Security & Privacy

 

Updated: 01/02/2018

Welcome to our Security and Privacy Policy. Below you will find information related to all aspects of security and privacy, such as data protection, email marketing, cookies and information about payment gateways.

We take security seriously and we take precautions to keep your personal information secure. We have put in place appropriate physical, electronic and managerial procedures to safeguard the information that we collect.

We hope that you find this information easy to read and thoroughly covers any queries you may have. If you have any further questions, please do not hesitate to contact us.

The following policy and information applies to Wychanger Barton.

This document includes information regarding and applies equally to Wychanger Barton Saddlery, as well as their two sister companies; Old Dairy Saddlery, and Inch's Saddlery.

This website complies with all UK national laws and requirements for user privacy.

 

Thank you for taking the time to read about our security and privacy.


Security

1. Payment security

We have partnered with Sage Pay who provide our secure payment gateway and also PayPal, who provide our secure PayPal Express Checkout.

All transaction information passed between Wychanger Barton and Sage Pay's system is encrypted using 128-bit SSL certificates. No card information is ever passed unencrypted and any messages sent between this Website and Sage Pay are signed using MD5 hashing to prevent tampering. You can be completely assured that nothing you pass to Sage Pay's servers can be examined, used or modified by any third parties attempting to gain access to sensitive information.

The PayPal Express Checkout is also a completely secure, encrypted checkout method hosted by PayPal and integrated into our website. No information can be examined, used or modified by any third parties attempting to gain access to sensitive information. At no point do we hold any payment details provided by the customer during checkout.

 2. Data security

More information can be found on this in our full data privacy policy below on how we keep your data secure. Rest assured we do everything possible to ensure your personal data is kept secure.

3. SSL Certification

Our website has an SSL Certificate. SSL Certificates are small data files that digitally bind a cryptographic key to an organization’s details. When installed on a web server, it activates the padlock (that you will have seen in your browser URL bar) and the https protocol and allows secure connections from a web server to a browser. SSL is yet another layer of security that we use to give you piece of mind whilst shopping with us.

 

Best Practice

Please Note: Whilst we do everything possible to keep your data secure, there is always a small security risk for anyone using the internet, and there are a number of best practices that you can adhere to that help minimise your personal risk, such as:

  • Using unique passwords, containing different symbols, letters and numbers and upper and lower case, on all online accounts you hold.
  • Using a recognised anti-virus software on your device
  • Never storing your password details where others could access them
  • Avoiding using shared or unsecured wifi networks where possible
  • Always look for an industry recognised payment gateway, for example Sagepay or PayPal.

For more advice on online security, why not take a look at this helpful and informative Guide.

 

External Links

Our website may contain links to other websites or services. You should note that we are in no way responsible for the content or privacy policies these websites/services may have in place and advise that you use caution and refer to these websites own Privacy statements and terms.


Data Protection Policy

Introduction

We endeavour to provide the best customer experience possible at all times. To do this, we may need to collect some personal data from you. We are also committed to complying with the Data Protection Act. Please see the information below to understand how we handle and use your information.

Please note, you can browse our website without disclosing your personal data to us, but if you choose to shop with us, or sign up to our marketing database, then you are accepting the below data protection policy as well as our terms and conditions. We will regularly update our data protection policy and the date that this page was last updated can be found at the very top of the page.

The following information outlines the practices and policies of: Wychanger Barton Saddlery


 

WHY we collect personal data

We collect personal data for the following reasons:

  • To process orders made by customers on our websites, in store or at trade events
  • To provide any follow up service created by orders
  • To handle any customer enquiries
  • To handle warranty related issues and other matters on behalf of the customers
  • To provide advertising and marketing materials for our customers to inform them of relevant news and offers
  • To maintain customer service standards and assist staff training

 

HOW we collect personal data

We collect personal data via the following avenues:

  • During the checkout process of a website order, telephone order, trade stand order on in-store order/purchase. You will be given the option to join our email marketing list at this point.
  • Via competitions at shows using a paper ballet box or iPad linked to our mailchimp account
  • Over the phone or via email for customer enquiries, warranty queries and general matters.
  • We may collect data by asking you to complete a survey or answer a question related to your experience, however you do not have to respond to them if you do not wish to.

