Privacy Policy

This Privacy Policy explains the types of personal data we may collect about you when you interact with us. It also explains how we’ll store and handle that data.

We hope that the following sections will answer any questions that you may have, but if not please do not hesitate to contact us: info@skibartlett.com or 020 8848 0040.

When appropriate, you will be notified of any changes to this Privacy Policy. 

About us

Active Wear & Outdoor Leisure Limited (AWOL) is registered with Companies House with the company number 02932936 at the address:

1-2 Rosslyn Parade

Uxbridge Road

Hillingdon

Middlesex

UB10 0NP

 

Trading under the names ‘Ski Bartlett’ and ‘Sputnik’, AWOL acts as the Data Controller responsible for handling your data.

For simplicity throughout this policy, any mentions of ‘we’ and ‘us’ refer to Active Wear & Outdoor Leisure Ltd.

Data Collection & Processing

The General Data Protection Regulation lays out various reasons why a company may collect and process your personal data.

Consent

The simplest reason; this is where you allow us to collect your data. For example, if you tick a box to sign up to our email newsletters.  

Contractual Obligations

In certain situations we require your personal data to comply with our contractual obligations. For example, if you order an item for delivery we require your address details to deliver your purchase.

Legal Compliance

When required by law, we may need to collect and process your data. For example, we pass on details of fraudulent activity to the relevant law enforcement.

Legitimate Interests

In specific situations we may require some of your personal details to carry out tasks in both ours and your interest. For example, we require certain information to carry out boot fits and workshop procedures.  

 

 

Transaction Security

All transaction information passed between merchant sites and Sage Pay’s systems is encrypted using 128-bit SSL certificates. No cardholder information is ever passed unencrypted and any messages sent to your servers from Sage Pay are signed using MD5 hashing to prevent tampering. You can be completely assured that nothing you pass to Sage Pay’s servers can be examined, used or modified by any third parties attempting to gain access to sensitive information.

Once on the Sage Pay system, all sensitive data is secured using the same internationally recognised 256-bit encryption standards used by, among others, the US Government. The encryption keys are held on state-of-the-art, tamper proof systems in the same family as those used to secure VeriSign's Global Root certificate, making them all but impossible to extract. The data held is extremely secure and Sage Pay is regularly audited by the banks and banking authorities to ensure it remains so.

Sage Pay’s systems are scanned quarterly by Trustwave which are an independent Qualified Security Assessor (QSA) and an Approved Scanning Vendor (ASV) for the payment card brands.

Sage pay is also audited annually under the Payment Card Industry Data Security Standards (PCI DSS) and is a fully approved Level 1 payment services provider, which is the highest level of compliance. Sage Pay is also an active members of the PCI Security Standards Council (SSC) that defines card industry global regulation.

Sage Pay has multiple private links into the banking network that are completely separate from the Internet and which do not cross any publicly accessible networks. Any cardholder information sent to the banks and any authorisation message coming back is secure and cannot be tampered with.

All employees at Sage Pay are Criminal Records Bureau (CRB) checked prior to employment and no unauthorized individual has access to or is able to decrypt transaction information or cardholder data. All transaction information and customer card information is secure even from our own employees.

 

When do we collect your personal data?

  • When you create an account with us
  • When you use your account to purchase items online
  • When you make a purchase as a guest – In this case we only collect the information required for delivery.
  • When you purchase an item via phone
  • When you contact us by any means with queries, complaints etc. 
  • We use a CCTV system for both our and your safety. This system may record your image during your visit. 
  • When you update your email preferences with your areas of interest.
 

What sort of personal data do we collect?

  • When you create an account or place an order with us with us we require your name, billing/delivery address, email and phone number.
  • For our boot fit and workshop forms we require your name and contact information. 
  • Workshop forms may also require additional information such as your age, height and weight. 
  • Areas of interest, e.g., race, touring, freeride.
 

How and why do we use your personal data?

We want to provide all of our customers with the best possible experience. In order to achieve this, we do require some of your personal information. 

  • To process any orders that you place using our website. If we do not obtain your delivery address, we cannot deliver your item to you. We may also be required to keep your details for a reasonable period after your order to fulfil any contractual obligations such as refunds or warranties. 
  • To respond to your queries, requests and complaints. If you email or phone us we keep a record of this information along with other details such as your name to allow us to respond. We may keep a record of these to inform any future communication and demonstrate how we communicated with you throughout. We do this on the basis of our contractual obligations to you, our legal obligations and our legitimate interests in providing you with the best service and understanding how we can improve our service based on your experience.
  • To protect our customers, premises, assets and staff from crime we operate CCTV systems in our store which records and saves images for security. We do this on the basis of our legitimate business interests. If required, we may also share these images with the relevant law enforcement agencies. 
  • To process payments and prevent fraudulent transactions. We do this on the basis of our legitimate business interests and to help protect our customers from fraud. 
  • With your consent, we will use your personal data and details to keep you informed by email and telephone about relevant information. For example, sales or an item you enquired about coming back into stock. 
  • If you update your email preferences with your areas of interest, we use this to tailor our email communications with you to make them more relevant. 
 

