Privacy Policy

Last updated: [Insert Date]

1. Introduction

This Privacy Policy explains how Morning Dew Orchards ("we", "us", or "our") collects, uses, discloses, and protects your personal information when you interact with us, including through our website, communications, and any services we provide (collectively, the "Services").

We are committed to protecting your privacy and handling your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable laws in England.

By using our Services, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller

The data controller responsible for your personal information is:

Morning Dew Orchards
[Insert Address]
[Insert City], England
[Insert Postcode]
Email: [Insert Contact Email]
Telephone: [Insert Contact Number]

3. Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Information you provide directly

• Identification details: name, title.
• Contact details: email address, telephone number, postal address.
• Business details: farm or business name, job title, professional contact information.
• Communication data: information contained in emails, forms, enquiries, or other correspondence you send to us.
• Order and transaction data: products or services ordered from us, delivery details, billing information (excluding full payment card data, which is handled by secure payment providers).

3.2 Information collected automatically When you visit our website, we may automatically collect:

• Technical data: IP address, browser type and version, device type, operating system, time zone setting.
• Usage data: pages visited, time and date of visits, clickstream data, referring/exit pages, and other diagnostic data.

3.3 Information from third parties We may receive personal data from:

• Service providers (e.g. payment processors, analytics providers, marketing platforms).
• Publicly available sources (e.g. business directories, professional networking sites).
• Business partners (e.g. distributors, agricultural cooperatives, or other partners we work with).

4. Legal Bases for Processing

We process your personal data only when we have a lawful basis to do so under UK data protection law. These bases include:

• Contract: where processing is necessary to enter into or perform a contract with you.
• Legal obligation: where we must comply with a legal or regulatory obligation.
• Legitimate interests: where processing is necessary for our legitimate business interests and your interests and fundamental rights do not override those interests (for example, operating and improving our Services, responding to enquiries, and maintaining security).
• Consent: where you have given clear consent for specific processing activities (for example, certain marketing communications). You may withdraw your consent at any time.

5. How We Use Your Personal Data

We may use your personal data for the following purposes:

• To provide our Services: processing and fulfilling orders; managing deliveries; providing customer support.
• To manage our relationship with you: responding to enquiries, handling complaints, notifying you of changes to our terms or policies.
• To operate our business: managing accounts and records, invoicing, processing payments, maintaining our website and systems.
• To communicate with you: sending service-related messages, administrative notices, and information about your interactions with us.
• Marketing and promotions: sending you information about our agricultural products, services, events, or opportunities that may be of interest to you, where permitted by law.
• Security and fraud prevention: protecting our business, our systems, and our customers from fraud, misuse, or other unlawful activity.
• Legal and regulatory compliance: complying with applicable laws, responding to lawful requests from public authorities, and enforcing our agreements.

6. Cookies and Similar Technologies

Our website may use cookies and similar technologies to improve your experience, analyse website usage, and support our marketing efforts.

Cookies are small text files stored on your device by your web browser. We may use:

• Strictly necessary cookies: required for the website to function properly.
• Performance/analytics cookies: to understand how visitors use our website and to improve its performance.
• Functionality cookies: to remember your preferences and settings.
• Targeting/advertising cookies: where used, to deliver relevant content and measure marketing effectiveness.

You can usually set your browser to refuse cookies or to alert you when cookies are being sent. If you disable or refuse cookies, some parts of our website may not function properly.

7. How We Share Your Personal Data

We may share your personal data with:

• Service providers: third parties that provide services on our behalf, such as IT and hosting providers, website analytics, payment processors, delivery and logistics providers, professional advisers (lawyers, accountants), and marketing platforms.
• Business partners: where we collaborate with other organisations in the agricultural sector, for example for joint events, distribution, or marketing initiatives, and only where appropriate and lawful.
• Authorities and regulators: where required by law, in response to legal processes, or to protect our rights, property, or safety or those of others.
• Successors: in connection with any merger, sale of assets, restructuring, or similar corporate transaction involving Morning Dew Orchards, your personal data may be transferred as part of the transaction, subject to appropriate safeguards.

