Privacy and Cookies

Privacy Policy Summary

Last updated: 2nd November 2021.

This is the privacy policy of Branded Garden Products Ltd, trading as Suttons. This policy sets out our procedures regarding the collection and use of your personal information when we send you information in the post, when we contact you electronically and when you access our website www.suttons.co.uk. Branded Garden Products Ltd is a company registered in England & Wales whose company number is 00358372 and our registered office is 3rd Floor Cumberland House, Cumberland Place, Southampton, England, SO15 2BG. The trading address of Suttons is Woodview Road, Paignton, Devon, TQ4 7BG.

Branded Garden Products Limited, (trading as Suttons ) is registered as a data controller on the UK Data Protection Register. Our registration number is Z6288594.

Our privacy policy will explain in detail to you what happens to the personal information we collect about you when you visit our website, receive postal information, and order or enquire about our goods and services:

• What information we collect

• The legal basis for processing we use in relation to processing your personal data

• How we use your personal information and how long we keep it for

• Who we share your information with and on what basis

• How you can control our use of your personal information

• Your rights

• Who to contact if you want more information

This Privacy Policy comes into effect from 1st October 2021. This policy applies to all the personal information we collect and process about you when we engage with you, either as a customer or an enquirer. If you would like to know more about this policy, please contact us. You can view the detailed privacy policy below.

When we collect your personal information

We collect personal information about you as soon as you access our website www.suttons.co.uk using a smartphone or computer and also when you call our customer service team. The specific information we collect depends on whether you are a customer or a website visitor. If you buy a product from our website or catalogue, you become a customer of Suttons. The specific information we collect is detailed below in the What personal information we collect section of this document.

When does this privacy policy apply?

Our Privacy Policy relates to personal information gathered from your use of our website www.suttons.co.uk or if you order from our catalogue by phone or by post, either as a customer or an enquirer. The policy extends to cover your personal information when it is moved from our website and stored for subsequent processing within our IT infrastructure in the UK and when we process information about you directly into our IT systems. Our Privacy Policy does not extend to external links on our website to other organisations outside of our control. Please ensure that you take time to review the privacy policies of external sites to www.suttons.co.uk as their privacy policies may differ from ours.

What personal information we collect on our website

The personal information we collect from you when you access our website comes in two parts: the information you give us when you complete our website forms, and the information we automatically gather from the device you use to access our website.

Information you give Suttons: this includes the following data items (although you can visit and use our website without giving us this information, if you do not place a transaction or an enquiry during your web visit to us):

• Your first name or initial, and surname

• Your email address

• Your telephone number

• Your postal address

• Payment details: if you order products from our website, your payment details will be processed by our payment processors Realex, Paypal and GlobalPay. Suttons does not store any of your payment details; we are given a transaction ID by our payment processor.

Information from your device: when you access a website using a smartphone, TV (browser enabled), tablet, laptop or desktop computer, your device will exchange information with www.suttons.co.uk to maximise the speed of the site and provide the optimum navigation for your device. Without this information, Suttons cannot ensure the optimum browsing experience and ease-of-use when buying products. To do this, our website may acquire the following information:

• IP (Internet Protocol) address: your IP address indicates your location, unless you are using a VPN service

• Device: what type of device you are using (TV, smartphone, laptop, desktop)

• OS (Operation system): what operating system your device has (IOS, Android, Windows, Linux, MAC OS X)

• Browser & browser version: which web browser you are using (Internet Explorer/Edge, Opera, Chrome, Safari, Firefox)

• Domain: depending on your device and browser settings, we sometimes identify the web address of the domain you came from before landing on our website

• Clickstream data: this is a list of all the web pages that you visited, and the order you viewed them in, on each visit to www.suttons.co.uk. We also record how much time you spend on each web page, and record any actions you make on each page. We also record what items you place in the web shopping basket, even if you do not purchase them

• Cookies: these are small text files that our website places on your device, so that our website can remember something about you at a later time and optimise the website for your visit. There are also some third-party cookies we place on your device. For more information on the specific cookies that we use and their function, please see our Cookie Policy

Preferences on our website: you can change how we stay in touch with you, and what we inform you about by emailing info@suttons-seeds.co.uk or calling 0333 043 0700.

