1. INTRODUCTION
This privacy notice provides you with details of how Oil Checkout collects and processes customers’ personal data through your use of a heating oil ordering portal at https://secure.oilcheckout.com. Note that this is different from Oil Checkout’s usage of heating oil supplier data which can be found at the bottom of this document pertaining to Oil Checkout’s usage of supplier data, section 11.
By Oil Checkout users providing Oil Checkout with their data, they warrant to us that they are over 13 years of age.
Oil Checkout is the data controller and we are responsible for customers’ personal data and heating oil suppliers’ statistical data, (referred to as “we”, “us” or “our” in this privacy notice).
Contact Details
Our full details are:
Full name of legal entity: Oil Checkout
Email address: support@oilcheckout.com
Postal address: Flat 1, 62 High Street, Flintshire, CH7 1BH
Definitions
[YOU] unless otherwise noted is referenced below in this document refers to customers who order from an ordering portal and not you, our customer (the Oil Supplier). Oil Checkout utilises data by proxy for suppliers in order to provide an electronic portal which their customers may use to manage their account and order heating oil online. Oil Checkout does not process, view, track or utilise suppliers’ customer data in any other way; therefore the privacy and data protection of customer data outside of this document is the responsibility and falls under the separate data protection guidelines of each individual oil supplier.
[PORTAL] as referenced below refers to the ordering system provided by Oil Checkout to your heating oil supplier which processes the registration of new customers, processing of new heating oil orders, management of customer account data including order history and your supplier’s administration of the same data.
The policies outlined below refer to how your Oil Checkout portal utilises data in order to achieve its technical goal of enabling your customers to order oil from you, the supplier.
2. WHAT DATA DO WE COLLECT ABOUT [YOU], FOR WHAT PURPOSE AND ON WHAT GROUND WE PROCESS IT
Personal data means any information capable of identifying an individual. It does not include anonymised data.
We may process the following categories of personal data about [you]:
· Communication Data that includes any communication that [you] send to us through email or any other form of communication that you send us. We process this data for the purposes of communicating with [you], for record keeping and for the establishment, pursuance or defence of legal claims. Our lawful ground for this processing is our legitimate interests which in this case are to reply to communications sent to us, to keep records and to establish, pursue or defend legal claims.
· Customer Data that includes data relating to any purchases of goods and/or services such as your name, title, billing address, delivery address email address, phone number, contact details, purchase details and your card details. We process this data to supply the goods and/or services you have purchased and to keep records of such transactions. Our lawful ground for this processing is the performance of a contract between [you] and your supplier and/or taking steps at your request to enter into such a contract.
· User Data that includes data about how [you] use your supplier’s Oil Checkout portal and any online services. Oil Checkout processes this data to operate your supplier’s portal and ensure relevant content is provided to [you], to ensure the security of our website, to maintain back- ups of our website and/or databases and to enable publication and administration of our website, other online services and business. Our lawful ground for this processing is our legitimate interests which in this case are to enable us to properly administer your heating oil supplier’s ordering system and their business.
· Technical Data that includes data about [your] use of our website and online services such as your IP address, your login data, details about your browser, length of visit to pages on our website, page views and navigation paths, details about the number of times you use our website, time zone settings and other technology on the devices you use to access your supplier’s heating oil portal. The source of this data is from our analytics tracking system. We process this data to analyse your use of our website and other online services, to administer and protect our business and website, to deliver relevant website content to [you].
Oil Checkout does not disseminate [your] personal details to anyone and is only accessible by your oil supplier. Our lawful ground for this processing is our legitimate interests which in this case are to enable the technical facility to manage customer accounts and their orders. How your oil supplier utilises your data beyond the ordering capabilities of the portal are referenced separately within your heating oil suppliers own data protection scheme.
· Oil Checkout does not use Customer Data, User Data, Technical Data or Marketing Data in any way.
Sensitive Data
Oil Checkout does not collect any Sensitive Data about [you]. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and bio-metric data. Oil Checkout do not collect any information about criminal convictions and offences.
3. HOW OIL CHECKOUT COLLECTS YOUR PERSONAL DATA
We may collect data about you by you providing the data directly to us (for example by filling in forms on our site or by sending our system emails). We may automatically collect certain data from you as you use our website by using cookies and similar technologies. Please see our cookie policy in section 11 for more details about this.
4. MARKETING COMMUNICATIONS
Oil Checkout does not utilise suppliers’ customer data for any means of marketing. Marketing policies are the responsibility of the supplier to convey to their customers through their own data protection policies.
