This privacy policy sets out how Onestep Earth Ltd (“oneStep”) uses and protects any information that you give oneStep when you use this website. oneStep complies with all applicable UK data protection legislation, including General Data Protection Regulation (GDPR). oneStep is committed to ensuring that your privacy is protected. We may amend this policy from time to time by updating this page therefore you should check this page occasionally to ensure that you are happy with any changes.

what information we collect

If you choose to create an account with oneStep or place an order, we will collect your name, address (billing & shipping), telephone number, email address and credit/debit card details. When you place an order you may choose to pay via PayPal instead of using a card. You may also checkout as a guest if you do not wish to create an account with oneStep. If necessary, we may use your details to contact you about your order or to reply to any queries. Should you wish to, in your account dashboard you can save PayPal as a payment method as well as or instead of a debit/credit card payment method.

If you sign up to the oneStep newsletter, you will receive an email prompting you to confirm your subscription. We then store your name and email address in our marketing list, hosted by MailChimp, and use it periodically to send newsletters about new products, special offers or other information which we think may be of interest to you. We also record the date and time that you open one of our newsletters, and whether you click on any of the links in it.

You may unsubscribe from our newsletter at any time, either by clicking the unsubscribe link at the bottom of our newsletter, or by requesting we do this for you by emailing info@onestep.earth.  Please note, unsubscribing does not delete your personal data from the database, it just removes you from the newsletter mailing list. Please email us if you wish your personal data to be deleted from our marketing database.

If you contact us using the contact form on our website you are required to provide your name and email address.

We use Google Analytics as our site tracking data processor. Google Analytics is GDPR compliant. We only use aggregated data in our analytics & reporting. Individual site visitors cannot be identified.

Comments: when visitors leave reviews on the site, we collect the data shown in the review form, as well as  the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your e-mail address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service Privacy Policy is available here: https://automattic.com/privacy/. After approval of your review, your profile picture is visible to the public in the context of your review.

cookies

This website uses cookies to enable the saving of items to virtual shopping baskets and to allow registered users to authenticate and perform account related functions. Cookies are also used to identify which pages are being visited, giving us web traffic data which we analyse and use to improve our website user experience. We only use this information for statistical analysis purposes and then the data is removed from the system.

In short, cookies help us provide you with a better website experience. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

If you leave a comment on our site you may opt in to saving your name, e-mail address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

Web browsers will usually automatically accept cookies but you can modify your browser setting to decline cookies if you prefer. This may however prevent you from taking full advantage of the website. Find out more about cookies, including how to disable/enable and delete them, at www.aboutcookies.org.uk.

links to other websites

Our website may contain links to other websites of interest. These links are provided for your convenience only and as such do not imply any endorsement or association. Once you have used these links to leave our site, you should note that we do not have any control over that website. We are not responsible for the protection and privacy of any information you provide whilst visiting such sites.

how we use your information

If you buy products from us, we use your name, email, phone number, credit or debit card details, shipping address and billing address to process your payment. We do so securely using Braintree (see How we protect your information below). If you choose to create an account with us, either at checkout when saving card details, or through your My account page,the details you enter are stored securely in the Braintree vault. If you do not wish to create an account you can checkout as  a guest. However we do of course still need to use this information that you provide at checkout to process your payment and manage your order.

To manage and dispatch your order, we use your name, email, phone number, billing address and shipping address in the order management and shipping platform Weengs. Should we need to contact you about your order, we would do using your email address.

If you sign up to our newsletter, we will use your name and email address to contact you periodically with news about oneStep products and send discount codes and details of offers. Your privacy is of the utmost importance to us. We will never share your personal information with third parties for any purposes other than those described here.

If you have contacted us using the form on the Contact page, we will only use your email address to communicate with you about your query. We will not transfer your details to our marketing list or use them to contact you separate to the query you have raised.

how long we retain your data

If you leave a review, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

how we protect your information

Ordering from us online is fully secure. Your secure payment is provided by Braintree, a PayPal company, who comply with the highest privacy and encryption standards available. Braintree is a validated Level 1 PCI DSS compliant service provider and payments are automatically protected with 128-bit SSL Encryption to ensure that your transactions are always safe.

When you place an order with us, we will ask for the following information: your name, email, phone number, credit or debit card details, shipping address and billing address. For security reasons, we do not keep your card details. If you choose to create an account with oneStep these are securely stored by Braintree. Braintree do not use or store personally identifiable information for any other purposes than the holding of your account information and the processing of your payments.

We are confident that shopping online with oneStep is as safe as possible. However, if you would prefer to pay by an alternative method please call us on 07775 512 246 and we can arrange to take payment over the telephone or by cheque. Please be aware, however, that goods won’t be dispatched until payment has been cleared which can take up to 10 days for cheques.

Braintree, Weengs (our order management platform) and MailChimp have all implemented measures to be GDPR compliant.

You may view or update your account information at any time where you may add, edit and delete addresses and payment methods, as well as view a list of orders that you have placed. Please note that while any changes you make will be reflected in active user database with immediate effect, we retain data in the form of backups for a period of 30 days. If you wish to avoid creating an account, you may checkout as a guest.If you wish your account with us to be deleted, please send this request to info@onestep.earth.

what are your rights?

If at any point you believe the information we process on you is incorrect you request to see this information and you can have it corrected or deleted. If you wish to raise a complaint on how we have handled your personal data, you may contact the Information Commissioner’s Office (ICO).