Free delivery on orders over £50 Orders placed before 3pm will be dispatched within 48 hours* Loyalty points earned on all orders We buy your old vinyl International shipping available
Privacy Policy (Revision 1 01/10/2023)
Rabbit hole Records as a Company is committed to processing data in accordance with its responsibilities under GDPR.
GDPR (Article 5) requires that personal data shall be:
​
1) Processed lawfully, fairly and in a transparent manner in relation to individuals
2) collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
3) adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
4) accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that is inaccurate, having regard to the purposes for which it is processed, is erased or rectified without delay;
5) kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; and
6) processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures.”
​
If you feel that we have not handled your data correctly, you may complain to the Information Commissioner’s Office (ICO).
Their details, should you need them, are:
Information Commissioner’s Office
Tel: 0303 123 1113
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
​
GENERAL PROVISIONS
a) This policy applies to all personal data processed by Rabbit hole Records.
b) The Responsible Person shall take responsibility for the Company’s ongoing compliance with this policy.
c) This policy shall be reviewed at least annually or where there is a significant change to process
d) The Company shall register with the Information Commissioner’s Office as an organisation that processes personal data.
LAWFUL, FAIR AND TRANSPARENT PROCESSING
a) Processes shall be reviewed at least annually or where there has been a significant change to process
b) Individuals have the right to access their personal data, and any such requests made to Rabbit hole Records shall be dealt with in a timely manner compliant with GDPR requirements.
​
ARCHIVING & REMOVAL
a) To ensure that personal data is kept for no longer than necessary, the Company shall put in place an archiving policy for each area in which personal data is processed and review this process annually or when there has been a significant change to the process
b) The archiving policy shall consider what data should/must be retained, for how long, and why.
​
SECURITY
a) Rabbit hole Records shall ensure that personal data is stored securely using relevant encryption and security measures.
b) When personal data is deleted this should be done safely such that the data is irrecoverable.
c) Appropriate back-up and disaster recovery solutions shall be in place.
BREACH
In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data, the organisation shall promptly assess the risk to people’s rights and freedoms and if appropriate report this breach to the ICO in accordance with GDPR requirements (i.e. within 72 hours of identification of the incident to the ICO and without unreasonable delay to the affected data subject(s)) (more information on the ICO website).
​
CANCELLATION OF CONSENT
You have the right to withdraw your consent at any time. Please contact us and on receipt of your request we are obliged to delete the data, subject to us no longer needing the data to complete any obligations we have to you. You will receive notification from us once the relevant action has taken place.
​
SUBJECT ACCESS REQUEST
You have the right to access and receive a copy of the personal data we hold about you. This is referred to as a Subject Access Request or SAR. You can make a SAR either verbally or in writing and we have one month in which to oblige. If for any reason your request is complicated, we may require additional time, but you will be notified within the original timeframe.
​
From time to time we may update our privacy policy, the latest version of our policy will always be available on our website for your reference.
We are concerned about the privacy of your personal information. We want to help to make the internet a safe place for users, and so that your experience with us is the best it can possibly be. Any information provided by you is held in accordance with the current data protection laws in the United Kingdom. By providing us your Personal Information and using our website, you are agreeing to the terms and conditions of this privacy policy.
​
INFORMATION ABOUT YOU
Personal Information is something that identifies you as an individual, such as: Your Name, Postal Address, Telephone Number, Email Address, Credit / Debit Card details.
We may receive information about you if you:
​
· Contact us directly, by telephone, email or via our website – by applying for one of our products or services.
· If your details are passed to us by your friends or family.
​
What do we do with your information?
The information we receive from you directly, and from third parties may be used for a variety of reasons, including but not limited to:
· Responding to enquiries
· Providing you with relevant products and services, and any improvements thereof.
· Notifying you of important information or changes
· Analysis and customer profiling.
​