 

WHAT personal data we hold

We only hold your details when these details are needed for us to provide you with the desired customer experience. Examples of the data we hold are:

  • Data collected related to an order/purchase. We only store the customer's name and contact details, all other data, such as payment details, are never stored by us in any way.
  • Further to this, for website orders only, Sagepay gives customers the option to save card details for next time, however these are stored securely by Sagepay, our payment gateway provider, and are not stored or held by ourselves at all.
  • Data collected at shows or online via competitions is stored in our Email marketing account and our CMS. This type of information would have been collected for marketing purposes, and so the data we would hold would include your name, email address, and any further details you may have provided us to help us better tailor your marketing experience with us, such as you interests and birthday.

 

HOW we seek consent, record and manage data

To seek consent, we do the following:

  • For marketing subscriptions, by personally entering your details into one of our mailing list sign up boxes on our website, or entering a competition online or at a show, you are agreeing to allow us to store the information that you provided for marketing purposes. You can unsubscribe at any time by clicking here.
  • For purchases and orders, you, the customer, understands and agree to, when providing us with your details, the need to provide us with information for us to successfully complete the order and manage your needs as a customer, as stated in our terms and conditions.

We record/store all data electronically in our CMS and/or in our email marketing account.
Customer orders are printed for order processing purposes, and so these documents contain the customer contact details, address details and order item(s) only. No payment details or other details are stored on this printed copy. For our records printed copies are stored for 5 years at our offices before being destroyed in the appropriate manner.

We manage data in these systems and customers are can:

  • Edit their subscription preferences in mailchimp
  • Unsubscribe from our database in mailchimp
  • Delete their customer account with us on our website(s)
  • Request for their data to be completely erased from our system by calling, telephoning or emailing us at any time. In this instances any physical and/or electronic data will be destroyed appropriately.

 

WHO we share personal data with

We do not share customer data with any third-party sources at any time. Unless we are required to share your personal data by law, we will not otherwise share, sell or distribute any of the information you provide us with at any time without your full consent.

Our CMS is interlinked between all three companies, and this has been done to make data retention as minimal as possible as well as allow the customer to easily shop between all three companies with only one customer account. This way we only need to store your data once. For this reason, if you have registered an account with any of our three sister companies, you can use the same log-in credentials to log-in on any of the three websites, and all your order history and customer information is stored in this one, internally linked, account.

When you place an order online, your payment details and any additional relevant details are sent via encryption to Sagepay, our payment gateway, at the point of payment, and details are stored by Sagepay to keep record of the transaction. These details are never held by us.

We do need to provide our courier, Parcel Force, with your shipping information, however this information is only stored in their system for tracking purposes and is not used by them in any other way.

On the rare occasion where a supplier ships an item direct to the customer for us, the customers delivery details will be provided for the shipment processing only and will not be stored by the supplier at any point.


 

HOW we delete personal data

Upon request to be erased/deleted entirely from our company, we do the following:

  • Permanently remove any record of the customer’s personal details from our CMS
  • Permanently remove any record of the customer’s personal details from Mailchimp
  • Search our company one drive account, where all our files are stored, for the customers Name, email address and postcode to check that no other file exists containing that customer’s detail, as a precautionary measure.
  • Identify any physical record containing your personal details and destroy them, also.

 

Your rights regarding your personal data

You have the right to request:

  • access to your personal data
  • correction of your personal data if it is incomplete or inaccurate
  • deletion of your personal data.
  •  Where we have obtained your consent for the processing of your personal data, you have the right to withdraw your consent at any time.
  • You have the right to object to the processing of your personal data, such as opting-out from the use for direct marketing purposes.

