Security & Privacy Policies
www.viking-direct.co.uk is a VeriSign Secure Site. You can click the Verisign logo at the bottom left of this page to verify our certificate. We have a commitment to information security and undertake various measures for the purpose of protecting against unauthorised or unlawful processing of personal data and against loss or destruction of or damage to personal data.
We undertake the following measures to ensure a high level of information security for our customers whilst using the Viking Direct Online service.
Credit Card and Personal Information
Pages on our website that request payment information are protected using SSL (Secure Socket Layer) security, which encrypts any data transmitted please see below.
Once you enter a credit/charge card number, we will never display the entire card number if the page is recalled after you have submitted it. This also covers the use of the ackbutton on your browser. The inner digits will always be displayed as asterisks, protecting your card number from other users of your computer or anyone who happens to see the screen.
Secure Socket Layer (SSL) Protection
The purchase area of our website is secure. We use industry-standard Secure Sockets Layer (SSL) technology to encrypt sensitive information such as your name, address and credit card details. Information passed between your computer and our website cannot be read in the event that someone else intercepts it.
Additionally, the Viking Direct fulfilment system is not connected to the Internet and is not accessible in any way, which keeps your information secure once it reaches us.
Some browsers may experience problems with SSL enabled websites. If you are experiencing problems using our online shopping and account facilities under SSL protection, our non-encrypted server is available. Please note that the non-encrypted server does not encrypt your credit/charge card information when transmitted. If you have any queries about this protection please email our Customer Services Team.
There is a compliance or responsible officer who deals with security of information and personal data.
All employees are briefed on the importance of personal data and security and confidentiality of information obtained.
We control physical security in relation to the information and personal data that is contained at our facilities and restrict access to the computer rooms, technology areas, equipment and other facilities where unauthorised access by people could compromise our security.
All proprietary or confidential information, including personal data, is contained on computer and any that is contained and stored on manual files are locked up and secure.
We seek to control access to the information and personal data, including existing procedures for authorising and authenticating users as well as software controls for restricting access and techniques for protecting data such as encryption. We monitor and log access so as to assist in detection and investigation of security breaches and any attempted breaches where they occur.
We endeavour to maintain a business continuity plan as a contingency plan, which identifies our business functions and assets (including personal data) which would need to be maintained in the event of disaster and set out the procedures for protecting and restoring them if necessary.
We train our staff on security systems and have relevant procedures in place. Accordingly Viking staff are aware of information security issues and they can go to the relevant officer with any issues relating to the Data Protection Act/Privacy or personal data.
The foregoing policies are effective for the www.viking-direct.co.uk Website. Viking Direct reserves the right to change this policy from time to time.he policies and terms described above are not intended to and do not create any contractual or other legal rights in or on behalf of any party.
2. ABOUT VIKING
Viking is a trading name of Viking Direct (Ireland) Limited, a company registered in Ireland, with company number 243136. Our postal address and registered office is at 35 Rosemount Business Park, Ballycoolin, Dublin 11. References to Viking, we, us and our, are to Viking Direct (Ireland) Limited. We are the data controller for the purposes of the Data Protection Act 1988 and 2003 (the "DPA").
3. TYPES OF DATA
In this policy: your data refers to any data relating to you or your representatives that we may process from time to time; personal data means your data that is personal data under the DPA; individual subscriber data means your telephone number, fax number or e-mail address, if you are an individual, partnership or an unincorporated association; and corporate subscriber data means your telephone number, fax number or e-mail address that is not personal data or individual subscriber data.
4. OUR COMMITMENT
5. CONTACTING US
If you have any questions about our processing of your data, please contact us using our postal address set out above or using any of the contact methods listed on our web site.
6. HOW DO WE OBTAIN CUSTOMER DATA?
We may obtain your data in the following ways:-
6.1 Account Set-Up
When you set up an internet account with our website to shop on line.
6.2 Newsletter Registration
If you register an e-mail address with us to receive offers and newsletters from us.
6.3 Orders and Enquiries
When you place orders with us, pay for your orders, or make enquiries with us.
6.4 Telephone Calls
We may record telephone calls between you and us, for the purposes detailed in paragraph 8.4(Evidence, Security and Fraud) below.
6.5 Website Browsing
6.6 Credit References
To help us decide whether to accept orders from you or (where applicable) allow you payment credit terms, we may undertake searches and enquiries and obtain whatever references or other information we consider necessary, including carrying out searches with credit reference agencies. You can contact us for details of the credit reference agencies used by us. Credit reference agencies may add to their records details of our search which will then be seen by other organisations making searches, and may be linked to records of others associated with you, including any person with whom you are linked financially and members of your household.