What personal information we collect by post and by phone

Information you give Suttons: if you order via the catalogue order form or phone our call centre we collect the following information about you;

• Your first name or initial, and surname

• Your email address, if you want to access the MyOrders function to track your order online, we will need to store your email address as this is used as part of the sign-in process for this function

• Your telephone number

• Your postal address

• Payment details, if you order, your payment details will be processed by our payment processors Realex, and GlobalPay. We do not store any of your payment details, we are given a transaction ID by our payment processor. If you attach a cheque to your order coupon, this is banked, no details of your bank account are stored by us.

Preferences by catalogue and by phone: you can change how we stay in touch with you, and what we inform you about via the preferences section of our website (see above). If you do not want to do this, you can change your preferences on the order form in the catalogue or by phoning our customer service team 0333 043 0700.

Why we collect your personal information

There are several main purposes for gathering your personal information: for marketing activities, deliveries, profiling, and for transaction processing.

Transaction processing: when you purchase a product from our website or catalogue, you become a customer of Suttons, so we retain personal information on you whilst you remain an active customer of ours and also for a short time when you no longer order from us. When you make an enquiry about a product of ours, we also retain the personal information you give us in your enquiry for a limited period of time. Our Data Retention policy below explains how long we keep your personal information. In all cases for transaction processing, our legal basis for processing your personal data is contract.

Deliveries: We will need to print your name and address on delivery notes and despatch labels, in order to deliver any goods you order from us. Please note that in order to resolve delivery queries once goods are on their way to you, that we may print your phone number on the despatch label to aid the courier in the event of a query about your delivery. You may receive an email from our courier with updates on your delivery including information to enable you to track your order. Our couriers destroy any personal data provided by us once your goods have been delivered.

Marketing activities: we have separated out each marketing activity that your personal data is used for below. Note that any customers or website visitors who don't want to receive marketing communications from us can email info@suttons-seeds.co.uk to update their preferences. Suttons will never send you a marketing communication that doesn't have a method of opting out from our marketing communications contained within it.

Profiling: we plan to build profiles from all the information that we have about you, so that we can do two things; firstly we want to surface product advertisements and gardening hints and tips to you via social media. Secondly we want to develop a 1:1 communications programme with you, so that can send you email communications that are specific to you. We believe this will make our dialogue with you more personal and more accurate. You can opt out of having your data used in profiling at any time by emailing info@suttons-seeds.co.uk or calling 0333 043 0700. The legal basis for processing is legitimate interest.

Social media: we want to increase our engagement with you on social media, which we hope we will help us reduce the number of catalogues we produce in the medium term. So, you may see product advertisements & gardening hints and tips from us on some social media platforms, including Facebook. You can opt out of targeted Facebook advertising by following the link here: https://www.facebook.com/help/568137493302217. You can opt out of targeted Instagram advertising by following the link here: https://help.instagram.com/245100253430454. The legal basis for processing is legitimate interest.

• Catalogues: we will provide our customers with at least one full range catalogue each year. The legal basis for processing is legitimate interest

• Product offers: from time to time Suttons will send you discounted product offers via email or post. These offers are based on our knowledge of the products you have ordered or enquired about and your visits to our website, if you have visited it. The legal basis for processing is legitimate interest

• Inserts: Suttons will sometimes include inserts from carefully selected and reputable organisations into your deliveries. Please note that at the time of writing, it is not possible to opt out of these inserts. The legal basis for processing is legitimate interest.

• Newsletters: we will email customers and enquirers newsletters containing horticultural tips and growing/maintenance instructions for our products. The legal basis for processing is legitimate interest.

• Competitions: Suttons sometimes offer competition entry via both email, the website and coupon. Competition entry is sometimes conditional on providing us with additional demographic information about you, which in turn allows us to further customise our communications and product offers to you. The legal basis for processing is legitimate interest.

• Surveys: We occasionally survey portions of our customer and website visitor database to find out more about your experience using Suttons and to find out how we can improve our service delivery to you. The legal basis for processing is legitimate interest.

• Site optimisation: the device-level information we automatically gather about you allows us to optimise the speed and performance of the website for you. The legal basis for processing is legitimate interest.

• Web analytics: we use cookies and the device-level personal information to build a profile of your use of the site, including any transactions that you make, so that we can personalise our marketing offers to you, and to customise your website visits. To find out more please see our Cookie Policy. The legal basis for processing is legitimate interest.

• Anonymous web analytics: Suttons aggregates and anonymises all your activity on our website for traffic analysis, to help measure and improve the website performance. We also use this anonymised data to monitor the effectiveness of our advertising. Your personal data is anonymised in this process, so there is no requirement under GDPR for a legal basis for processing.