If you have any questions, please contact us for more information regarding your data.


 

Feedback on our data privacy policy

We welcome any feedback or comments on our data privacy policy as outlined above. This document is designed to best protect your security and privacy as our customer and any comments you may have regarding it are encouraged. To contact us, click here.


Cookies

About Cookies and the way we use them

In common with other websites, we do also use "cookies". A cookie is a small file that a Website puts on your device so that it can remember something about you later. Our online ordering system uses a cookie to record a unique reference on your computer so that we can keep track of your order and retain the contents in your shopping basket.

You can control the use of cookies on your computer and can turn them on or off at anytime. Please refer to your Internet browser.

In order that we can monitor and improve the site we may gather certain information about you when you use it including details of your domain name and IP address, operating system, browser version and the website that you visited prior to this site.

Please note: We do not use cookies to store any of your personal or financial information on your device. You can control the use of cookies on your computer by either enabling or disenabling them yourself. However, if you do turn cookies off you may be unable to access certain parts of our website. Cookies cannot be used to identify you personally.

Social networking websites

Social networking websites may place cookies on your computer. Social bookmarks are a way of saving links to web pages that interest you, and sharing those links with other people. You should read their respective privacy policies carefully to find out what happens to any data that these services collect when you use them.

More about Cookies

For a list of cookies we use, please click here.

For more information about how to manage your cookies, visit aboutcookies.org.


Email Marketing

How we use email

If you register to receive email marketing from us, you will be added to the Wychanger mailing list. We will send you emails containing special offers, competitions and other Wychanger news. These emails will inform you of our launch of new products, of special offers, or events taking place. Our standard mailing list schedule is 2 emails per week, we feel this is enough to keep customers informed to their advantage on special offers and events, but equally doesn't overwhelm you with emails. This level may vary, however.

Update your details

We are also in the process of using a more targeted approach to email marketing and wish to get to know our customers better. The more you tell us about yourself, the more we can tailor your personal experience with us. To tell us a little more about yourself, please use the 'update details' link at the bottom of any campaign we send you.

Unsubscribe

If you currently receive our emails and do not wish to continue receiving them, you may unsubscribe at any time, by clicking on the 'unsubscribe' link at the bottom of the e-mail you've received, or by visiting or mailing list page.

Order Processing

In order to process your purchases, we will send you emails related to the processing of your order, such as a confirmation email, delivery information email or return receipt email. We may also need to contact you by email or telephone if we have questions relating to your order.


More about our sister company structure

Wychanger Barton Saddlery, Old Dairy Saddlery and Inch’s Saddlery operate as sister companies. As a result, the three businesses’ websites have been structured in a manner that can maximise the improvement of the customer experience.

1. To make shopping easier, if you have a customer account with Wychanger, your account and so log-in details are automatically valid and the same for Inch’s and Old Dairy.  All your orders and details are stored together in one account section making managing your orders and account easier for you to manage.

2. Any Changes made to your account will be applicable to Wychanger, Old Dairy and Inch’s automatically.

3. When placing an order, if you are logged-in to your account and use a credit or debit card to pay via our secure Sagepay payment gateway and chose to store your details securely for future transactions, then these card details will be useable for you on all websites (Wychanger, Old Dairy and Inch’s) when next shopping whilst logged-in to any site. You can delete your stored card details at any time in your account in the ‘my cards’ section.

4. If you decide to terminate your account, this account will no longer exist for Wychanger, Old Dairy or Inch’s.

5. Our mailing lists are and will remain completely separate; therefore, as a member of the Wychanger mailing list you will never receive marketing emails directly from Inch’s or Old Dairy (unless you sign up to them separately). We may occasionally, however, inform you of an exciting opportunity that Inch’s or Old Dairy has to offer you, for example a competition. Again, in this instance, you will not be added to Inch’s/Old Dairy mailing list.