6.7 Self-Generated Data
We may also generate data in relation to you in the course of performing your orders and dealing with any payments, enquiries and problems concerning your orders.
7. WHAT DATA DO WE HOLD?
In order for us to provide the best possible level of service, we gather and hold the following types of information in relation to you:-
7.1 Contact Information
Contact details relating to you, including your postal, invoicing, and delivery addresses, your telephone, mobile, and fax numbers, and your e-mail addresses. If a business account is registered (where you are not a consumer), we will also keep on record details of the business or other organisation, including name and contact details of the business, and contact details of its representatives.
7.2 Creditworthiness Information
Information obtained through searches and enquiries carried out and references or other information obtained by us concerning your credit worthiness.
7.3 Payment Information
Information relating to your payment methods and payments made, including your credit or debit card information and payment history and any credit check information. Note that we only retain your card information for a limited period of time, to process the specific order in which you provided that information, and make any refunds. You can change the settings in your internet account to ask us to keep these details on record for future transactions.
7.4 Order Information
We generate and hold information specific to your orders with us, including a record of those orders (your purchase history), payments made, order tracking, fulfilment, delivery, returns and refunds.
7.5 Web Site Usage Information
We may record your usage of our website, including the products you browse and pages you visit. As part of this, we may also collect information about your computer, including where available your IP address, location, operating system and browser type.
7.6 Relationship Information
We record information relating to any communications and dealings we have with you. This includes enquiries, complaints, and credit checks.
8. WHAT DO WE USE YOUR DATA FOR?
8.1 Customer Relationship Management
Your data is used to provide you with personalised services and to correspond with you. We use it to support and manage your customer relationship with Viking, including to maintain your account, inform you of changes and general news in relation to Viking, and deal with your enquiries and complaints.
8.2 Searches and Assessment
We use your data to help us decide whether to accept orders from you, trace you, verify your ID and address, and (where applicable) to allow you payment credit terms. We may use a credit scoring or other automated decision making system.
8.3 Performing Contracts
We use your data for the purposes of performing, administering, enforcing and managing your orders and their subsequent fulfilment, maintaining a purchase history, and handling any complaints or claims.
8.4 Evidence, Security, Quality, Fraud Prevention and Training
We use your data along with other data we hold for the purposes of evidence, security, quality control, and training.
8.5 Business and Service Improvement
We use your data along with other data we hold, to carry out assessment, analysis and research in relation to our business, products, services, websites and customers, including: to assist in the provision of services and products to you; to facilitate reviews, developments, personalisation and improvements of the services and products offered to you; to improve our websites, including to improve the layout and design of our site, and to ensure that that content from our website is presented in the most effective manner for you and for your computer; and to enhance your user, browsing and purchasing experience, including to provide you with a more personalised service which is tailored to suit your needs. The information we gather is analysed either in the aggregate or at a customer level as appropriate.
We use your data along with other data we hold for the purposes of assessing the effectiveness of and managing advertising by us and by third parties who advertise on our sites, including to help our third party advertisers to reach the kind of audience they want to target (for example, people living in a certain area of the country, and to target the display of advertisements to their target audience).
8.7 Marketing (Individuals, Partnerships and Unincorporated Associations)
With respect to personal data and individual subscriber data, if you have consented, we may use your data to send marketing communications to you from time to time with advertisements, offers and promotions relating to Viking and the products and services we offer for sale (including our regular email newsletter service, which brings to you details of special offers and product promotions as well as information on new products). You are free to opt-out of our newsletter and other marketing communications at any time by contacting us, or changing any settings in your account on our website, or using any unsubscribe link in any marketing e-mail we send to you.
8.8 Marketing (Corporate Data)
Subject to any applicable legal restrictions, if you are not an individual, partnership or unincorporated association, we may use your contact data (including contact data of your individual representatives, and corporate subscriber data), to send marketing communications to you from time to time with advertisements, offers and promotions relating to Viking and the products and services we offer for sale (including our regular email newsletter service, which brings to you details of special offers and product promotions as well as information on new products), and relating to products and services offered for sale by third parties.
We may use your data for the purposes of enforcing any orders from you, and for the purposes of dealing with fraud and complying with any legal obligations applicable to us.
9. WHO DO WE DISCLOSE YOUR DATA TO?
We do not share your data with any third parties except as provided in this policy or as required or permitted by law or as consented to by you. Were we share your data with third parties, such sharing will be limited to such data as is appropriate to the purpose indicated below.
