Your Puffy Cart 0 Items
Cart is empty
Free shipping and returns

Puffy Privacy Policy

Overview – the key information you should be aware of

  1. Who we are: This website is operated by AA BOND ENTERPRISES DMCC, whose registered office is at Kemp House 160, City Road London, EC1V 2NX.

    All references to ‘Puffy', 'our', 'us' or 'we' within this policy are references to either Puffy, or any of our group companies and suppliers which provide services to us or you, as appropriate.

    This privacy policy applies to those of our websites on which it is displayed.

  2. Values and purpose of this policy: We value your privacy and want to be accountable and fair to you as well as transparent with you in the way that we collect and use your personal information. We also want you to know your rights in relation to your information which are set out in this policy.

    This privacy policy tells you what to expect when we collect and use personal information about you. We have tried to make it easy for you to navigate so you can find the information that is most relevant to you and our relationship with you.

    We are always looking to improve the information we provide to our customers and contacts so if you have any feedback on this privacy policy, please let us know using our contact details in section 12.

  3. Who this policy applies to

    This policy applies to:

    • People who visit our website (who start an order but do not complete the checkout process);
    • Customers;
    • People who we send marketing communications to;
    • People make enquiries with us.

    We will collect and use your information in different ways, depending on our relationship with you.

  4. What is included in this policy: This privacy policy describes the following important topics relating to your information:

    • How we obtain your personal information;
    • Collection and use of personal information;
    • Our legal basis for using your personal information;
    • How and why we share your personal information;
    • How long we store your personal information;
    • Your rights;
    • Marketing;
    • Where we may transfer your personal information;
    • Risks and security;
    • Links to other websites;
    • Changes to this policy; and
    • Questions and complaints.
  5. Your rights to object: You have various rights in respect of our use of your personal information as set out in section 6. Two of the fundamental rights to be aware of are that you may:

    • ask us to stop using your personal information for direct-marketing purposes. If you exercise this right, we will stop using your personal information for this purpose.
    • ask us to consider any valid objections which you have to our use of your personal information where we process your personal information on the basis of our, or another person's, legitimate interest. You can find out more information in section 6 of the policy.
  6. Confirmation: Please read this privacy policy carefully to understand how we handle your personal information. By engaging with us in the ways set out in this privacy policy, you confirm that you have read and understood the entirety of this privacy policy, as it applies to you.

The Detail

  1. How we collect your personal information

    1.1. You may provide us with your personal information voluntarily. However, we may also receive information about you from third parties such as our suppliers and public websites, which we refer to as "third party sources" or "suppliers" throughout this policy.

    1.2. You may give us personal data about yourself by using and completing the online forms provided on our website, or by contacting us by phone, e-mail or other means. This also includes when you enter a competition or promotion on our website and when you report a problem with our website. If you contact us, we may keep a record of that correspondence. We may also ask you to complete surveys that we use for research purposes. It is your choice to complete surveys.

  2. Collection and use of Personal Information

    The sections below contain information relating to how we collect and use information about you. Throughout this policy, this is referred to as “personal information.”

    2.1. Website visitors

    We, or third parties on our behalf, may collect and use the following information about you when you visit our site and commence an order, but do not complete the checkout process:

