Privacy Policy 

Welcome to Two and a half birds Ltd and our website at www.tahb.co.uk. The protection of your personal data is particular important to us. Therefore, we would like to ask you to carefully read the following policy as well as our Cookie Policy. You can rely on transparent and fair data processing, and we strive to handle your data carefully and responsibly.

The following Privacy Policy is intended to inform you about how we use your personal data. In doing so, we adhere to the strict provisions of the UK`s Data Protection Act and the General Data Protection Regulation (GDPR).

You are not obliged to provide data. Failure to provide it will have no consequences other than we might not be able to provide our services to you.

"Personal data" means any information relating to an identified or identifiable natural person.

Who we are
We are Two and a half birds Ltd (“we”, “our”, “us”) of 128 City Road, London, England, EC1V 2NX.
We operate to the highest standards when protecting your personal information and respecting your privacy. If you have any questions about your personal information, or how we use it, you can contact us via email at  info@tahb.co.uk.
We are the data “controller”, which means we are responsible for deciding how and why your personal information is used. We’re also responsible for making sure it is kept safe, secure and handled legally.

Information in the context of the use of the website
In principle, it is possible to use the Two and a half birds’ website without providing personal data. When a page of our website is accessed and every time you access our website, usage data is transmitted to us or our web host (GoDaddy) by your Internet browser and stored in log data (so-called server log files).

The corresponding log file contains: Your IP address, the page from which the file was requested, the name of the file, the date and time of the request, the amount of data transferred, the access status (file transferred, file not found, etc.), a description of the type of operating system and web browser used. The stored data does not allow any conclusions to be drawn about your identity and is evaluated exclusively for statistical purposes.

The collection and processing of this data is carried out in order to enable the use of the website at all, on the basis of Art. 6 para. 1 p. 1 f) GDPR, whereby our legitimate interest is the provision of our website. Incidentally, we store this aforementioned data, including the IP addresses, only in anonymised form and use it only in this anonymised form to analyse the use of the offer and the further development and optimisation of our website in your interest, also on the basis of Art. 6 para. 1 p. 1 f) GDPR. Our legitimate interest is the ongoing improvement of our online offer in order to provide you with the greatest possible user comfort.

Use of cookies
In order to make visiting our website more attractive and to enable the use of certain functions, we use so-called cookies on various pages. These are small text files that are stored on your device. Some of the cookies we use are deleted at the end of the browser session, i.e., after you close your browser (so-called session cookies). Other cookies remain on your end device and enable us to recognise your browser on your next visit (persistent cookies). You can set your browser in such a way that you are informed about the setting of cookies and decide individually about their acceptance or exclude the acceptance of cookies for certain cases or in general. If you do not accept cookies, the functionality of our website may be limited. Fore more information on the Cookies we use please refer to our Cookie.

Policy, if you have any questions about cookies, please contact us using info@tahb.co.uk. The legal basis for the use of Cookies is depending on the specific cookies our legitimate interest on the basis of Art. 6 para. 1 p. 1 f) GDPR and in the case of analytical cookies your consent on the basis of Art. 6 para. 1 p. 1 a) GDPR.

Data collection and use for contract processing and when opening a customer account
We collect personal data when you voluntarily provide it to us in the context of your order, when contacting us (e.g., via contact form or e-mail) or when opening a customer account. Which data is collected can be seen from the respective input forms. We use the data you provide to process the contract and deal with your enquiries. After complete processing of the contract or deletion of your customer account, your data will be blocked for further use and deleted after expiry of the retention periods under tax and commercial law, unless you have expressly consented to further use of your data or we reserve the right to use data beyond this, which is permitted by law and about which we inform you below. The deletion of your customer account is possible at any time and can be done either by sending a message to the contact option described below or via a function provided for this purpose in the customer account. The legal basis for the processing is the performance of a pre-contractual and/or contractual measure interest on the basis of Art. 6 para. 1 p. 1 b) GDPR.

Data transfer for contract fulfilment
In order to fulfil the contract, we pass on your data to the shipping company commissioned with the delivery, insofar as this is necessary for the delivery of ordered goods. The legal basis for the processing is the performance of a pre-contractual and/or contractual measure interest on the basis of Art. 6 para. 1 p. 1 b) GDPR.

We pass on the payment data collected for this purpose to PayPal. The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal"). If you select payment via PayPal, the payment data you enter will be transmitted to PayPal.

The transmission of your data to PayPal is based on Art. 6 para. 1 lit. a GDPR (consent) and Art. 6 para. 1 lit. b GDPR (processing for the performance of a contract). You have the option to revoke your consent to data processing at any time. A revocation does not affect the validity of past data processing operations. For the purpose of its own identity and credit checks, PayPal or partner companies commissioned by PayPal transmit data to credit agencies and receive information from them as well as, if applicable, creditworthiness information based on mathematical-statistical procedures, the calculation of which includes, among other things, address data.

