.co.uk