How we protect your personal data

Data security is important. We treat your data with care and respect and take appropriate steps to protect it. Access to all areas of our website is secured using ‘https’ technology.

Your personal preference section is secured behind a password of your choosing. We ask that you choose a secure, effective password and do not disclose it to anyone else.

How long will we keep your personal data?

We will only keep your data for as long as is necessary for the purpose for which it was collected. 

When you place an order, we’ll keep the personal data you provide us for five years in order to comply with our legal and contractual obligations. After this period the order will remain on our system for internal analysis, however the information itself will be anonymised. 

With consent, records of our boot fit appointments and workshop procedures will be kept for five years. This is a sensible life span for a product and allows us to provide you or your insurance with a record and proof of purchase. 

 

Who do we share your personal data with?

When required, we may share your personal data with trusted third parties. For example, delivery couriers require your name, address and telephone number.

We only provide the information required for them to perform their specific services and we work with them to ensure that your privacy is respected and protected at all times.

If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.

Courier Companies

When you place an order with us or ask for something to be delivered to you, we pass on your name, address, email and phone number to one of our courier companies. The company we use depends on the item dimensions, your geographic location, and the requested shipping method. The companies we for this are:

IT Companies

We use Visualsoft to build and host our website. This means that they do have access to the information on our system, however this will only ever be used for troubleshooting reasons. Please see their privacy policy for more information.

The email newsletters for the Sputnik website are also managed through Visualsoft. This requires your name, email address and email preferences. We may also use information from your previous orders to make our emails more relevant to you.

Touch Retail produce the inventory management system that we use. This system allows us to create user accounts on behalf of the customer which can be used for things such as holding items on reserve or adding a default discount rate. 

We also use Loqate (formerly PCA Predict) software throughout our website. This software allows you to auto-complete addresses to save time and minimize mistakes.

Direct Marketing Companies

Mailchimp provides the email communication system for our Ski Bartlett customers. To provide this feature we require your name and email address and email preferences. Mailchimp provides us with reports including open rate, click rate, and geographic distribution of opens. We use this information to improve the quality of our email communications with our customers.

We are always looking for feedback and reviews to help us improve our service. To help us manage this we use Trustpilot. After you have placed an order through our website you will receive an automated email with a request to leave a review of your experience. You are not obliged to leave a review; however, we appreciate all of the reviews we can get – both positive and negative. 

Multi-Channel Sales

 To offer our products to a wider market we also operate eBay and Amazon stores. When you purchase through either of these channels you provide your payment and delivery information to eBay or Amazon which is then copied through to our own system. Please see the relevant privacy policies below:

Law Enforcement & Customs Agencies

We do not tolerate any form of fraud. If we become aware that such an activity has taken place, we will not hesitate to pass on your details to the relevant law enforcement. We will also provide whatever assistance we can.

When we send products abroad, we may need provide information to customs agencies. This is usually limited to the clarification of contact details for which we will always contact you about.

What are your rights over your personal data?

You have the right to request:

  • Access to the personal data we hold about you and a copy of this information
  • The correction of your personal data when incorrect, out of data or incomplete
  • That we stop using your personal data for direct marketing (removal from mailing lists)
  • That we stop any consent-based processing of your data after you withdraw that consent
  • The deletion of all personal data that we hold 
To protect the confidentiality of your information we require you to verify your identity before any request is made. 
 
You are entitled to this information free of charge, however please be aware that there may be an additional "reasonable fee" for administrative costs where the request is deemed to be unfounded, excessive or repetitive.  

 

Cookies

We use cookies to ensure that our websites operate as smoothly as possible and to offer you the best customer experience. You have every right to disable the use of cookies on our website or through your browser, however this will affect the functionality of our websites.

For more information please view our Cookie Policy

Third Party Links

Our websites may contain links to other Web Sites ("Linked Sites"). The Linked Sites are not under our control and we are not responsible for the contents of any Linked Site, including without limitation any link contained in a Linked Site, or any changes or updates to a Linked Site. We are not responsible for webcasting or any other form of transmission received from any Linked Site. We providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by us of the site or any association with its operators.

Top