Cookies & Privacy
About this Policy
This privacy notice explains how we look after your personal data (in all situations where we collect your data) and sets out your privacy rights and also explains how the law and our approach to privacy and personal data protects you.
This privacy notice supplements any other privacy notices that we may provide to you at the point that we collect data from you and should be read in conjunction with those notices.
Our status and details
For the purpose of the GDPR we are the data controller and any enquiry regarding the collection or processing of your data should be addressed to our Privacy Manager using the contact details below:
Email address: firstname.lastname@example.org
Postal address: Unit 1 Oakington Business Park, Dry Drayton Road, Oakington, Cambridge CB24 3DQ.
By using the Website you consent to this policy. We are registered with the Information Commissioner’s Office for this purpose.
Information we collect
We will collect, process and store personal data only if it is directly provided to us by you. You may do this in your capacity as the user of this Website, by enquiring in relation to our goods or services, becoming a customer or supplier, or potential supplier.
Personal information covers any information which relates to you as an identifiable person. Below are examples of the type of data that this may include:
- Identity Data including forenames, last name, maiden name, date of birth, gender, marital status, and username or similar identifier.
- Contact Data may include invoicing; purchase order; home or work address, email address and telephone numbers, personal or job title and position.
- Financial Data may include bank account and payment card details.
- Transaction Data may include payments made for products and services you have purchased from us, or in relation to payments that we have made to you.
- Technical Data may include internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices used to access this Website.
- Profile and Usage Data may include enquiries submitted by you, purchases information, feedback and survey responses, and how you use our website, products and services.
We may also collect non-personal data such as Aggregated Data which is data that may be obtained from your personal data, but which does not directly or indirectly identify you.
How do we collect your personal data?
A range of different methods may be used to collect data which may include the following methods:
- Direct interactions with us in person, by post, phone, email or otherwise. You may give us your Identity, Contact and Financial Information.
- Automated technologies or interactions with our website, by using the web enquiry form. You may give us Identity, Contact and Financial Information.
- Third parties or publicly available sources This may include appointed Agents, such as an Architect, Estate Agent or Contractor).
It is important that the data that we hold about you is accurate and up to date. In the event that your data changes please notify us so that we can update our records.
Use of your information
We may hold and process personal data that you provide to us in accordance with the GDPR.
The information that we collect and store relating to you is primarily used:
- To enable us to provide our services to you, to communicate with you and to meet our contractual commitments to you. This may include Identity, Contact, Financial and Transactional data.
- To notify you about any changes to our business, such as improvements to our Website or service/product changes, that may affect our service or relationship with you.
- Where you have consented to receive such information, to provide information on other parties’ products or services that we feel may be of interest to you.
- Where we need to comply with a legal obligation. This may include Identity, Contact and Transactional data.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. This may include all types of data.
Disclosure of your information
There are a range of circumstances where we may disclose your data to third parties. These include:
- Regulatory/Statutory bodies. We may disclose your data to regulatory or statutory bodies to enable us to comply with the law and obtain relevant formal consents as appropriate.
- Our Suppliers. We may disclose your data to third parties that are involved in the fulfilment of our services to you. This may include Identity, Contact and Transactional data.
Controlling the use of your data
Where we rely on consent as the lawful basis for processing your data you can revoke or vary that consent at any time.
If you do not want us to use your data or want to vary the consent that you have provided you can write to us at the address detailed in clause 2 or email us at email@example.com at any time.
The transmission of information via the Internet or email is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of data while you are transmitting it to our site; any such transmission is at your own risk.
We have put in place security measures to prevent your data from accidental, loss or disclosure. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.
In the event of a data breach we will notify the ICO and you in the event that the breach results in any likelihood of loss or damage to you.
Data will be retained indefinitely on our system unless you specifically request the removal of the data.
We may also gather information about your general Internet use by using a cookie file. Where used, these cookies are downloaded to your computer automatically. This cookie file is stored on the hard drive of your computer, as cookies contain information that is transferred to your computer’s hard drive. They help us to improve our Website and the service that we provide to you.
All computers have the ability to decline cookies. This can be done by activating the setting on your browser which enables you to decline the cookies. Please note that should you choose to decline cookies, you may be unable to access particular parts of our Website.
The GDPR gives you a range of rights in relation to the personal data that we collect from. You have the right to:
- Access your personal data. This right is commonly known as the ‘data subject access request’ and enables you to receive a copy of the personal data we hold about you. You will not need to pay a fee to access your personal data unless we can justifiably demonstrate that the request is repetitive or excessive. We will respond to all legitimate data access requests within one month, but we may need to obtain further information from you in order to confirm your identity and the legitimacy of the request.
- Request update of the personal data. This enables you to have any incomplete or inaccurate data corrected.
- Erasure of your personal data. This enables you to ask us to delete personal data where there is no justifiable reason for us continuing to retain and process it. We may not always be able to delete the data such as if there is an ongoing contractual relationship between us or if we are legally required to retain the data.
- Object to processing of your personal data where we are relying on consent or our legitimate interests (or those of a third party) as the justification for processing the data.
- Restrict the processing of your personal data. This enables you to ask us to change the processing of your personal data. For example, you may wish to vary the basis on which we contact you.
- Withdraw consent. Where we are relying on consent to process your personal data you may withdraw that consent. If you withdraw your consent, we may not be able to provide certain services to you.
You can exercise these rights at any time by writing to us at the address detailed above, or by email to firstname.lastname@example.org.
Third party links
You might find links to third party websites on our website. If you click a link to a third-party website and visit that site, you may be allowing that site to collect and share certain data about you. These websites should have their own privacy policies, which you should check. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them.
If you wish to raise a complaint regarding our use of your personal data then you can contact the Information Commissioner’s Office (ICO), who are the UK supervisory authority for data protection issues. (www.ico.org.uk).
If you do wish to raise a complaint then we would welcome the opportunity to discuss your concerns before you contact the ICO to see if we can resolve the issue for you.
Changes to this policy
We may update these policies to reflect changes to the website and customer feedback. Please regularly review these policies to be informed of how we are protecting your personal data.
Version 1: May 2018