You can revoke your consent to PayPal at any time. However, PayPal may still be entitled to process, use and transfer your personal data if this is necessary for the contractual processing of payments or if it is legally required or ordered by a court or an authority.

Use of data when registering for the e-mail newsletter
If you register for our newsletter, we will use the data required for this purpose or separately provided by you to regularly send you our e-mail newsletter in accordance with your consent. You can unsubscribe from the newsletter at any time either by sending a message to the contact option described below or via a link provided for this purpose in the newsletter.

Use of data for postal advertising and your right to object
Furthermore, we reserve the right to store your first and last name, your postal address and - insofar as we have received this additional information from you within the framework of the contractual relationship and to use them for our own advertising purposes, e.g., to send you interesting offers and information about our products by post. You can object to the storage and use of your data for these purposes at any time by sending a message to the contact option described below.

Storage period and deletion
We store your personal data for as long as is necessary to fulfil the intended purpose (e.g., contract fulfilment, answering your enquiries) or for as long as legal retention periods make storage necessary. As long as legal storage obligations, such as tax and commercial law regulations, or other justified reasons within the meaning of Art. 17 (3) of the GDPR prevent the deletion of your personal data, we will restrict the processing of your data; your data will then be deleted in accordance with the legal regulations.

Data processing due to legal requirements / protection against misuse / rights of third parties
Two and a half birds are entitled to process your personal data insofar as this is necessary to fulfil legal obligations. For this purpose, Two and a half birds may transfer this data in particular to authorities, law enforcement agencies and courts. In this case, the transfer of your data is required by Art. 6 para. 1 p. 1 c) GDPR for compliance with a legal obligation to which we are subject. Two and a half birds are further entitled to process personal data if and to the extent necessary to detect or prevent misuse of this website or to enforce claims of Two and a half birds, its employees, or users, whereby the data processing in these cases is necessary to protect these aforementioned legitimate interests of Two and a half birds pursuant to Art. 6 para. 1 p. 1 f) GDPR. Insofar as the disclosure of health data is necessary for the assertion of claims or the defence against claims, the related data processing is based on Art. 9 (2) f) GDPR.
Your personal data will not be transferred to countries outside the UK and the EEA, with the exception of the transfer of information generated by the cookie.

Automated decision-making
Automated decision-making including profiling pursuant to Art. 22 (1) and (4) GDPR does not take place on the part of Two and a half birds.

Security of data processing
We take appropriate technical and organisational measures in accordance with the GDPR, taking into account the state of the art, the costs of implementation and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk; the measures include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access to, entry into, disclosure of, assurance of availability of, and separation of, the data relating to them. We also have procedures in place to ensure the exercise of data subjects' rights, deletion of data and response to data compromise. Furthermore, we already take the protection of personal data into account during the development or selection of hardware and software as well as procedures in accordance with the principle of data protection through technology design and through data protection-friendly default settings.

Security measures include in particular the encrypted transmission of data between your browser and our servers or the encryption of your passwords in the database.

Your rights as a data subject
You have the right to free information about the data stored about you at any time. In addition, you have the right to correct incorrect data, if necessary to delete your personal data and to restrict data processing.

If the basis for the data processing is Art. 6 para. 1 p. 1 f) GDPR (safeguarding legitimate interests), you have the right to object to the processing of your personal data at any time in accordance with Art. 21 GDPR, provided that there are grounds for doing so which arise from your particular situation, or if the objection is directed against data processing for direct marketing purposes. In the latter case, you have a general right of objection, which will be implemented by us without giving reasons arising from your particular situation (Art. 21 (2) GDPR). If you object on grounds arising from your particular situation, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims (Art. 21 (1) GDPR).

Insofar as you provide us with personal data and we process this data on the basis of your consent, you may freely revoke the corresponding consent at any time with effect for the future.

If you provide us with data relating to you and we process this data on the basis of your consent or for the performance of a contract, you may also demand that we provide you with this data in a structured, common and machine-readable format or that we transfer this data to another controller, insofar as this is technically possible (so-called right to data portability).

In addition, you have the right to lodge a complaint with a supervisory authority if you are of the opinion that the data processing by us violates legal regulations.

In order to assert your rights listed here, as well as for further questions on the subject of processing of your personal data, you can contact us at any time using the contact details provided above.

When you send a data subject access request
The legal basis for the processing of your personal data in the context of handling your data subject access request is our legal obligation and the legal basis for the subsequent documentation of t data subject access request is both our legitimate interest and our legal obligation.
The purpose of processing your personal data in the context of processing data when you send a data subject access request is to respond to your request. The subsequent documentation of the data subject access request serves to fulfil the legally required accountability.

Your personal data will be deleted as soon as they are no longer required to achieve the purpose for which they were collected. In the case of the processing of a data subject access request, this is three years after the end of the respective process.

You have the possibility at any time to object to the processing of your personal data in the context of the processing of a data subject access request for the future. In this case, however, we will not be able to further process your request. The documentation of the legally compliant processing of the respective data subject access request is mandatory. Consequently, there is no possibility for you to object.

