We are registered with the ICO under the Data Protection Register, our registration number is: Z3518458.
Policy key definitions:
- “I”, “our”, “us”, or “we” refer to the business, [Business name & other trading names].
- “you”, “the user” refer to the person(s) using this website.
- GDPR means General Data Protection Act.
- PECR means Privacy & Electronic Communications Regulation.
- ICO means Information Commissioner’s Office.
- Cookies mean small files stored on a user’s computer or device.
Why we collect and process your information
Without collecting and using the information you provide to us or we obtain about you, it would not be possible for us to provide you with our products and/or services. We use information held about you in the following ways:
Information you give to us
We will use this information:
- To carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us.
- To provide you with information about new products or services we offer that are similar to those that you have already purchased or enquired about.
- To contact you from time to time for market research purposes. We may contact you by email, phone or mail.
Information we collect about you
We will use this information:
- To administer our products and services and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
- To improve our products and services to ensure that content is presented in the most effective manner for you.
- As part of our efforts to keep our products and services safe and secure.
- To measure or understand the effectiveness of marketing and product information we serve to you and others, and to help deliver the most relevant information to you.
Legal compliance reasons for collecting and using your personal information
We must have lawful bases to collect and use your personal information, the below sets these out:
Needed for your contract
Personal information about you is held and used to:
- Provide you with information about the product or service.
- Receive payment.
- Provide customer care and service.
- Required by law: we use your personal information to comply with any law and regulations where we are required to do so.
Our legitimate interest
We use your personal information for our legitimate interests as shown below. We have taken account of any privacy risks and ensured that your data protection rights are not affected. We believe these uses benefit our customers. You can contact us if you have any questions.
- With your consent
For certain of our uses, we rely on your consent to collect and use your personal information. You are given the choice to provide consent or not. When we collect your consent, we explain what we need it for and how you can change your mind in the future.
Information we may collect from you
We may collect and process the following data about you:
Information you give us (“Submitted Information”)
You may give us information about yourself by filling in forms on our website or by corresponding with us (for example, by email). The information you give us may include your name, address, email address and phone number, financial information, your location, etc.
If, as determined by us, the lawful basis upon which we process your personal information changes, we will notify you about the change and any new lawful basis to be used if required. We shall stop processing your personal information if the lawful basis used is no longer relevant.
Your individual rights
Under the GDPR your rights are as follows:
- the right to be informed
- the right of access
- the right to rectification
- the right to erasure
- the right to restrict processing
- the right to data portability
- the right to object
- the right not to be subject to automated decision-making including profiling.
You also have the right to complain to the ICO [www.ico.org.uk] if you feel there is a problem with the way we are handling your data.
We handle subject access requests in accordance with the GDPR.
Some cookies are required to enjoy and use the full functionality of this website.
Data security and protection
We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.
Email marketing messages & subscription
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, IP addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences, you can also unsubscribe from all lists, by following the link provided.
Data Retention Periods
It is our aim to only hold your data for as long as this is necessary. While you continue as a customer with us we will retain your data as detailed above in this statement. The retention period will be 24 months from the date of termination of our terms of service. This retention period allows for the data to be reused where necessary. However, you can request that your Data is deleted at any time within this period. We will respond to your request and complete the full deletion within 30 days.
Specific legal periods are in place for payments details, tax and invoicing data, and this would be retained in accordance with the law (currently six years).
Access to information
The Data Protection Act gives you the right to access information held about you. Your right of access can be exercised in accordance with that Act. Any access request may be subject to a fee of £10 to meet our costs in providing you with details of the information we hold about you.
You can also request that we make any corrections, updates, or deletions to that data.