• Business Insight: your personal data and any order history goes into our business insight platform. We use this application to gain detailed insight into how to improve our product and service offering to you, and to also create statistical models to predict your likely purchasing intentions in the future. You can request that your data is removed from this business insight process by emailing info@suttons-seeds.co.uk or calling 0333 043 0700. The legal basis for processing is legitimate interest, you can request that we remove your details from our business insight process.

• Data sharing: we sometimes share customer data with other reputable organisations mainly in the following sectors; charities, clothing, collectables, food & wine, gardening, gadgets & entertainment, health & beauty, household goods, home interiors and financial products planning for your future, for the purposes of postal marketing. You can opt out of this marketing at any time either online, via our order forms, or by contacting our customer service team: info@suttons-seeds.co.uk or on 0333 043 0700. The legal basis for processing is legitimate interest.

How we protect and where we store your personal information

The personal information we collect about you is stored within our secure UK IT Data Centre. No identifiable personal information is stored or shipped to non-UK/EU locations. Your personal information is stored in databases which are encrypted at rest, providing the highest level of security. All personal information is moved to and from our website www.suttons.co.uk via an HTTPS connection, which means that the transfer of data is also encrypted. Access to your personal data held on databases managed by Suttons or its' authorised subcontractors, is granted only when there is a need to use the data, no permanent access exists.

Suttons is amending our IT policies to further protect your personal information by adopting 'Privacy by Design', an information management standard that seeks to anonymise personal data held in commercial databases to further protect that information. You can find out more about this anonymization process by following this link.

How long we keep your personal information

Suttons will only use your personal information for as long as you remain a customer, and for a short time after your last order. The maximum amount of time that Suttons will retain your personal information in a data archive is seven years, except in the event of a legal dispute. This seven-year limit is based on the legal requirement to maintain details of transactions as described in the Companies Act 2006. We have listed below how long we store your personal information for, which depends on your relationship with Suttons.

If you made a purchase from us: we will keep the information you gave us and details of what you bought for up to seven years from the date of the last transaction with us. After that time your personal data will be anonymised, but we will keep your purchase and marketing history.

If you enquired about a product, but did not make a purchase: we will keep the information we have on you as an enquirer for up to three years. After that time your personal data will be anonymised, but we will keep your enquiry and marketing history.

If you wrote to us: we will keep any correspondence with you for six years, although we do keep this information longer if your correspondence is a complaint.

Sharing your personal information with other organisations

Subcontractors: Suttons use carefully selected subcontractors to assist in the management and structure of business information for its' own marketing purposes. The information these subcontractors process includes the personal information we gather about you and your transaction and web history with us. By 'marketing' we mean the specific purposes outlined in the Marketing Activities section of this document. Details on these subcontractors are as follows:

Epsilon Abacus, whose registered office is 67 Broad Street, Teddington, TW11 8QZ, for the purposes of business insight and data aggregation. Epsilon is registered as a data controller, Z6627112.

We work with Epsilon Abacus (registered as Epsilon International UK Ltd), a company that manages the Abacus Alliance on behalf of UK retailers. The participating retailers are active in the clothing, collectables, food & wine, gardening, gadgets & entertainment, health & beauty, household goods, and home interiors categories. They share information on what their customers buy. Epsilon Abacus analyses this pooled information to help the retailers understand consumers' wider buying patterns. From this information, retailers can tailor their communications, sending people suitable offers that should be of interest to them, based on what they like to buy.

Epsilon Abacus host their data centre in Dublin, Ireland, so within the EEA. However, some employees of their USA and India affiliates (which are listed here http://resources.epsilonabacus.com/epsilon_abacus_vendors) have got access to the servers held in Dublin because they provide technical support to Epsilon Abacus. This type of "screen access" qualifies as a transfer of data under the GDPR, even if no files are "moved" outside the data centre.

GDPR allows data to be transferred outside the EEA in the absence of an adequacy decision by the Commission when "appropriate or suitable safeguards" are present (see Article 46). Data transfers to Epsilon affiliates based outside the EEA take place in accordance with Epsilon's Interaffiliate Data Processing and Transfer Agreement, which incorporates the Standard Contractual Clauses (aka "EU Model Clauses"). We believe that these measures satisfy the requirements in regards to "appropriate safeguards".

Qbase Data Services, whose registered office is 31-33 Bold Street, Warrington, Cheshire, WA1 1HL, for the purposes of building a single customer view database, business insight platform and list rental marketing. Qbase is registered as a data controller, Z842993.

