We are committed to protecting your privacy. We will only use the information that we collect about you lawfully and in accordance with the Data Protection Act 1998 and the GDPR requirements applicable from May 25th 2018.
Our registration and order process is held on a secure server using a verified SSL system for the transfer of data. If you have any concerns about the site security, please contact us.
- What information we process about you
- When we collect information about you
- Why we need to collect and process your data
- How we use your personal data
- Who we share your data with
- How we store and protect your information
- How you can request access or corrections to your personal data
- How you can request withdrawal of your personal data
1. What information we process about you
We collect, store and process your full name, email address, direct telephone numbers, postal/billing address, job title and place of work.
You can choose to accept of decline cookies. Most web browsers accept cookies, but you can modify your browser settings to decline them if you prefer. This may prevent you from taking full advantage of our website.
2. When we collect information about you
- When you submit a message to us using our website’s contact form
- When you sign up to receive our newsletters on our website
- When you engage with us through social media platforms
- When you choose to provide feedback, or complete a survey we may send you
- When you enter prize draws or competitions
- When you provide us with a business card with your details on
- When you enter into a contract with us in order for us to provide you with a service
- When you email or telephone us directly and openly share your information
- Occasionally we will source data from trusted GDPR compliant suppliers
3. Why we need to collect and process your data
There are a number of different lawful bases on which we rely on for collecting and processing personal data. These are as follows:
This means that we have received clear consent from you to process your personal data for a specific purpose. An example of this would be if you were to tick a box confirming that you would like to receive email newsletters. Your consent will be ‘granular’, which means you will be able to give separate consent for separate things (e.g. receiving emails, telephone calls, direct mail).
The consent lawful basis applies to our data collection through our website’s contact form, our newsletter signup form, and any competitions or surveys we organise.
If you are, or if you become, a customer of ours, we are contractually obliged to hold your personal data on record. This will allow us to communicate with you via email or telephone, in order to carry out the service you have requested from us.
Similarly, if you have requested a quotation from us to carry out a service, we are contractually required to process your data to deliver on our agreement.
We may need to collect and process your data, if we are required by law to do so. This can include passing on details of people involved in criminal or fraudulent activity.
Your data may be processed under the legitimate interests’ basis, in ways you would reasonably expect from us. This would have minimal privacy impact and would not affect your individual rights or freedom.
Examples include using information about your previous purchases from us to build a picture of your current situation and potential need for our services.
We will also use your email address and telephone number to contact you directly with marketing messages and educator pieces which we feel would be relevant and beneficial to you.
Legitimate interests covers our data sourcing from external GDPR compliant suppliers, inbound enquiries, being handed a business card, and social media engagement.
4. How we use your personal data
- To process any orders or services that we are contractually obliged to.
- To respond to any requests for quotations or information.
- To respond to enquiries, queries or complaints, of which we would keep a record of any notes taken during these communications.
- To send you promotional offers and information about our services that are likely to interest you.
- To process payments and invoices through our accounting software, we may be required to process your name, email address and billing address.
- Your details may be passed onto a third-party supplier, only for us to deliver a certain service that we are sub-contracting, such as Mailchimp. On these occasions, we will notify you of the third party that is involved and gain explicit consent before doing so.
5. Who we share your data with
Where necessary, your details may need to be shared with one of our third-party suppliers who provide us with an outsourced service.
Where possible, we aim to keep the relationship between our clients and suppliers anonymous, however for services such as delivery of an item we may need to pass on name and address details of an individual.
On these occasions, we will notify you of the third party that is involved and gain explicit consent before doing do.
Our suppliers may only use your data for the intended purpose and we work closely with them to ensure that your data is protected.
6. How we store and protect your information
We apply careful consideration to how we store and protect data.
Your data is stored in a secure database, in which we log your details, purchasing activity and notes from when any communication occurs with you. Our system is encrypted and password protected with a restricted number of users.
Our electronic communication systems such as emails and social media channels are password protected with a limited number of administrators.
We monitor our systems regularly and carry out updates and maintenance where required, in order to strengthen the security of our storage and processes.
When we collect your personal data, we will keep it for as long as we feel is necessary for the purpose for which it was collected. This can be up to 10 years unless you request to opt out of our communications. It also includes our direct marketing activity that is covered by our ‘legitimate interests’ basis.
7. How you can request access or corrections to your personal data
You have the right to request a copy of the personal data that we hold about you, and to correct it if it is incorrect or incomplete. This will be free of charge.
If you would like to access the information we hold about you, please contact us at firstname.lastname@example.org or write to us at Unit 3, Prime Enterprise Park, Prime Parkway, Derby DE1 3QB.
8. How you can request withdrawal of your personal data
There are a number of ways in which you can opt out of communications from us.
- When receiving any marketing communications from us via email, click on the ‘unsubscribe’ link. This will automatically stop further emails from being sent to you.
- Email us at email@example.com
- Write to us at Unit 3, Prime Enterprise Park, Prime Parkway, Derby DE1 3QB.
- If you unsubscribe from any of our lists, your data will be securely deleted from any location where we hold that data.