9.2 Order Performance
We disclose your data to third parties such as credit and debit card processing companies, outside suppliers, distributors and delivery companies, in order to perform your orders, collect payment, deal with returns, and provide you with a service, or send any communications to you.
We disclose your data to credit reference agencies and other third parties in connection with any searches, enquiries, references and other information we wish to obtain, to help us decide whether to accept orders from you, trace you, verify your ID and address, and (where applicable) allow you payment credit terms.
9.4 Security, Quality Control and Training
In order to improve security and quality, and carry out training, we may disclose your data to our staff and to third parties providing services to us in that regard.
9.5 Business and Service Improvement
We share your data with other companies within our group and to our trusted third parties, agents, and business partners, for the purpose of accomplishing our objectives set out in paragraph 7.4(Business and Service Improvement). These third parties will only use your data for those purposes and will only have access to such of your data as is relevant to service they are providing. For these purposes your data may be included in aggregate statistics about our sales, traffic patterns, and related website information, but these statistics will include no personally identifying information.
We may share your data with advertisers for the purposes of paragraph 7.5(Advertising). Any data reported to our advertisers will always be in the form of anonymous data only and does not identify you. For instance, we may provide aggregate information about our customers, such as "700 men aged under 25 have clicked on an advertisement on any given day".
With respect to personal data and individual subscriber data, we will not share that data with third parties for use in direct marketing by those third parties for their products and services without your consent. Subject to any applicable legal restrictions, if you are not an individual, partnership or unincorporated association, we may use your contact data (including contact data of your individual representatives, and corporate subscriber data), we may sell or otherwise supply such data to third parties for use by them to send you marketing communication directly concerning products and services offered for sale by such third parties, with or without your consent.
We may use and disclose to third parties any data we hold about you and your payment record for the purposes of administration and enforcement of any sale contracts with you and for other related purposes. We may also supply your data to relevant authorities and other third parties where legally required or reasonably required in connection with any legal process, or any legal obligations binding on us.
10. DATA SECURITY
10.1 Security Measures
We are firmly committed to data security and we aim to follow good industry practice in relation to the prevention of unauthorised access to your data stored in our systems, including using password-protected servers. Please see our Security Policy for further information about the online and offline security measures we adopt to protect your data against unauthorised processing and against accidental loss, destruction or damage.
10.2 Internet Security
Please note that the transmission of information via the internet can never be completely secure. Although we aim to follow good industry practice in relation to the security measures we adopt on our website for the encryption of data for transmission between our website and your computer, we do not guarantee the effectiveness of such encryption methods or the security of your data during transmission or on your computer.
11. WHERE WE STORE DATA ABOUT YOU
Your personal data, may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By placing an order with us, you consent to the processing of your personal data outside the EEA.
12. ACCURACY AND UPDATING INFORMATION
If you have registered an account with our website, you can check the information we store for your account by visiting our website and logging-in. You can amend any inaccuracies through this facility, save for any changes to your invoicing details, which can be changed by phoning our customer care team on 1890 818 130. Alternatively, you can contact us by post or email or using any method set out on our website requesting that we update, modify or delete any account information that is no longer accurate or up-to-date.
13. RIGHTS OF INDIVIDUALS
By law individuals have the following rights in relation to their personal data under the DPA. If you wish to exercise any of these rights, then please contact us using the contact information set out above.
13.1 Access to Your Data
The law gives you a right to be told what personal data we hold about you, subject to certain limitations. We may charge you a fee in accordance with the DPA in dealing with your request.
13.2 Stopping Marketing
If we are sending you marketing communications using your data, the law gives you a right to ask us to stop doing this.
13.3 Damage and Distress
The law gives you a right to ask us to stop using your data for any purpose, where that purpose is causing you unwarranted substantial damage or distress; and the law gives you a right to claim compensation for damage suffered if we breach the law.
13.4 Changes to Your Information
You have the right to ask for the rectification, erasure or blocking of any of your data which is inaccurate.
14. VISITING THIRD PARTY WEBSITES
Our website may, from time to time, contain links to and from the websites of third parties, including our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy and cookies policies and that we do not accept any responsibility or liability for these policies or for any data which those websites may obtain from or in relation to you. Please check these policies before you submit any data to these websites.
16. LEGAL STATUS OF THIS POLICY
This document is not intended to and does not create any contractual rights. This document not affect your rights at law, including under the DPA and the e-Privacy Regulations.