Koh is required to process your personal data in accordance with the law. The Data Protection Act 1998 (DPA) implements the EU Data Protection Directive 1995 (EU Directive 95/46/EC). From 25 May 2018, the General Data Protection Regulation 2016 (EU Regulation 2016/679) came into force; it replaces the DPA.

This privacy policy complies with the DPA, and has been updated to comply with the General Data Protection Regulation 2016 (the “GDPR”).

A data controller is a person or persons who determine the purposes and means by which personal data is processed. In other words, at Koh, we are a data controller and we require information about you in order to do business.

Information that you give to us, this is the personal data that you provide to us, for example by filling in forms on our website https://uk.koh.com or by corresponding with us by phone, e-mail, post, social media or otherwise.

This personal data would relate to the purchase of goods from Koh.

To find out more about the purposes for which we intend to use this personal data and how long we keep that data, please view our FAQs

We will notify you when we receive information about you from third parties. To find out more about the personal data that we collect from third parties, the purposes for which we intend to use this, and how long we keep that data, please view our FAQs

In line with our information security standards, we monitor website behaviour through Google Analytics. We collect information about how each visitor uses our site. This is then used to compile reports and to help us improve our site.

Koh wants to provide you with the best possible service. We are always looking for ways to improve. This includes improving our website so that it provides the information that you need on a regularly updated basis and in an easily accessible way.

Cookies on the Koh website 

Like most websites, our website uses cookies to distinguish you from other users. These are small text files stored in your web browser which can identify you (or your device) when visiting our website. This helps us to check on the effectiveness of your experience and devise ways to improve our website to improve its content, search functions and make it more user friendly.

Information that we may collect from your visit includes your device’s Internet protocol (IP) address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), services you viewed or searched for, page response times and length of visits to certain pages.

For more information on our use of cookies, view our cookie policy.

• to help us deliver your goods
• to manage your purchases
• to manage any refunds
• to provide you with updates and alerts, such as the estimated time for the
• delivery of your orders
• to monitor our work and maintain our records
• to administer and improve our website and other communications with you
• to enable compliance with statutory and legal obligations
• to detect and prevent fraud
• to respond to any complaint that you might make
• to answer general enquiries that you may make

Koh will not process your personal data:

• to conduct market research (unless required by a regulatory body or where we have your permission or are permitted to do so by law) or for marketing purposes
• to pass it to a third party for that party’s or any other party’s purposes
• to sell it to a third party

When does Koh disclose personal data?

It may be necessary for Koh to share your personal data with others, including:

• other entities in the Koh group of companies
• our third party business partners, suppliers, analytics providers that assist us
• with improvement of our website
• credit reference agencies and other companies and organisations for the
• purpose of fraud prevention and credit risk reduction,
• government agencies and independent regulatory bodies

and as might be required by law, including compliance with any court order or legal obligation.

In the event that Koh (or substantially all of its assets) were to be acquired by or merged with a third party, the personal data held by us about our customers would be included amongst the assets transferred or shared. If we were to sell or buy any business or assets, we may disclose personal data held by us to the prospective seller or buyer under strict confidentiality terms.

When entering into any agreements that involve the sharing or disclosure of personal data, Koh requires that these third parties comply with our data protection and information security policies or have substantially similar policies of their own in place.

Koh has put in place appropriate technical and organisational measures to prevent accidental loss, damage or destruction of your personal data and to protect your personal data against unauthorised or unlawful use or theft. We put in place strict confidentiality agreements including data protection obligations with our third party service providers and data processors.

Your personal data may be transferred outside the European Economic Area (EEA) where processing activities such as technical support, storage and backup may be provided. When this data is sent outside the EEA, we shall ensure its secure transfer and that appropriate safeguards are in place for the processing of your personal data in accordance with this policy and the requirements set out in the GDPR.

The GDPR provides you with a number of rights in relation to your personal data. These include rights to the rectification or erasure of your personal data, and to restrict or object to its processing.

If you find that any of the personal data that we hold about you is inaccurate,

Should you wish to have some or all of your personal data erased, we will endeavour to do so although there may be instances where legitimate interests or the performance of our statutory obligations prevent us from doing so. The erasure of your personal data could result in an inability to provide you with some or all of our services.

If you wish to object to or restrict how your personal data is processed by us, you can do so by writing to us. Please see our contact details below. Please be aware that such requests could result in an inability to provide you with some or all of our services.

You also have the right to data portability and to make a data subject access request.

You may request that Koh provide the personal data that we hold about you to another data controller in a structured, commonly used and machine-readable format.

You may request to be told whether or not personal data about you is being processed by Koh. If your personal data is being processed, you are entitled to receive a response from us that provides you with a description of that personal data, the purpose for which it is processed, the recipients or category of recipients to whom that data is disclosed (including any recipients located outside the EEA), the source of the personal data and information about its retention and storage. A copy of the personal data that is undergoing processing shall be provided to you.

To make such requests, it is advisable to do so in writing and to address this communication to our Data Protection Officer, Koh Europe Ltd, St Ann's Wharf, 112 Quayside, Newcastle upon Tyne, NE1 3DX, England. You can also email careuk@koh.com

If in the future we make any changes to our privacy policy, the latest version of our privacy policy will be posted on our website.

Cookies are small text files that are placed on your computer by websites that you visit. They are used widely to make websites work or work more efficiently, as well as to provide information to us.

The table below explains the cookies we use and why.