We have created this Privacy Policy to illustrate our strong commitment to privacy, compliance with the GDPR (General Data Protection Regulation) and to show you the policies and practices that we have implemented to protect your personal data.
By visiting our website, you are accepting and consenting to the practices described in this policy.
Personal Data We May Collect From You
Data you provide us with
You may give us personal data about yourself when you correspond with us by
phone, email, social media or post. The personal data you give us may include
your name, address, e-mail address and phone number, financial and credit card
information.
Why Do We Collect This Personal Data For You
For contractual reasons – to carry out our obligations arising from any contracts entered into between ourselves and you and to provide you with the information, products and services that you request from us.
For consensual reasons – we only keep your personal data if, after sending you this Privacy Policy, you have agreed to us keeping and using your personal data. On the majority of occasions, we will have kept your personal data to provide you with other useful information about other goods and services we offer that are similar to those that you have already purchased or enquired about.
To notify you about changes to our service – our services and practices may change over the course of us having your personal data. If you have consented, we will use your email address to inform you of any changes we believe will affect you or the service you receive from us.
How We Collect Your Personal Data
We do not purchase data from third parties such as databases of email addresses and phone numbers for the purposes of marketing.
We receive personal data from the information you provide us via correspondence via the phone, email, social media or post with our staff.
How Long We Keep Your Personal Data For
To comply with the GDPR Data Protection Principle 5, we do not keep personal data for longer than is necessary for the purpose we obtained it for. In practice this means:
- If you apply for a job at our business but your application is unsuccessful we will permanently delete your personal data from all our systems and devices after 6 months.
- If you are an employee of our business who then leaves the employment of our business, we permanently delete the details of your next of kin from all our systems and devices immediately upon your contract of employment with us ending.
- You are welcome to make a request for us to delete your personal data at any time (see the section titled ‘Your Rights’ below).
How We Keep Your Personal Data Safe
Unfortunately, the transmission of information via the internet is not completely secure. However, we take the following steps to ensure the tightest security:
- All information you provide to us is stored on our secure servers.
- Only the necessary personnel have access to your personal data, to minimise risk.
- Our premises which house our PCs, hard drives and USBs, which can be used to access your Personal Data, are locked overnight and kept secure with appropriate security alarms and measures.
Sharing Your Personal Information
We will only supply your personal data with our sub-contractors, business partners or suppliers if it is outlined in the written contract we have with you, necessary for us to fulfil our contractual obligations to you and if we have your explicit consent.
We may disclose your personal data to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation or in the event that we sell or buy any business or assets, in which case we may have to disclose your personal data to the prospective seller or buyer of such business or assets.
Your Rights
Under the GDPR you have the right to:
- be informed about the collection and use of your personal data.
- have access to personal data about you.
- have data about you deleted.
- have information about you corrected.
- object or restrict the Processing of data about you.
- data portability to allow you obtain and reuse your personal data for your own purposes, across different services. This allows you to move, copy or transfer personal data easily from one IT environment to another in a safe and secure way, without affecting its usability. This enables you to take advantage of applications and services that can use this data to find a better deal for you.
- Rights related to automated individual decision making (making a decision solely by automated means without any human involvement) and profiling (automated processing of personal data to evaluate certain things about you). You can request human intervention or challenge the decisions of automated decision making and profiling.
Erasing the Personal Data We Have About You
We will erase any personal data we have about you when you withdraw your consent to us having that data (which you can do at any time), where having the data is no longer necessary and where we can find no legitimate interest for Processing the data any longer.
Reserving the rights granted to us under the GDPR and demonstrating our compliance, we will only refuse to erase your data if:
- we need your personal data in order to comply with union Member State legal obligations.
- we require your personal data for the establishment, exercise or defence of legal claims.
- your personal data is necessary for us to perform a public interest task or exercise official authority.
- we need your personal data for public health reasons.
- we require your personal data for archival, research or statistical purposes.
- your personal data is necessary for us to exercise our right to freedom of expression or information.
In the majority of cases, we will be able to delete the personal data we hold about you if you request us to do so. Where we cannot we will always provide you with justification in writing as to why we cannot comply with your request.