What Is This Policy?

This policy will explain areas of this website that may affect your privacy and personal details, how we process, collect, manage and store those details and how your rights under the GDPR, DPA & PECR are adhered to. Additionally it will explain the use of cookies or software, advertising or commercial sponsorship from third parties and the download of any documents, files or software made available to you (if any) on this website. Further explanations may be provided for specific pages or features of this website in order to help you understand how we, this website and its third parties (if any) interact with you and your computer / device in order to serve it to you. Our contact information is provided if you have any questions.

Who Are We?

At Sgts Mess, we are committed to maintaining the trust and confidence of visitors to our web site. In particular, we want you to know that we are not in the business of selling, renting or trading email lists with other companies and businesses for marketing purposes. We hate it when people do it to us, so we won’t do it to you….. But in case you’re worried about it, in this Privacy Policy, we’ve provided lots of information on when and why we collect your personal information, how we use it, the limited conditions under which we may disclose it to others and how we keep it secure.

Who Is the Data Controller?

Garry Lambert trading as Sgts Mess is the Data Controller (contact details below). This means he is responsible for how your personal data is processed and for what purposes.

What is Personal Data?

Personal Data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the Data Controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation 2016/679 (“The GDPR”)1].

When you purchase something from our store, as part of the buying and selling process, we collect the personal data to enable us to complete your transaction

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service is provided by Automattic, and thier privacy policy is available in the resources section at the end of this page.

How We Process Personal Data.

The Data Controller complies with its obligations under The GDPR by keeping Personal Data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting Personal Data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect Personal Data.

We use your Personal Data for the following purposes:

  • To operate the Sgts Mess web site and deliver the services that you have requested.
  • To further develop and improve our goods and services.
  • To measure, gauge, and improve the effectiveness of our advertising.
  • To monitor and prevent any problems with our website, protect the security of our website, detect and prevent fraudulent transactions and other illegal activities, fight spam, and protect our rights and property, which may result in us declining a transaction.
  • To maintain our own accounts and records.

The Legal Basis For Processing Your Data

These fall under either article 6 or article 9 of The GDPR and are dealt with separately below

Article 6 Processing

  • Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract;
  • The use is necessary for compliance with a legal obligation;
  • We have a legitimate interest in using your information – to improve our goods and services, to safeguard our rights and property, to measure, gauge, and improve the effectiveness of our advertising or to to monitor and prevent any problems with our services;
  • You have given us your consent–for example before we place certain cookies on your device and access and analyze them later on.

Article 9 Processing

  • The Data Controller will never require any Sensitive Personal Information as described under Article 9 of The GDPR and will never request or process this category of Personal Data

What rights you have over your data

Unless subject to an exemption under the GDPR, you have the following rights with respect to your Personal Data: –

  • The right to request a copy of your Personal Data which the Data Controller holds about you, including any data you have provided to us;
  • The right to request that the Data Controller corrects any Personal Data if it is found to be inaccurate or out of date;
  • The right to request your Personal Data is erased where it is no longer necessary for the Data Controller to retain such data;
  • The right to withdraw your consent to the processing at any time;
  • The right to request that the Data Controller provide the you with your Personal Data and where possible, to transmit that data directly to another data controller.
  • The right, where there is a dispute in relation to the accuracy or processing of your Personal Data, to request a restriction is placed on further processing;
  • The right to object to the processing of personal data.
  • The right to lodge a complaint with the Information Commissioners Office.

How long we retain your data

The Data Controller will keep your personal data for no longer than reasonably necessary and we only retain your data for the following purposes:

  • To maintain our own accounts and records and to comply with any legal obligations we may have.
  • If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.
  • For users that register on our website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

Who We Share Your Data With

Your Personal Data will be treated as strictly confidential, and will be shared only with Paypal Holdings Inc when you purchase goods from our store as part of the shopping cart function. The Paypal privacy policy is available in the resources section at the end of this page

The only other circumstances where we will share your Personal Data is if we are required to do so by Law

This website is hosted and maintained by Table Warfare Ltd. As part of this support and maintenance function Table Warfare Ltd may access Personal Data on a needs basis only. This may only occur as a part of technical troubleshooting, identifying effected parties in the event of a data breach, and providing backup and restoration services for the site. Table Warfare Ltd does not process any Personal Information for or on behalf of the Data Controller.