    Visitors to our website
    Personal Information collected (i) your name;
    (ii) your postal address;
    (iii) your email address;
    (iv) your telephone number;
    (v) information provided when you correspond with us;
    (vi) any updates to information provided to us;
    (vii) personal information we collect about you or that we obtain from our third party sources;
    (viii) the below technical information created and recorded automatically when you visit our website, start an order and subsequently abandon your cart.
    Technical Information Collected (i) Internet protocol (IP) address used to connect your computer to the internet address;
    (ii) the website address and country from which you access information;
    (iii) the files requested;
    (iv) type and version of browser;
    (v) browser plug-in types and versions; operating system; and platform; and
    (vi) Information about your visit and your behaviour on our website (for example, the pages that you click on). This may include the website you visit before and after visiting our website (including date and time), time and length of visits to certain pages, page interaction information, methods used to browse away from the page, traffic data, location data, weblogs and other communication data and information provided when requesting further service or downloads.
    How we use your Information (Personal and Technical) (i) to allow you to access and use our website;
    (ii) to receive enquiries from you through the website about our goods and services;
    (iii) to assist you in completing an order through the website;
    (iv) for improvement and maintenance of our website and to provide technical support for our website;
    (v) to ensure the security of our website;
    (vi) to recognise you when you return to our website, to store information about your preferences, and to allow us to customise the website according to your individual interests;
    (vii) to evaluate your visit to the website and prepare reports or compile statistics to understand the type of people who use our website, how they use our website and to make our website more intuitive. Such details will be anonymised as far as reasonably possible and you will not be identifiable from the information collected; and
    (viii) to operate, protect, improve, and optimize our website and personalize and customize your experience (such as by making buying suggestions), we conduct profiling on your characteristics and preferences based on your interactions with the website, your search and purchase history, your profile information and preferences, and other content you submit to the website. We do this in order to send promotional messages, marketing, advertising and other information that we think may be of interest to customers.
    Website Cookies (i) Some pages on our website use cookies, which are small files placed on your internet browser when you visit our website. We use cookies in order to offer you a more tailored experience in the future, by understanding and remembering your particular browsing preferences.
    (ii) Where we use cookies on our website, you may block these at any time. To do so, you can activate the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies), you may not be able to access all or parts of our website or to use all the functionality provided through our website.
    (iii) For detailed information on the cookies we use and the purposes for which we use them, please refer to our cookies policy here: https://puffy.co.uk/pages/cookies-policy

    2.2. Customers

    We, or third parties on our behalf, may collect and use the following information about you:

    People who we send marketing communications to
    Personal Information we collect (i) your name;
    (ii) your postal address;
    (iii) your email address;
    (iv) your telephone number; and
    (v) information about your preferences.
    How we use your personal information (i) We will collect, use and store the personal information listed above, if you have consented or, otherwise, if it is in our legitimate interests, for business development and marketing purposes, to contact you (including by email, SMS, push notifications or post) with information about our products and services which either you request, or which we feel will be of interest to you (including newsletters).
    (ii) We might also share your data with social media or other similar platforms, so that you can see relevant content on that platform. For example, we may use the Facebook Custom Audiences service and share your email address in a protected format with Facebook so that we can: include you in a custom audience that we will serve relevant advertising content to on Facebook; or create an audience of other Facebook users based on the information in your Facebook profile. You can opt-out from Facebook Custom Audiences by emailing us at support@puffy.co.uk
    Other Sources of personal information Source of personal information. We may receive some of your personal information from third parties, such as marketing agencies and third party email marketing platforms.

    2.3. People who make an enquiry

    We, or third parties on our behalf, may collect and use any of the following information about you:

    People who contact us with enquiries
    Personal Information we collect (i) your name;
    (ii) your postal address;
    (iii) your email address;
    (iv) your telephone number;
    (v) personal information we collect about you from third party sources such as Facebook;
    (vi) information provided when you correspond with us; and
    (vii) any updates to information provided to us.
    How we use your personal information We will collect, use and store the personal information listed above to deal with any enquiries or issues you have about our goods and associated services or our business, including any questions you may have about how we collect, store and use your personal information, or any requests made by you for a copy of the information we hold about you. If we do not have a contract with you, we may process your personal information for these purposes where it is in our legitimate interests for customer services purposes.
    Special categories of data. Some of the personal information that you provide to us when making enquiries regarding our goods and services may include special categories of data. Special categories of data include information about physical and mental health, and biometric data.

    2.4. Additional Information

    No matter what our relationship is with you, we may also collect, use and store your personal information for the following additional reasons:

    Other reasons for processing data
    Dealing with enquiries to deal with any enquiries or issues you have about how we collect, store and use your personal information, or any requests made by you for a copy of the information we hold about you. If we do not have a contract with you, we may process your personal information for these purposes where it is in our legitimate interests for customer services purposes;
    Internal corporate reporting for internal corporate reporting, business administration, ensuring adequate insurance coverage for our business, ensuring the security of company facilities, research and development, and to identify and implement business efficiencies. We may process your personal information for these purposes where it is in our legitimate interests to do so;
    Compliance to comply with any procedures, laws and regulations which apply to us – this may include where we reasonably consider it is in our legitimate interests or the legitimate interests of others to comply, as well as where we are legally required to do so; and
    Legal Rights to establish, exercise or defend our legal rights – this may include where we reasonably consider it is in our legitimate interests or the legitimate interests of others, as well as where we are legally required to do so.

