Sign Up for our Newsletter

FB-Profile500

PLEASE READ THE IMPORTANT INFORMATION BELOW REGARDING HOW WE COLLECT, USE AND STORE YOUR PERSONAL INFORMATION.

Our Monthly Newsletter

Thank you for signing up to our monthly Newsletter.
This will allow us to keep you informed about everything in The Glass Box.

The Newsletter is an important way for us to connect with our customers, we value that chance and occasionally reward our subscribers for their loyalty. One way we do this is by offering Newsletter Subscriber Only Deals, so it really is worth signing up!!

What we will do:
We will only send emails relevant to our business and our products.
Normally the frequency will be once per month unless we have anything special or important to inform you about.
We'll always provide an opt out link to enable you to unsubscribe quickly and easily.

What we won't do:
We respect your privacy and promise we will not SPAM you and certainly will not share your details with anyone outside The Glass Box other than our own third party email service provider.

Confirm Subscription
Please tick this acceptance checkbox.
This way we know you really want to receive our emails and you provide your consent to allow us to store your data, see below for more information.

Double Opt-in
To comply with GDPR requirements we have incorporated a double opt-in procedure for our Newsletter subscribers.
When this form is submitted we'll send you an email with a link to verify your wish to subscribe.
Please click on this link to complete your subscription.

Your Data
We collect the following data from you when you subscribe to our newsletter:
Your name, email address and date of birth.
We keep this information for as long as you remain a newsletter subscriber and delete it if or when you unsubscribe.
Why do we need this information?
We personalise the emails we send to you, displaying your first name at the beginning of the email.
Occasionally we send specific subscriber offers to you to celebrate your birthday, for example. These offers are for newsletter subscribers only and redemption is required. To combat fraudulent claims we check your name, date of birth and email address against our records at the time of redemption.
Customer consent
When you subscribe to our newsletter you give your consent by ticking the acceptance checkbox. This allows us to store the aforementioned data, which is necessary for us to be able to provide the newsletter service. This data is stored securely by our third-party email service provider. We also have a back-up stored on a password protected external physical drive which is encrypted and kept locked in a secure location.
Redemption claim details are also stored on a secure cloud based server
We will always do our utmost to keep your data safe and compliant with GDPR requirements.
Who has access to your data?
The Glass Box Company Management has access to your name, email address and date of birth.
The Glass Box Company staff have access limited to customers in the process of redeeming an offer.
Third party service providers where our newsletter service information is stored and managed have access to your name, email address and date of birth.
These service providers are Google, Mailchimp and Basehound Media. All three have been checked by The Glass Box Company and found, to the best of our knowledge, to be GDPR compliant
Unsubscribe
You may unsubscribe from our newsletter at any time by clicking the 'unsubscribe' link at the bottom of each email we send or by requesting to be unsubscribed by sending an email to us. Your details will be deleted from all points of storage.
Rights of the subscriber under General Data Protection Regulations
You have:
1. The right to be informed: Organisations need to tell individuals what data is being collected, how it’s being used, how long it will be kept and whether it will be shared with any third parties. This information must be communicated concisely and in plain language.
2. The right to access: Individuals can submit subject access requests, which oblige organisations to provide a copy of any personal data concerning the individual. Organisations have one month to produce this information, although there are exceptions for requests that are manifestly unfounded, repetitive or excessive.
3. The right to rectification: If the individual discovers that the information an organisation holds on them is inaccurate or incomplete, they can request that it be updated. As with the right to access, organisations have one month to do this, and the same exceptions apply.
4. The right to erasure (also known as ‘the right to be forgotten’): Individuals can request that organisations erase their data in certain circumstances, such as when the data is no longer necessary, the data was unlawfully processed or it no longer meets the lawful ground for which it was collected. This includes instances where the individual withdraws consent.
5. The right to restrict processing: Individuals can request that organisations limit the way an organisation uses personal data. It’s an alternative to requesting the erasure of data, and might be used when the individual contests the accuracy of their personal data or when the individual no longer needs the information but the organisation requires it to establish, exercise or defend a legal claim.
6. The right to data portability: Individuals are permitted to obtain and reuse their personal data for their own purposes across different services. This right only applies to personal data that an individual has provided to data controllers by way of a contract or consent.
7. The right to object: Individuals can object to the processing of personal data that is collected on the grounds of legitimate interests or the performance of a task in the interest/exercise of official authority. Organisations must stop processing information unless they can demonstrate compelling legitimate grounds for the processing that overrides the interests, rights and freedoms of the individual or if the processing is for the establishment or exercise of defence of legal claims.
8. Rights related to automated decision making including profiling: The GDPR includes provisions for decisions made with no human involvement, such as profiling, which uses personal data to make calculated assumptions about individuals. There are strict rules about this kind of processing, and individuals are permitted to challenge and request a review of the processing if they believe the rules aren’t being followed.

Exercising your rights
When requesting by email, please include your full name, email address and date of birth. Initially we'll send a verification email to make sure it really is you before we act upon your request.

General Data Protection Regulation (GDPR) on european union map background