Our Commitment To Privacy
Your privacy is important to us. To better protect your privacy we provide this notice explaining our online information practices and the choices you can make about the way your information is collected and used. To make this notice easy to find, we make it available on our homepage and at every point where personally identifiable information may be requested.
This policy primarily covers how we use information relating to our customers, prospects, website visitors and people who interact with or do business with us (such as our suppliers). In these cases, we will be the “data controller” for the purposes of data protection law.
It is important that you read this policy, together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.
Data Protection Principles
There are six overarching principles of the GDPR which we will ensure compliance with when processing your personal data:
• Using the data lawfully, fairly and in a transparent way.
• Collecting the data only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
• The data is relevant to the purposes we have told you about and limited only to those purposes.
• The data is accurate and kept up to date.
• The data is kept only as long as necessary for the purposes we have told you about.
• The data is kept securely.
What data is collected?
If you purchase services from us, communicate with us, or do business with us, this will result in us collecting personal data about you. We will collect, store, and use the following types of personal information about you:
• Contact details such as the name, address, email, fax and telephone number of business contacts.
• Bank and transaction details such as details about payments to and from you and other details of products and services you have purchased from us.
• Information about our service to you.
• Purchases or orders made by you, your preferences and any feedback you give us.
• Information about how you use our website, products and services.
• CCTV footage in the event you appear on CCTV installed at our premises.
We do not normally collect “special categories” of sensitive personal data from our customers, suppliers or users of our website. In the event you provide us with any special category data, we will take extra care to ensure your rights are protected.
How we will use information about you
We will use the personal information we collect about you to:
• To register you as a customer.
• To perform our contract or service to you.
• To manage our relationship with you, including notifying your about changes to our contract or services or asking you to provide us with feedback.
• To administer and protect the business and this website.
• To make suggestions or recommendations to you about similar goods or services that may be of interest to you.
Why do we need this information?
We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:
• Where we need to perform the contract we have entered into with you.
• Where we need to comply with a legal obligation.
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
Generally, we do not rely on consent as a legal basis for processing your personal information other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to such marketing at any time.
If you fail to provide personal information
If you fail to provide certain information when requested either by law, or under the terms of a contract we have with you and you fail to provide that information when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a service you have with us but we will notify you if this is the case at the time.
You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making.
Where it is legally required or necessary in accordance with data protection law, we may share information with:
• Our regulator;
• Financial organisations;
• Our auditors;
• Survey and research organisations;
• Professional advisers and consultants;
• Police forces, courts, tribunals;
• Professional bodies;
• Shipping agents.
We may be required to share your information with “Third parties”. This includes third-party service providers (including contractors and designated agents). The following activities are carried out by third-party service providers: Email Exchange, Cloud Back-up Services, Public Relations.
We may share your personal information with other third parties, for example in the context of the possible sale or restructuring of the business. We may also need to share your personal information with a regulator or the police or to otherwise comply with the law.
All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need-to-know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and the Information Commissioner’s Office of a suspected breach where we are legally required to do so.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Details of retention periods for different aspects of your personal information are available in our retention policy which is available. If you require details of our Data Retention Policy you can contact us.
After this period, we will securely destroy your personal information in accordance with our data retention policy.
What are your rights?
As the data subject, you have specific rights to the processing of your data.
Under the GDPR, you have the right to find out if we hold any personal information about you by making a “subject access request” under data protection law. If we do hold information about you, we will:
• Give you a description of it;
• Tell you why we are holding it;
• Tell you who it has been disclosed to; and
• Let you have a copy of the information in an intelligible form.
To make a request for your personal information, please contact us in writing.
Individuals also have certain rights regarding how their data is used and kept safe including the right to:
• Object to processing of personal data that is likely to cause, or is causing, damage or distress;
• Prevent processing for the purpose of direct marketing;
• Object to decisions being taken by automated means;
• In certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed;
• The right for your personal information to be transmitted electronically to another organisation in certain circumstances;
• Where the processing of your data is based on your explicit consent, you have the right to withdraw this consent at any time. This will not affect any personal data that has been processed prior to withdrawing consent; and
• Claim compensation for damages caused by a breach of the Data Protection regulations
If you have a concern about the way we are collecting or using your personal data, we would ask that you raise your concern with us in the first instance by contacting us: firstname.lastname@example.org
Alternatively you can make a complaint to the Information Commissioner’s Office at https://ico.org.uk/concerns/ or write to Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
Changes to this Privacy Notice
We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates
How To Contact Us
Should you have other questions or concerns about these privacy policies, please contact us: email@example.com