Privacy Policy

Who we are

We are TWOSAB LTD, A Marine and Industrial Selling business based and operating in the UK.

Payment

If you choose a direct payment gateway to complete a purchase or pay an invoice, Stripe stores your credit or debit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). Your purchase transaction data is stored only as long as is necessary to complete your purchase transaction. After that is complete, your purchase transaction information is deleted.

All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover.

PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
 
Data breaches
In the rare occurrence of a data breach, which would significantly harm individuals, we will be report it within 72 hours to the ICO. We will also notify any customers affected.

Third Party Services

In general, the third-party providers used by us will only collect, use and process your information to the extent necessary to allow them to perform the services they provide to us.

However, certain third-party service providers, such as Marketplaces (Amazon and Ebay), payment gateways, email marketing systems, other payment transaction processors (PayPal), RoyalMail and Parcel delivery companies have their own privacy policies in respect to the information we are required to provide to them for your purchase-related transactions.

For these providers, we recommend that you read their privacy policies so you can understand the manner in which your personal information will be handled by these providers.

In particular, remember that certain providers may be located in or have facilities that are located in a different jurisdiction than either you or us. So if you elect to proceed with a transaction that involves the services of a third-party service provider, then your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

Once you leave our website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy.

Links
When you click on links on our website, they may direct you away from our site. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

This site uses only anonymous cookies, meaning that our cookies are not collecting any information which would be enable you to be to identified personally.

Cookies are small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. As a rule, cookies will make your browsing experience better.

However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the Help section of your browser or taking a look at the About Cookies website which offers guidance for all modern browsers.

These are the cookies we use:

Ecommerce Cookies
Here is a list of cookies that we use for our online store. We’ve listed them here so you can choose if you want to opt-out of cookies or not.

To keep track of cart data, our ecommerce platform makes use of 3 cookies:

  • _cart_hash so we know if you’ve added an item to your cart.
  • _items_in_cart so we know how many items you have added to your cart.
  • _session_ if you return to our site, we’ll be able to provide your current cart contents.

The first two cookies contain information about the cart as a whole and helps us know when the cart data changes. The final cookie (_session_) contains a unique code for each customer so that it knows where to find the cart data in the database for each customer. No personal information is stored within these cookies.

Google Analytics Cookies
We use Google Analytics on our website to improve customer experience and make future improvements on our website. They are as follows:
  • collect Used to send data to Google Analytics about the visitor’s device and behaviour. Tracks the visitor across devices and marketing channels.
  • NID Registers a unique ID that identifies a returning user’s device. The ID is used for targeted ads.
  • _ga 2 years Used to distinguish users.
  • _gid 24 hours Used to distinguish users.
  • _gat 1 minute Used to throttle request rate.
  • AMP_TOKEN 30 seconds to 1 year Contains a token that can be used to retrieve a Client ID from AMP Client ID service. Other possible values indicate opt-out, inflight request or an error retrieving a Client ID from AMP Client ID service.
  • _gac_ 90 days Contains campaign related information for the user.
The ga.js JavaScript library present on our website and uses first-party cookies to:
  • Determine which domain to measure
  • Distinguish unique users
  • Throttle the request rate
  • Remember the number and time of previous visits
  • Remember traffic source information
  • Determine the start and end of a session
  • Remember the value of visitor-level custom variables
Specific ga.js cookies are as follows:
  • __utma 2 years from set/update Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.
  • __utmt 10 minutes Used to throttle request rate.
  • __utmb 30 mins from set/update Used to determine new sessions/visits. The cookie is created when the javascript library executes and no existing __utmb cookies exists. The cookie is updated every time data is sent to Google Analytics.
  • __utmc End of browser session Not used in ga.js. Set for interoperability with urchin.js. Historically, this cookie operated in conjunction with the __utmb cookie to determine whether the user was in a new session/visit.
  • __utmz 6 months from set/update Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics.
  • __utmv 2 years from set/update Used to store visitor-level custom variable data. This cookie is created when a developer uses the _setCustomVar method with a visitor level custom variable. This cookie was also used for the deprecated _setVar method. The cookie is updated every time data is sent to Google Analytics.
Wordfence Cookies
  • wfvt_# Remembers the user’s submitted data when a comment is submitted in a blog post. The purpose is to auto-populate form fields for subsequent comments, in order to save time for the user.
Cloudflare Cookies
  • __cfduid Used by the content network, Cloudflare, to identify trusted web traffic.
  • __cfduid Used by the content network, Cloudflare, to identify trusted web traffic.
  • expanded Used by the content network, Cloudflare, to optimise website performance.
  • superMinimize Used by the content network, Cloudflare, to optimise website performance.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.

What rights you have over your data

If you have an account on this site or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.

Where your data is sent

Visitor comments may be checked through an automated spam detection service.