Legal defence and enforcement of our rights
The legal basis for the processing of your personal data in the context of legal defence and enforcement of our rights is our legitimate interest.
The purpose of processing your personal data in the context of legal defence and enforcement of our rights is the defence against unjustified claims and the legal enforcement and assertion of claims and rights. Your personal data will be deleted as soon as they are no longer necessary to achieve the purpose for which they were collected.
The processing of your personal data in the context of legal defence and enforcement is mandatory for legal defence and enforcement of our rights. Consequently, there is no possibility for you to object.

SSL encryption
To protect the security of your data during transmission, we use state-of-the-art encryption procedures (e.g., SSL) via HTTPS.

Social Media
The data you enter on our social media pages, such as comments, videos, pictures, likes, public messages, etc. are published by the social media platform and are not used or processed by us for any other purpose at any time. We only reserve the right to delete content if this should be necessary. Where applicable, we share your content on our site if this is a function of the social media platform and communicate with you via the social media platform. The legal basis is our legitimate interest. The data processing is carried out in the interest of our public relations and communication.

If you wish to object to certain data processing over which we have an influence, please contact us. We will then examine your objection. If you send us a request on the social media platform, we may also refer you to other secure communication channels that guarantee confidentiality, depending on the response required. You always have the option of sending us confidential enquiries to our address stated in the imprint.

As already stated, where the social media platform provider gives us the opportunity, we take care to design our social media pages to be as data protection compliant as possible. With regard to statistics that the provider of the social media platform makes available to us, we can only influence these to a limited extent and cannot switch them off. However, we make sure that no additional optional statistics are made available to us.

Data processing by the operator of the social media platform
The operator of the social media platform uses web tracking methods. The web tracking can also take place regardless of whether you are logged in or registered with the social media platform. As already explained, we can unfortunately hardly influence the web tracking methods of the social media platform. We cannot, for example, switch this off.
Please be aware: It cannot be ruled out that the provider of the social media platform uses your profile and behavioural data, for example to evaluate your habits, personal relationships, preferences, etc. We have no influence on this. In this respect, we have no influence on the processing of your data by the provider of the social media platform.

Economic analyses and market research
For business reasons and in order to be able to recognise market trends, wishes of contractual partners and users, we analyse the data we have on business transactions, contracts, enquiries, etc., whereby the group of persons concerned may include contractual partners, interested parties and users of our online offer.

The analyses are carried out for the purpose of business evaluations, marketing, and market research (e.g., to determine customer groups with different characteristics). In doing so, we may, if available, take into account the profiles of registered users together with their details, e.g., regarding services used. The analyses serve us alone and are not disclosed externally, unless they are anonymous analyses with summarised, i.e., anonymised values. Furthermore, we take the privacy of users into consideration and process the data for analysis purposes as pseudonymously as possible and, if feasible, anonymously (e.g., as summarised data).

This website uses the "Google Analytics" service, which is provided by Google Inc. (1600 Amphitheatre Parkway Mountain View, CA 94043, USA) to analyse the use of the website by users. The service uses "cookies" - text files that are stored on your terminal device. The information collected by the cookies is usually sent to a Google server in the USA and stored there.

IP anonymisation is used on this website. The IP address of the user is shortened within the member states of the EU and the European Economic Area. This shortening eliminates the personal reference of your IP address. Under the terms of the data sharing agreement between the website operators and Google Inc., Google Inc. uses the information collected to evaluate website usage and activity and to provide services relating to internet usage.

You have the option of preventing the cookie from being stored on your device by making the appropriate settings in your browser. It is not guaranteed that you will be able to access all functions of this website without restrictions if your browser does not allow cookies.
Furthermore, you can use a browser plug-in to prevent the information collected by cookies (including your IP address) from being sent to and used by Google Inc. The following link will take you to the corresponding plugin: https://tools.google.com/dlpage/gaoptout?hl=en.

Links to external websites
If web sites of external providers are linked, this privacy policy does not apply to their contents. The data collected by external sites is beyond our responsibility and knowledge and is regulated by the data protection declarations of the respective sites.

Right to information and contact
You have the right to free information about your personal data stored by us and, if applicable, the right to correct, block or delete this data. If you have any questions about the collection, processing or use of your personal data, or if you wish to request information, correction, blocking or deletion of data, as well as revocation of consent given or objection to a particular use of data, please contact us directly using info@tahb.co.uk.

Changes and updates to the privacy policy
We kindly ask you to regularly inform yourself about the content of our privacy policy. We will amend the privacy policy as soon as changes to the data processing activities we carry out make this necessary. We will inform you as soon as the changes require an act of cooperation on your part (e.g., consent) or other individual notification.

Queries and Complaints
Any comments or queries on this policy should be directed to us. If you believe that we have not complied with this policy or acted otherwise than in accordance with data protection law, then you should notify us. This version of our Privacy Policy is effective as of 28/02/2022.