The EU General Data Protection Regulation (GDPR) 2016/679 is the most significant piece of European privacy legislation to be introduced in the last twenty years. It replaces and supersedes the 1995 EU Data Protection Directive (European Directive 95/46/EC), strengthening the rights that EU individuals have over their data, and harmonises data protection law across Europe. We have implemented the necessary systems, processes and resources to ensure our full compliance with the EU General Data Protection Regulation.
The following core principles, procedures and practises we abide by are integral to our data protection strategy and operations:
- Only collect and process data for authorised, specific and legitimate purposes
- Data is kept up to date and relevant to ensure its continued accuracy and integrity
- Data subject's identity exposure is kept to a minimum by processing only what is necessary
- Data Protection Impact Assessments (DPIAs) are carried out where appropriate
- We restrict access to your personal data so only the relevant employees, and third parties, who need to know that information to provide products or services to you have access
- Data is protected by extensive security measures, processes and systems to ensure its continued integrity and confidentiality
- Data is processed lawfully, fairly and transparently
- Data is stored and retained only for as long as is necessary
What Data is Collected
We collect a range of data including personal data fairly and lawfully. Personal data is any data which can be used to directly or indirectly identify an individual. Personal data that we collect includes the following:
- Contact details (email address and contact number)
How We Use Your Data
We hold and process user's personal data to enable us to perform the following functions:
- Promote our goods and services to our customers
- To confirm your identity and authenticate the information you provide
- Gather feedback to further improve our products and services
- Maintain our accounts and records
- To provide and improve customer support
- To provide you with products and services you have requested
Do We Share Your Personal Data?
In some circumstances we may share your personal data with certain approved and trusted third parties acting on our behalf which include:
- Service providers which process data on our behalf such as IT support and web analytics tool providers, such as Google
- If required to do so by any applicable regulatory, compliance, governmental, law enforcement or fraud prevention agency
- Our partner companies, business partners and sub-contractors
We do not under any circumstances rent, sell or otherwise disclose personal data with unaffiliated third parties for their own marketing use.
Do We Share Your Personal Data?
- To monitor the use of the website via Google Analytics
- To manage essential website functionality
In summary cookies help us provide you with a better website experience, by enabling us to monitor traffic and which pages you find useful and which you do not. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if preferred. This may however prevent you from taking full advantage of the website.
Lawful Basis for Processing
To process personal data under the General Data Protection Regulation we must have a lawful basis for doing so which can qualify as one or more of the following:
- To fulfil contractual obligations
- Compliance with legal obligations
- To protect the vital interests of the data subject or of another natural person
- Processing is necessary for legitimate interests
- The data subject has given valid consent to the processing of their personal data for one or more specific purposes
- The performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
Your Data Rights
Your individual rights have been further enhanced under the new General Data Protection Regulation to promote greater transparency and accessibility. They are as follows:
- The right to informed about the collection and use of your personal data
- The right to access your personal data
- The right to rectification personal data is inaccurate or incomplete
- The right to erasure of personal data known as 'the right to be forgotten'
- The right to restrict processing of your personal data
- The right to data portability or transfer of your personal data
- The right to object
- The right not to be subject to a decision based solely on automated processing, including profiling
Our Data Protection Officer
We have a dedicated Data Protection Officer who is responsible for overseeing data protection strategy and implementation to ensure full compliance with GDPR requirements. If you should have any queries regarding the General Data Protection Regulation or your personal data, please visit the Information Commissioner's Office website or contact our designated Data Protection Officer.
Data Protection Officer