The information that we collect about you may include your name, home address, e-mail address, telephone number, as well as relevant financial and credit card information. This is referred to as your “personal data”. We collect this data in a number of different ways. For example, you may provide this data directly when filling in forms on this website, or when corresponding with us by telephone, e-mail or letter.
Even if you do not register with us, we may collect technical information about you such as your Internet Protocol (IP) address which connects your computer or mobile device to the internet, your login information, browser type and version, operating system type and version, the country and telephone code where your computer is located, and information about your visit including products you viewed or searched for, page response times, download errors and length of visits to certain pages.
Currently, we use your data for the following purposes:
To assist in the processing of your order / to carry out our obligations arising from any contracts entered into between you and us. For example, this could include packing and delivering orders, forwarding order details, order fulfilment, the processing of credit/debit card transactions, fraud prevention, registering warranties and the provision of corresponding customer services.
In certain circumstances, it may be necessary for us to provide your information to external companies with which we contract to assist us in providing these critical services to you including payment providers and couriers. We assure you that these companies are not permitted to use your information for any other purpose. For further information please see the section on How We Share Data below.
Where you have given us your specific consent, we will use your data to provide you with marketing services. This allows us to tell you about new products or services that may be of interest to you. Again, we do use a number of external companies to help us provide such marketing services. However, these companies are prohibited from sharing your data with any other company. This means that by consenting to receive marketing from us, you will not receive marketing communications from anyone else.
To ensure that the information contained within this website is presented in the most effective manner for you and for your computer or mobile device. This information allows us to update and improve the contents of our site, and ensure the smooth operation of internal processes, such as troubleshooting, data analysis, testing, research, statistical and survey purposes, and to keep our website as safe and secure as possible. For further information, please refer to the section on Cookies.
Unless you ask us to do so, we will never keep your data for longer than is necessary for us to complete the activity for which your data was collected in the first place. However, sometimes there is a legitimate and/or legal reason that means we need to retain your data. In the coming months, we will add further detail to this Privacy Statement, setting out further information about our practices.
This website uses Google Analytics, a web analytics service provided by Google, Inc. (‘Google’). Google Analytics uses ‘cookies’, which are text files placed on your computer, to help the website analyse how you use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States.
Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
You have the right to ask us, in writing, for a copy of all the personal data we hold about you. This is known as a “Subject Access Request”. Except in exceptional circumstances (which we would discuss and agree with you in advance), you can obtain this information at no cost. We will send you a copy of the information within 30 days of your request.
To make a Subject Access Request, please contact by email at: firstname.lastname@example.org or by post at: Privacy Department (IT), 144 Southwark Street, London, SE1 0UP.
If, at any time, you want to update or amend your personal data or consent preferences, you can do this on the web site through your account.
We maintain a comprehensive data management work programme, which includes processes for ensuring that data protection is a key consideration of all new and existing IT systems that hold customers personal data. Where any concerns, risks or issues are identified, we conduct relevant impact assessments in order to determine any actions that are necessary to ensure optimum privacy.
We also maintain an active information security work programme which seeks to protect the availability, confidentiality and integrity of all physical and information assets. Specifically, this programme helps us to:
- Protect against potential breaches of confidentiality.
- Ensure all IT facilities are protected against damage, loss or misuse.
- Increase awareness and understanding across our business of the requirements of information security, and the responsibility of colleagues to protect the confidentiality and integrity of the information that they handle.
We recognise that the security of data and transactions on this website is of primary importance. We therefore ensure that all connections to the site are securely encrypted and authenticated using strong protocols, key exchanges and ciphers. Our servers are updated with the latest security patches and fixes on a regular basis.
We hold no customer credit card details in our databases. Both our wallet system and during the checkout process customer credit card details are hosted by our payment gateway company SagePay. SagePay is a level 1 payment service provider (the highest level) under the Payment Card Industry Data Security Standards (PCI DSS). More information can be found in SagePay’s security policy.
In addition we at Forbidden Planet are proud to have also been awarded a PCI DSS compliant website and our PCI DSS status is examined regularly by Security Metrics, with our compliancy reported to the card schemes annually.
Every effort is made to ensure that the information provided on this website, and in this Privacy Statement, is accurate and up-to-date, but no legal responsibility is accepted for any errors or omissions contained herein.
We cannot accept liability for the use made by you of the information on this website or in this Privacy Statement, neither do we warrant that the supply of the information will be uninterrupted. All material accessed or downloaded from this website is obtained at your own risk. It is your responsibility to use appropriate anti-virus software.
This Privacy Statement applies solely to the data collected by us, and therefore does not also apply to data collected by third party websites and services that are not under our control. Furthermore, we cannot be held responsible for the Privacy Statements on third party websites, and we advise users to read these carefully before registering any personal data.