UK List & Press Services Ltd, whose registered office is c/o Reynolds Accountancy, Ground Floor Windmill House, 127-130 Windmill Street, Gravesend, Kent, DA12 1BL, for the purposes of list rental marketing. UKLPS is registered as a Data Processor, Z9354490.

Red Eye International, whose registered office is Oak House, Crewe Hall Farm, Crewe, CW1 5UE, for the purposes of email marketing. Red Eye is registered as a data controller Z9006942.

Feefo, whose registered office is Feefo Barn Heath Farm, Heath Road East, Petersfield, Hampshire, England, GU31 4HT, for the purposes of conducting customer satisfaction surveys on our products and overall service delivery. Feefo is registered as a data controller Z2323576.

Garden Compass Limited (trading as Smartplant), whose registered office is Aissela, 46 High Street, Esher, Surrey, United Kingdom, KT10 9QY, for the purposes of providing horticultural updates and advice to customers. Garden Compass Limited is registered as a data controller, ZA477697.

Awin Ltd, whose registered office is 5th Floor, 2 Thomas More Square, London, E1W 1YN, for the purposes of affiliate marketing is registered as a data controller, Z7616503. To find more about Affiliate Windows Fair Processing Notice in the Advertiser Fair Processing Notice please click here.

Branded Garden Products companies: periodically Suttons will share its' customer information with other Branded Garden Products companies who have products and services that are relevant to the clothing and home & garden markets. Those companies will then send you marketing information by your preferred method (post or email), on products that are directly related to your purchases with Suttons. You can opt out of these communications at any time, by emailing info@suttons-seeds.co.uk or calling 0333 043 0700. The group companies most likely to contact you are: Thompson & Morgan, Van Meuwen, Dobies, The Organic Catalogue, Garden Gear, and Happy Beaks.

Facebook UK Ltd: whose registered office is 10 Brock Street, London, NW1 3FG, for the purposes of providing custom audiences on the Facebook social media platform. Facebook is registered as a data controller, ZA265194.

Twitter International Company: whose registered office is 1 Cumberland Place, Fenian Street, Dublin 2, D02 AX07, Eire, for the purpose of providing custom audiences on the Twitter social media platform.

Mention Me Limited, whose registered office is 20-22 Wenlock Road, London N1 7GU, for the purposes of referral email marketing. Mention Me host their data centre in Ireland, so within the EEA. Mention Me also use Mailjet (based in France) for the purposes of sending referral-related emails to end users participating in the refer-a-friend programme. Mention Me is registered as a data processor, ZA004639.

Commify UK Ltd (trading as Text Marketer), whose registered office is 20 Wollaton Street, Nottingham, NG1 5FW, United Kingdom, for the purposes of SMS marketing. Commify UK Ltd is registered as a data controller Z5483210.

Requesting a copy of your personal information

You can contact Suttons using the information below, to request a copy of the personal information we hold on you. If you request this information, you will need to provide proof of your identity. We will return the information to you electronically in a text file. You are legally entitled to request this information under the General Data Protection Regulation, there is no charge for this service.

To request copy of your personal information, please email us at info@suttons-seeds.co.uk with your request. Please be sure to include your full name, email address and postal address.

We will supply you the following information:

• Your contact details: which may include your email address, phone and mobile numbers, your previous address, your previous or second email address, your communications preferences and the date your contact details were last updated

• Your transaction history: if you have ordered from us, you will receive details of your order, including products purchased, date of purchase and the cost of the products

• Your marketing history: if we have marketed to you, we will send you details of the catalogues and emails we have sent you

• Email correspondence: we will search our email server to see if your email address is in any email message headers, if we find it, we will send you the email(s)

To request a copy of your personal information via post, please write to: Data Protection Officer, Suttons, Woodview Road, Paignton, Devon, TQ4 7BG.

How to control your personal information on the Suttons website

If you do not want to receive communications from Suttons, you can change your preferences by emailing info@suttons-seeds.co.uk. You can also opt-out directly from emails and SMS messages that we may send you and you can use the opt-out section of the order form in our catalogues. Lastly, you can phone our customer service team on 0333 043 0700.

