privacy policy  

Here at Huffkins we take your privacy extremely seriously. We will never transfer your data to a third party.

If you choose to subscribe to our email newsletter, Huffkins will use the information you provide on the sign up form to be in touch with you and to provide updates and marketing.  You can change your mind at any time by clicking the unsubscribe link in the footer of any email you receive from us, or by contacting us at accounts@huffkins.com. We will treat your information with respect. By signing up you agree that we may process your information in accordance with these terms. We use MailChimp as our marketing automation platform. By signing up to our email newsletter, you acknowledge that the information you provide will be transferred to MailChimp for processing in accordance with their Privacy Policy and Terms.

cookie notice


This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser.

GDPR STATEMENT

What is GDPR? 
The General Data Protection Regulation (GDPR) is an European Union (EU) regulation (2016/679) that enhances current data protection laws and rights for EU citizens. This enhances data protection rights for data subjects and obligates companies to be more transparent.

When will the GDPR take effect? 
The General Data Protection Regulation (GDPR) comes into force on the 25th of May 2018.

Why does this affect me? 
GDPR applies to anyone who holds or processes the data of an EU citizen, regardless of whether you are based in the EU or a third country, and enhances the data rights of all EU citizens. More information can be found on the EU’s website.

How is Huffkins preparing for GDPR?

  • We have updated our terms and conditions, privacy policy and cookie policy.
  • We have updated internal processes to ensure your updated rights are protected for the GDPR.
  • We have nominated a Data Protection Officer (DPO) who is responsible for GDPR compliance within Huffkins. You can talk to them by emailing accounts@huffkins.com.
  • We are training all staff on the requirements of GDPR and data privacy procedures.

Does the GDPR require storage of personal data in the EU? 
No, however GDPR does set out conditions for the transfer of personal data outside of the EU. An array of mechanisms exist to allow for data to flow from the EU to third countries securely, and without loss of the data subjects fundamental rights, the most common of which is via an adequacy decision or via the EU-US Privacy Shield.

What is an adequacy decision? 
An adequacy decision allows for data to flow from an EU country to a third country on the basis that the data protection regulation in that third country is sufficiently adequate to safeguard the rights of an EU data subject. Once the EU commission has determined that a country has sufficiently adequate data protection legislation in place, transfers may occur between the EU and the third country as if the country was an EU member state.

What is the EU-US Privacy Shield? 
The EU-US Privacy Shield is a framework which allows for data transfers from the EU to the US whilst protecting the rights of EU data subjects. This ensures that EU subjects whose data is transferred to the US maintain their fundamental data protection rights, whilst obligating companies who receive data from the EU to comply with strong data protection requirements.

Where is my data stored? 
If you are a British or EU citizen and have informed us as such, your Personal Data will be stored, processed or transferred to/on servers based in the European Economic Area (“EEA”), on servers based in countries which comply with the European Commission’s adequacy decisions or in the US in accordance with the EU-US Privacy Shield. 
If you are not a British or EU citizen and have informed us as such, your personal Data will be stored, processed or transferred to/on servers based in Australia, on servers based in the European Economic Area (“EEA”), on servers based in countries which comply with the European Commission’s adequacy decisions or in the US in accordance with the EU-US Privacy Shield. 
When using third party providers to support the services we provide to you, we ensure that any third party is fully compliant with the GDPR as required by law.

How to I make a query in relation to my data? 
If you have any queries regarding any of your personal data you can contact us at accounts@huffkins.com with your request. We will respond within 30 days of us receiving your message.

When will Huffkins be ready for GDPR compliance? 
Huffkins will be fully compliant with GDPR when it comes into force on the 25th May 2018.

Are you registered with a Data Protection Authority? 
Yes, we are registered with the Information Commissioner’s Office in the United Kingdom under the company name Freebrights Ltd.

Any other Questions? 
If you have any further questions, feel free to contact the Data Protection Officer at Huffkins who can be found by emailing accounts@huffkins.com.