    2.5. Further processing

    We will not use your personal information in any way that is incompatible with the purposes set out in this section 2. Please contact us using the details in section 12 if you want further information.

  3. Using your personal information - legal basis

    3.1. The legal basis for using your personal information as set out in this privacy policy are as follows:

    Legal Basis Explanation
    Necessary to perform our contract of sale with you We consider our use of your personal information is necessary to perform our obligations under any contract with you (for example, to fulfil an order which you place with us, to comply with the terms of use of our website which you accept by browsing our website and/or to comply with our contract to provide services to you);
    Consent we may process your personal data where you have given us your legal consent (which you may withdraw at any time after giving it, as described below), including where:
    (a) we use your special categories of data that you provide to us when completing a form, a survey, entering a giveaway, or when making a customer service enquiry;
    (b) we use your personal information to communicate with a third party regarding your order; and
    (c) we process your personal information for direct marketing purposes.
    If we rely on your consent for us to use your personal information, but if you change your mind, you may withdraw your consent by contacting us at support@puffy.co.uk and we will stop doing so. If you withdraw your consent, this may impact the ability for us to be able to provide our goods and services to you.
    Complying with our legal obligations our use of your personal information is necessary for complying with our legal obligations (for example, for product safety purposes);
    Legitimate business interests where use of your personal information is necessary for our legitimate interests or the legitimate interests of others (for example, to ensure the accessibility and security of our e-commerce platform).
    Our legitimate interests are to:
    (i) ensure that customers and potential customers can successfully complete orders through our website; and
    (ii) approach, contact and select strategic partners and appropriately skilled and qualified suppliers.
    (iii) run, grow and develop our business;
    (iv) carry out marketing, market research and business development;
    (v) provide goods and associated services to our customers, make and receive payment and provide customer services;
    (vi) place, track and ensure fulfilment of orders with our suppliers;
    (vii) carry out internal group administrative purposes;
    (viii) improve the website and your experience with it; and
    (ix) undertake marketing activities to offer products or services that may be of interest to our customers.

    If we rely on our (or another person's) legitimate interests for using your personal information, we will undertake a balancing test to ensure that our (or the other person's) legitimate interests are not outweighed by your interests or fundamental rights and freedoms which require protection of the personal information. You can ask us for information on this balancing test by using the contact details at section 12.

  4. How and why we share your personal information with others

    4.1. We may share your personal information with our group companies where it is in our legitimate interests to do so for internal administrative purposes (for example, ensuring an effective and efficient delivery process for our customers, business strategies, compliance processes, auditing and monitoring, research and development and quality control).

    4.2. We will share your personal information with the following third parties or categories of third parties:

    • Shopify who provides the platform for our online store, allowing you to place orders and pay for goods and services on our website. Shopify will also share your personal information with us;
    • Signifyd who provide e-commerce risk assessment. We will pass details such as your name and address of our customers to Signifyd before finalising your order. This helps us to reduce the incidence of fraud;
    • Providers of customer support ticket management services such as Gorgias. These suppliers will also share your personal information with us;
    • Google and other data analytics and search engine providers that assist us in the improvement and optimisation of our services and website;
    • Our other service providers and sub-contractors, including but not limited to CRM platform providers, payment processors, insurers, warehouse, storage and logistics providers and cloud service providers.

    4.3. Any third parties with whom we share your personal information are limited (by law and by contract) in their ability to use your personal information for any purpose other than to provide services for us. We will always ensure that any third parties with whom we share your personal information are subject to privacy and security obligations consistent with this privacy policy and applicable laws.