5. DISCLOSURES OF PERSONAL DATA
Oil Checkout does not disclose any personal data to anyone. Any disclosures will fall under individual supplier data and privacy guidelines and therefore do not share customers’ personal data outside the European Economic Area (EEA).
6. OIL CHECKOUT DATA SECURITY
We have put in place security measures to prevent customers’ personal data from being accidentally lost, used, altered, disclosed, or accessed without authorisation. The Oil Checkout portal will only process customers’ personal data on our instructions and must kept confidential.
We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach if we are legally required to.
7. DATA RETENTION
We will only retain your customers’ personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements required by the supplier.
The correct time to keep the data for is to be determined by each individual supplier. Any customer data requiring deletion can be done at any time with authorisation from the supplier. This includes any requirement by you the supplier to retain records for tax purposes which we will take your instruction on if so required.
8. CUSTOMERS’ LEGAL RIGHTS
Under data protection laws [you] have rights in relation to your personal data that include the right to request access, correction, erasure, restriction, transfer, to object to processing, to portability of data and (where the lawful ground of processing is consent) to withdraw consent.
You can see more about these rights at the ico.org.uk website.
If you wish to exercise any of the rights set out above, please email your supplier or Oil Checkout from support@oilcheckout.com. [You] will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive or refuse to comply with your request in these circumstances.
We may need to request specific information from [you] to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact [you] to ask you for further information in relation to your request to speed up our response. We try to respond to all legitimate requests as soon as possible.
If [you] are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.
9. THIRD-PARTY LINKS
[Your] heating oil ordering portal only provides a third party link to Oil Checkout, the processing entity of your data. In no other way are third party links included within your customers’ ordering portal.
10. COOKIES
[You] can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. For more information about the cookies we use, please see below.
1. Oil Checkout may place and access certain Cookies on your computer. Oil Checkout uses Cookies to improve your experience of using the Website and to improve our range of products and services. Oil Checkout has carefully chosen these Cookies and has taken steps to ensure that your privacy is protected and respected at all times.
2. All Cookies used by this Website are used in accordance with current UK and EU Cookie Law. Cookies and customer identity are only utilised when the customer is accessing the Oil Checkout portal. Once the browser is closed, Oil Checkout has no record of the link between session and customer browser cookies and therefore any identifying information is permanently lost.
3. Oil Checkout places a cookie on [your] computer in order to facilitate searching for prices, placing heating oil orders and logging into your customer control panel. By [you] using the Oil Checkout ordering portal, you are giving your consent to the placing of Cookies. You may, if you wish, deny consent to the placing of Cookies by not utilising the Oil Checkout ordering portal.
4. Oil Checkout may place the following Cookies:
Strictly necessary cookies – These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
Analytical/performance cookies – They allow us to recognise and count the number of visitors and to see how visitors move around your suppliers’ Oil Checkout portal when your customers are using it. This helps Oil Checkout to improve the way our portal works, for example, by ensuring that users are finding what they are looking for easily.
5. You can choose to enable or disable Cookies in your internet browser. By default, most internet browsers accept Cookies but this can be changed. For further details, please consult the help menu in your internet browser.
6. You can choose to delete Cookies at any time; however you may lose any information that enables you to access the Website more quickly and efficiently including, but not limited to, personalisation settings.
7. It is recommended that you ensure that your internet browser is up-to-date and that you consult the help and guidance provided by the developer of your internet browser if you are unsure about adjusting your privacy settings.
11. SUPPLIER / OIL CHECKOUT RELATIONSHIP TO PRIVACY
We have put in place security measures to prevent suppliers’ personal data from being accidentally lost, used, altered, disclosed, or accessed without authorisation. The Oil Checkout supplier control panel will only process suppliers’ personal data on our instructions and must kept confidential.
We have procedures in place to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach if we are legally required to.
Access to the securely-encrypted Oil Checkout supplier control panel which contains sensitive customer data has been designed to prevent intrusion. Heating oil suppliers are held responsible for customer data when logged into the supplier control panel and must treat customer data with the highest level of confidentiality.
The dissemination of customer data and supplier’s intentions with customer data legal responsibility must be made clear to their customers and data rules fall under suppliers’ individual privacy and data protection policies. Protection and security of a supplier’s Oil Checkout control panel is the responsibility of the supplier, ensuring timely processing and ultimate deleting of customer payment information and making sure to log out of the control panel, therefore preventing third parties from gaining access to the portal.