We require any third parties that process your data on our behalf to respect the security and confidentiality of your personal data and to process it only according to our instructions and applicable law.

8. International Data Transfers

We are based in England. Where your personal data is transferred outside the UK (for example, to cloud service providers or partners located in other countries), we will ensure that appropriate safeguards are in place to protect your data in accordance with UK GDPR requirements. These safeguards may include:

• Transfers to countries deemed by the UK government to provide an adequate level of data protection; or
• Use of standard contractual clauses or other approved transfer mechanisms.

You may contact us for more information about the specific safeguards applicable to any international transfers of your data.

9. Data Retention

We retain your personal data only for as long as is reasonably necessary to fulfil the purposes for which it was collected, including to meet legal, regulatory, tax, accounting, or reporting requirements.

When determining the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process your data, and whether we can achieve those purposes through other means.

Once the retention period has expired, we will securely delete, anonymise, or otherwise dispose of your personal data.

10. Data Security

We take appropriate technical and organisational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.

These measures may include access controls, encryption, secure storage, regular security reviews, staff training, and procedures for handling potential data incidents.

However, no transmission of information via the internet or electronic storage method is completely secure. While we strive to protect your personal data, we cannot guarantee its absolute security.

11. Your Rights Under Data Protection Law

Under UK data protection law, you have certain rights in relation to your personal data, subject to conditions and exemptions. These include:

• Right of access: to obtain confirmation that we process your personal data and to request a copy of the personal data we hold about you.
• Right to rectification: to request correction of inaccurate or incomplete personal data.
• Right to erasure: to request deletion of your personal data in certain circumstances (also known as the "right to be forgotten").
• Right to restriction: to request that we limit the processing of your personal data in specific situations.
• Right to data portability: to receive your personal data in a structured, commonly used, and machine-readable format and to request that we transfer it to another controller, where technically feasible and lawful.
• Right to object: to object to our processing of your personal data based on legitimate interests or for direct marketing purposes.
• Rights in relation to automated decision-making: to not be subject to a decision based solely on automated processing, including profiling, where it has legal or similarly significant effects on you, unless certain conditions are met.

If you wish to exercise any of these rights, please contact us using the details provided in Section 2. We may need to verify your identity before responding to your request.

12. Marketing Communications

Where permitted by law and where you have not opted out, we may use your contact details to send you information about Morning Dew Orchards, including news, offers, events, and services related to agriculture and our operations.

You can opt out of receiving marketing communications at any time by:

• Using the unsubscribe link in our marketing emails; or
• Contacting us directly using the details in Section 2.

Even if you opt out of marketing, we may still send you non-marketing communications related to your use of our Services (for example, order confirmations, service notices, or changes to our terms).

13. Third-Party Websites

Our website or communications may contain links to third-party websites, plug-ins, or services that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site.

We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policy of every site you visit.

14. Children’s Privacy

Our Services are not primarily directed at children, and we do not knowingly collect personal data from children under 13 years of age without appropriate parental or guardian consent.

If you believe that a child has provided us with personal data without such consent, please contact us, and we will take steps to delete the information as required by law.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons.

When we make material changes, we will take appropriate steps to inform you, such as posting a prominent notice on our website or contacting you directly where required by law. The "Last updated" date at the top of this Policy indicates when it was most recently revised.

16. Contact Us and Complaints

If you have any questions, concerns, or requests regarding this Privacy Policy or our handling of your personal data, please contact us using the details in Section 2.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you are unhappy with how we use your personal data. You can contact the ICO via:

Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Website: https://www.ico.org.uk
Telephone: 0303 123 1113

We would appreciate the opportunity to address your concerns before you approach the ICO, so please contact us first if possible.