    4.4. In the following instances we will also disclose your personal information to third parties:

    (a) where it is in our legitimate interests to do so to run, grow and develop our business including:
    if we sell or buy any business or assets, we may disclose your personal information to the prospective seller or buyer of such business or assets;
    If substantially all of Puffy’s or any of its affiliates' assets are acquired by a third party, in which case personal information held by Puffy will be one of the transferred assets;
    (b) if we are under a duty to disclose or share your personal information in order to comply with any legal obligation, any lawful request from government or law enforcement officials and as may be required to meet national security or law enforcement requirements or prevent illegal activity;
    (c) in order to enforce or apply our terms and conditions or any other agreement or to respond to any claims, to protect our rights or the rights of a third party, to protect the safety of any person or to prevent any illegal activity; or
    (d) to protect the rights, property, or safety of Puffy, our staff, our customers or other persons. This may include exchanging personal information with other organisations for the purposes of fraud protection and credit risk reduction.

    4.5. We may also disclose and use anonymised, aggregated reporting and statistics about users of our website or our goods and services for the purpose of internal reporting or reporting to our group or other third parties, and for our marketing and promotions. None of these anonymised, aggregated reports or statistics will enable our users to be personally identified.

    4.6. Save as expressly detailed above, we will never share, sell or rent any of your personal information to any third party without notifying you and, where necessary, obtaining your consent. If you have given your consent for us to use your personal information in a particular way, but later change your mind, you should contact us and we will stop doing so.

  5. How long we store your personal information

    5.1. We keep your personal information for no longer than necessary for the purposes for which the personal information is processed. The length of time we retain personal information for depends on the purposes for which we collect and use it and/or as required to comply with applicable laws and to establish, exercise or defend our legal rights.

    5.2. The table below sets out information on how long we store some of your personal information:

    Data Type Maximum Duration
    Visitors to our website (who start the order process and then abandon their cart): Data collected during the checkout process on the Puffy website where the potential customer does not complete the checkout process. See section 2.1 for further details. 30 days
    Customers: Data collected during the checkout process on completion of an online purchase on the Puffy website. See section 2.2 above for further details. Unlimited (in line with our lifetime guarantee – so we can administer the guarantee properly)
    People who contact us with enquiries: Data provided by customers who make customer services or technical support enquires with Puffy. See section 2.3 for further details. 2 years.
    Survey data: Data collected from customers who take part in a survey or questionnaire issued by Puffy following a purchase, which may include information relating to health conditions. 12 months
  6. These are your rights

    6.1. You have rights in relation to your personal information as set out in Regulation 2018/679 (the General Data Protection Regulation). If you would like further information, please contact us via email at support@puffy.co.uk at any time. The following rights are applicable to you:

    • Right of access: You have a right of access to any personal information we hold about you. You can ask us for a copy of your personal information; confirmation of whether your personal information is being used by us; details about how and why it is being used; and details of what safeguards are in place if we transfer your information outside of the European Economic Area ("EEA").
    • Right to request updates: You have a right to ask for an update about any of your personal information which is out of date or incorrect.
    • Right to ask for deletion of personal information: You have a right to ask us to delete any personal information which we are holding about you in certain specific circumstances. You can ask us for further information on these specific circumstances by contacting us using the details in section 12. We will pass your request onto other recipients of your personal information unless that is impossible or involves disproportionate effort. You can ask us who the recipients are using the contact details in section 12.
    • Right to restrict usage: You have a right to ask us to restrict the way that we process your personal information in specific circumstances. You can ask us for further information on these specific circumstances by contacting us using the details in section 12. We will pass your request onto other recipients of your personal information unless that is impossible or involves disproportionate effort. You can ask us who the recipients are using the contract details in section 12.
    • Right to stop marketing: You have a request for us to stop using your personal information for direct-marketing purposes. If you exercise this right, we will stop using your personal information for this purpose.
    • Right to data portability: You have a right to ask us to provide your personal information to a third party provider of services. This right only applies where we use your personal information on the basis of your consent or performance of a contract; and where our use of your information is carried out by automated means.
    • Right to object: You have a right to ask us to consider any valid objections which you have to our use of your personal information where we process your personal information on the basis of our or another person or entity’s legitimate interest.

    6.2. We will consider all such requests and provide our response within a reasonable period (and in any event within one month of your request unless we tell you we are entitled to a longer period allowed by applicable law). Please note, however, that certain personal information may be exempt from such requests in certain circumstances, for example if we need to keep using the information to comply with our own legal obligations or to establish, exercise or defend legal claims.

