We are Online-store BigBrightLight.com (hereinafter “Online-store” or “We”) (company number: 12860248, “Upp Wellbeing Ltd” is a company, with its registered office at Beechwood, Park Drive, Doncaster, DN5 7LP). Upp Wellbeing Ltd is the “data controller” of any Personal Data it may collect, process and hold about You, unless we inform You otherwise.
For the purposes of this policy, we define the term “Customer” as an individual or business entity, who uses the Website to order an item in our Online-store and the term “User” as an individual, who uses the Website to view an item in our Online-store and / or an individual who subscribes to the Online Store newsletter.
If the information relates to both the User and the Customer, for the purposes of this policy, we define the term “You” or “Your”.
We will always be transparent with You about what we do with Your Personal Data. We only collect, store and process Your Personal Data in accordance with the relevant laws and regulations.
We do not sell Your Personal Data to third parties. A ‘sale’ of Personal Data under the CCPA is defined broadly to include the ‘selling, renting, releasing, disclosing, disseminating, making available, transferring, or otherwise communicating orally, in writing, or by electronic or other means’ the Personal Data of a consumer to another business or third party ‘for monetary or other valuable consideration.’ If we decide to sell our Website or our business, we will inform You about this, so You can forbid us to transfer Your Personal Data together with our business. If so, we will delete Your data from the databases prior to a business transfer.
We adhere to the following principles in order to protect Your privacy:
- Principle of purposefulness - we process Personal Data fairly and in a transparent manner only for the achievement of determined and lawful objectives, and they shall not be processed in a manner not conforming to the objectives of data processing;
- Principle of minimalism - we collect Personal Data only to the extent necessary for the achievement of determined purposes and do not keep Personal Data if it is no longer needed;
- Principle of restricted use - we use Personal Data for other purposes only with the consent of the data subject or with the permission of a competent authority;
- Principle of data quality - we update Personal Data shall be up-to-date, complete and necessary for the achievement of the purpose of data processing;
- Principle of security - security measures shall be applied in order to protect Personal Data from unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical and organisational measures;
- Principle of individual participation - the persons shall be notified of data collected concerning him or her, the persons shall be granted access to the data concerning him or her and the persons have the right to demand the correction of inaccurate or misleading data.