Where we send your data

This website is backed-up on a regular basis. These backups contain the information required to rebuild the website in the event of a catastrophic failure. Backups are stored off-site for security and are uploaded to the Googledrive storage service. Googles Privacy Policy can be found in the resources section at the end of this document.

Daily backups are also taken of the webserver, and contain the information required to rebuild the entire server in the event of catastrophic failure. Backups are copied to recordable media, and stored off-site for security. 

Visitor comments may be also checked through an automated spam detection service.

Further Processing

If we wish to use your personal data for a new purpose, not covered by this Privacy Policy , then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.

What third parties we receive data from

When you make a purchase from our store we receive Personal Data from Paypal Holdings Inc in order to process your order and supply the purchased goods. We do not receive or retain any payment information, credit, debit or bank details.

What data breach procedures we have in place

While no online service is 100% secure, we work very hard to protect information about you against unauthorized access, use, alteration, or destruction, and take reasonable measures to do so, such as multiple firewalls, connection encryption, daily malware scans, enhanced account security measures in addition to other breach detection and prevention measures.

How we protect your data

Our entire website is only accessible via https, meaning that any data sent between you and our servers is encrypted and cannot be easily viewed if intercepted by a third party. We do not store any credit card information locally, all payments being made through Paypal Holdings, Inc.

What happens if security is breached?

In the unlikely event of a security breach, the Data Controller will notify the the appropriate regulator and any affected parties in accordance with Articles 33 and 34 of The GDPR

Website Cookie Policy

What are Cookies?

Cookies are small files saved to the user’s computers hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors or use the cookie control system if available upon their first visit.

Website Visitor Tracking

When someone visits https://sgtsmess.co.uk we use a third party service (Google Analytics) to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.

The Privacy Policies for Google Analytics can be found in the resources section of this policy:

Adverts and Sponsored Links

This website may contain sponsored links and adverts. These will typically be served through our advertising partners, to whom may have detailed privacy policies relating directly to the adverts they serve.

Clicking on any such adverts will send you to the advertisers website through a referral program which may use cookies and will track the number of referrals sent from this website. This may include the use of cookies which may in turn be saved on your computers hard drive. Users should therefore note they click on sponsored external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.

Downloads & Media Files

Any downloadable documents, files or media made available on this website are provided to users at their own risk. While all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third party anti virus software or similar applications.
We accept no responsibility for third party downloads and downloads provided by external third party websites and advise users to verify their authenticity using third party anti virus software or similar applications.

General Privacy Policy

Contact & Communication With us

Users contacting this us through this website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use.

Where we have clearly stated and made you aware of the fact, and where you have given your express permission, we may use your details to send you products/services information through a mailing list system. This is done in accordance with the regulations named in ‘The policy’ above.

Social Media Policy & Usage

We adopt a Social Media Policy to ensure our business and our staff conduct themselves accordingly online. While we may have official profiles on social media platforms users are advised to verify authenticity of such profiles before engaging with, or sharing information with such profiles. We will never ask for user passwords or personal details on social media platforms. Users are advised to conduct themselves appropriately when engaging with us on social media.

There may be instances where our website features social sharing buttons, which help share web content directly from web pages to the respective social media platforms. You use social sharing buttons at your own discretion and accept that doing so may publish content to your social media profile feed or page. You can find further information about some social media privacy and usage policies in the resources section below.

External Website Links & Third Parties

Although we only look to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text / banner / image links to other websites, similar to; Table Warfare Ltd or www.monarchygame.com.)

Shortened URL’s; URL shortening is a technique used on the web to shorten URL’s (Uniform Resource Locators) to something substantially shorter. This technique is especially used in social media and looks similar to this (example: http://bit.ly/zyVUBo). Users should take caution before clicking on shortened URL links and verify their authenticity before proceeding.

We cannot guarantee or verify the contents of any externally linked website despite our best efforts. Users should therefore note they click on external links at their own risk and we cannot be held liable for any damages or implications caused by visiting any external links mentioned.

Email Mailing List & Marketing Messages

We operate an email mailing list program, used to inform subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process where they have given their explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named in ‘The policy’ above. Subscribers can unsubscribe at any time through an automated online service, or if not available, other means as detailed in the footer of sent marketing messages. The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription.

Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data.

Our EMS (email marketing service) provider is; MailChimp and you can read their privacy policy in the resources section.