    6.3. If an exception applies, we will tell you this when responding to your request. We may request you provide us with information necessary to confirm your identity before responding to any request you make.

  7. Marketing

    7.1. We may collect and use your personal information for marketing campaigns by email telephone, post, SMS, Facebook.

    7.2. We may send you certain marketing communications (including electronic marketing communications to existing customers) if it is in our legitimate interests to do so for marketing and business development purposes.

    7.3. However, we will always obtain your consent to direct marketing communications where we are required to do so by law and if we intend to disclose your personal information to any third party for such marketing.

    7.4. If you wish to stop receiving marketing communications, you can contact us by email at support@puffy.co.uk

  8. Transfers

    8.1. Your personal information may be used, stored and/or accessed by staff operating outside the EEA working for us, other members of our group, third party partners or suppliers. Further details on to whom your personal information may be disclosed are set out in section 4.

    8.2. If we provide any personal information about you to any such non-EEA members of our group or third parties, we will take appropriate measures to ensure that the recipient protects your personal information adequately in accordance with this privacy policy. These measures may include the following permitted in Articles 45 and 46 of the General Data Protection Regulation:

    (i) in the case of US based entities, entering into European Commission approved standard contractual arrangements with them, or ensuring they have signed up to the EU-US Privacy Shield (see further https://www.privacyshield.gov/welcome); or

    (ii) in the case of entities based in other countries outside the EEA, entering into European Commission approved standard contractual arrangements with them.

    8.3. Further details on the steps we take to protect your personal information, in these cases is available from us on request by contacting us by email at support@puffy.co.uk at any time.

  9. Risks and security

    9.1. The main risk of our processing of your personal information is if it is lost, stolen, accessed without authorisation or misused.

    9.2. For this reason, Puffy is committed to protecting your personal information from loss, theft, unauthorised access and misuse. We take all reasonable precautions to safeguard the confidentiality of your personal information, this includes processes within our organisation, as well as within our technical processes. Organisational measures include physical access controls to our premises, internal policies and staff training and ensuring confidentiality obligations are imposed on our employees and third parties. Technical measures include requiring passwords for access to our systems, and, where possible, multi-factor authentication, the use of encryption and anti-virus software and logically separating data.

    9.3. Our secure server software encrypts information, ensuring that online transactions stay private and protected. Puffy uses a security protocol called “SSL”.

    9.4. In the course of provision of your personal information to us, your personal information may be transferred over the internet. Although we make every effort to protect the personal information which you provide to us, the transmission of information over the internet is not completely secure. As such, you acknowledge and accept that we cannot guarantee the security of your personal information transmitted to our website and that any such transmission is at your own risk. Once we have received your personal information, we will use strict procedures and security features to prevent unauthorised access to it.

  10. Links to other websites

    Our website may contain hyperlinks to websites that are not operated by us. These hyperlinks are provided for your reference and convenience only and do not imply any endorsement of the activities of such third-party websites or any association with their operators. This privacy policy only applies to the personal information that we collect or which we receive from third party sources, and we cannot be responsible for personal information about you that is collected and stored by third parties. Third party websites have their own terms and conditions and privacy policies, and you should read these carefully before you submit any personal information to these websites. We do not endorse or otherwise accept any responsibility or liability for the content of such third party websites or third party terms and conditions or policies.

  11. Privacy Policy updates

    As our business changes or regulations are altered, we may update this policy. Any changes we make to our privacy policy will be posted on this page and, where appropriate, notified to you by post or email.

  12. Questions, feedback and complaints

    12.1. If you have any queries or complaints about our collection, use or storage of your personal information, or if you wish to exercise any of your rights in relation to your personal information, please contact support@puffy.co.uk. We will investigate the matter promptly and attempt to resolve any such complaint or dispute regarding the use or disclosure of your personal information.

    12.2. In accordance with Article 77 of the General Data Protection Regulation, you may also make a complaint to the Information Commissioner's Office, or the data protection regulator in the country where you usually live or work, or where an alleged infringement of the General Data Protection Regulation has taken place. Alternatively, you may seek a resolution through the courts if you feel your rights have been breached. The practices with regard to personal information described in this privacy policy statement are current as of 13/2/2020.

We use cookies to deliver the best shopping experience
Learn more
Accept