Your rights

This privacy statement reflects the rights that you have under the General Data Protection Regulation, which specifically charges Suttons with providing you access to your personal information, and to ensure that your data is used appropriately & securely with specific reference to the rights of you, the data subject. Those rights regarding your personal data are as follows:

The right to access a copy of your personal information that we hold

The right to object to our processing of your personal data, if doing so causes you distress

The right to prevent Suttons processing your data for direct marketing purposes

The right to object to decisions being taken using automated means that includes your personal data

The right to have inaccurate personal data rectified, or destroyed

The right to have your data erased from our IT infrastructure

The right to data portability

The right to be informed about the collection and use of your data

You can find out more about your rights regarding your personal data in the UK from the Office of the Information Commissioner www.ico.org.uk.

Definitions

In this section of our privacy policy we want to explain what some of the terms in the policy mean, for the avoidance of any doubt. If you cannot find the definition you require, or are still unsure about the meaning of any aspect of this privacy policy, please info@suttons-seeds.co.uk to request more information.

Data Controller: under the General Data Protection Regulation (GDPR), organisations that collect, process and store your personal information are defined as Data Controllers, which makes Suttons the Data Controller for your personal data collected from our website.

Data Subject: GDPR classifies individuals as data subjects. So you, the customer or enquirer of Suttons are a data subject under GDPR if you purchase or enquire about our products.

Data Processor: a data processor is an organisation other than the data controller, who processes your personal data on behalf of the data controller. A good example of this is PayPal, who are one of the payment processing options for any products that you buy online. The data processors who handle your personal information gathered by our website have the same duty of care in handling your personal information.

Our Contact details:

Suttons is part of Branded Garden Products Ltd.

Address:
Woodview Road, Paignton, Devon, TQ4 7NG

Registered in England and Wales: 284448

Customer Services: 0333 043 0700*

* Monday- Friday 8.30am to 5pm. Charges to 03 numbers are the same as UK standard landlines numbers starting in 01 or 02. Mobile providers may vary.

Cookie Policy

What are cookies

Cookies are tiny text files stored on your computer when you visit certain web pages. At suttons.co.uk we use cookies to keep track of what you have in your basket, and to remember you when you return to our site.

To order products on suttons.co.uk, you need to have cookies enabled - see the section on Managing cookies. If you don't wish to enable cookies, you'll still be able to browse the site and use it for research purposes. Most web browsers have cookies enabled, but see Managing cookies for help to turn them on should you need to.

Please note that cookies can't harm your computer. We don't store personally identifiable information such as credit card details in cookies we create, but we do use encrypted information gathered from them to help improve your experience of the site. For example, they help us to identify and resolve errors, or to determine relevant related products to show you when you're browsing. We may also use technologies, such as our own cookies, to provide you with personalised online display advertising tailored to your interests.

We do have relationships with carefully-selected and monitored suppliers who may also set cookies during your visit to be used for remarketing purposes - in other words to show you different products and services based on what you appear to be interested in. If you'd like to opt out, please go to the Network Advertising Initiative website (opens in a new window - please note that we're not responsible for the content of external websites).

We're giving you this information as part of our initiative to comply with recent legislation, and to make sure we're honest and clear about your privacy when using our website. We know you'd expect nothing less from us, and please be assured that we're working on a number of other privacy and cookie-related improvements to the website.

What cookies do we use and why?

To make full use of the online shopping and personalised features on suttons.co.uk, your computer, tablet or mobile phone will need to accept cookies, as we can only provide you with certain personalised features of this website by using them.

Our cookies don't store sensitive information such as your name, address or payment details: they simply hold the 'key' that, once you're signed in, is associated with this information. However, if you'd prefer to restrict, block or delete cookies from suttons.co.uk, or any other website, you can use your browser to do this. Each browser is different, so check the 'Help' menu of your particular browser (or your mobile phone's handset manual) to learn how to change your cookie preferences.

Here's a list of the main cookies we use, and what we use them for. You'll find information about 3rd party cookies below.

Strictly Necessary cookies

Strictly Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies. Please see below a list of all the Strictly Necessary cookies we use on our website:

Explore Suttons

Not found what you're looking for? Use our quick links to explore Suttons further.

What our customers say

"Very impressed with the quality of leek and broad bean seeds you sent. Excellent germination and look forward to a bumper crop. Will certainly be back."

E. Smyth

“I bought all my seeds, potatoes, etc. from your catalogue last year for my new ‘larger’ vegetable garden. I have to say I have never had such success in the garden. The germination was excellent; the quality of plant stock and produce is superb."

Sadie

“I am compelled to write to you and your staff for the exemplary service provided by your company, in an age where the word and term ‘service’ has lost its meaning.”

M. Willingham

Suttons Gardening Club

Become a Member