Please note that all data thus captured will be used and held in accordance with the requirements of the GDPR implemented May 2018.
NoReturnlessRefunds is the controller and processor of your data. The company is involved in cross border trading, however the main establishment and therefore our lead supervisory authority is in the US.
If you have any requests concerning your personal data or queries with regard to how we handle your data you can contact us at firstname.lastname@example.org.
We hold the business contact details of the company or organisation which have been obtained directly from the applicant when completing the account application form. This information includes contact name(s), account’s address, return’s address, telephone numbers, email addresses and tax reference number. This information is used for invoicing purposes and to create shipments. This information is therefore held and used within a contract lawful basis as it is essential to carry out the service that we offer to our customers.
We also hold certain limited pieces of end user / retailers customers data including name, address, e-mail address order/RA or invoice numbers. This information is used only for the purpose of providing our service to retailers. None of this information is made available to any other unrelated third party and for the purpose of this policy is treated in the same way as our other data in all other aspects
The information is held on various cloud based software systems which are listed below
Our email communications are used to inform all contacts of changes and improvements to our service which is vital to our service and within a contract lawful basis essential to carry out the service that we offer to our customers. We do not rent or sell any email or contact information.
Contact details, returns address and tax references are accessed by our various partner hubs when organizing shipments back from their centres. This is done by restricted access to our software to obtain the information that they require within a contract lawful basis to carry out the service that we offer to our customers.
The hub partners subscribe to follow strict data protection regulations as laid out by GDPR and are contractually bound not to share any customer data. This is part of the Partner Hub Agreement.
We also have a number of affiliate partners that offer services that are pertinent to cross border trading with which we share contact details within a consent lawful basis. There is a consent option to ‘Opt In’ to this sharing of data in the account application form.
Data is held with us until a customer closes their account and no longer require our services. The data is then permanently deleted from our records.
All records of any historical shipments from the partner hubs will also be permanently deleted after 6months.
The GDPR includes the following rights for individuals:
- the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure;
- the right to restrict processing;
- the right to data portability;
- the right to object; and
- the right not to be subject to automated decision-making including profiling.
If a customer is unhappy with any aspect of our handling of their data they can make a complaint to the Information Commissioner’s Office – https://ico.org.uk/concerns/
Seller Union is registered in the US