We collect personal information about you when you provide it to us, such as when you place an order, request a quotation, open an account with our company and fill in an account application form, when you contact us directly by email, phone, in writing or via social media, when you order goods, when you use any of our other websites or any other means by which you provide personal information to us.
The type of information we collect about you may include (but is not limited to) information such as:
We may also obtain personal information about you from certain publicly accessible sources, including (but not limited to) online customer databases, business directories, media publications, social media, credit checking databases, websites and other publicly accessible sources.
I. When new companies apply for an account with our company then we employ
credit checking databases to ensure the viability of these new customers.
During this checking it may be that we gather personal information on any
directors of the new company. This information will be cross-checked
against the account application form that the company has provided but no
data will be recorded over and above what information the new company has
provided on their account application form.
Once this account application form has been completed by the customer the relevant information is entered into our accounts programme (sage 200/EPOS Database) and online database. The information transferred includes (but is not limited to):
b. Physical Addresses
c. Phone numbers
d. Email addresses
Once this data has been entered into our accounts programme the original account application form is filed in a filing cabinet within a secure office at our head offices in Peterborough.
For customers that do not open an account but simply place an order,
personal information will be entered onto an invoice/deposit on our
accounts programme (EPOS) and a physical copy will be printed and stored in
files behind the counter top. A copy will also be sent to head office where
the document will be filed in secure offices.
II. We use your personal data to fulfil any orders that you have placed and
we may need to pass personal information onto haulage companies in order
for deliveries of orders to be delivered as requested
III. Where payment is taken from credit/debit cards the information provided is either entered directly onto an online secure payment portal or payment is taken via a physical card and no details are stored at any point in the processing of these card payments.
IV. As we operate an uninsured account facility it might be the case that
on non-payment from customers we will use the personal information that has
been provided on account application forms in order to chase for payment.
In rare and extreme cases we might pass this data onto agencies in order to
identify if there is any chance to reclaim any funds that have been lost.
It might also be possible that we will have to pass on information in the
event that we have to pursue any debt through the courts.
V. Our company will also use email addresses that have been provided for the purpose of marketing. This marketing will come directly from our company (using mail chimp as a marketing portal). We will never pass on any personal information to third party companies for the purposes of marketing. All marketing that our company sends is relevant and applicable to our business and our product and will be of direct interest to our customers
Our company will store personal information for the duration of our business relationship and for a period of 7 years after it is clear that the relationship is no longer a trading relationship. All order information will be stored within our accounts application and Sales Ordering System indefinitely.
We collect and use your personal information under Article 6 section 1 (a), (b) and (f) and Article 9 section 2 (a) of the General Data Protection Regulation.
I. CONSENT We are entering into a business relationship
with the customer and the information has been given freely and willingly
by the customer in the form of an account application form. Employees have
consented to providing personal information and it has been given freely
& willingly. On any ecommerce site consent is requested and given via
an opt in consent tick box prior to any personal information being
II. CONTRACT To carry out the business relationship a
contract is in place through the customer signing the original account
application form. In retail situations the customer has entered into a
contract by way of an invoice whereby a cash transaction for the supply of
goods has occurred. All personal data we receive from employees is
processed either for insurance purposes (driving licence information) or in
order to adequately and sufficiently provide salaries.
III. LEGITIMATE INTERESTS The information that has been provided is only processed in order to carry out the supply of goods as agreed upon on the signing of the contractual account application form, or for the fulfilment of the invoice/order that has been placed by a retail customer. The marketing that our company might send out will be of direct interest to the customer and relevant to them in terms of our business relationship. It is of legitimate interest to employees that we control and process their personal information to ensure that appropriate care is given where necessary and in ensuring correct salaries are paid etc.
I. Personal information is kept in its original form in filing cabinets located within secure offices at our head office address in Peterborough. The data that is entered into our accounts system can only be accessed by those people that have been allocated a username and the programme is password protected with each user having their own unique password. Records of all passwords are kept securely by our IT manager.
II. Our company employs our own specific, dedicated servers that are fully protected with appropriate anti-virus software. There are security measures in place that ensure that no software can be installed on any computer without permission (and password access) from our IT manager.
III. On level 1 (hardware) and level 2 (software) of our internal network we have dedicated firewall technologies in place to prevent malicious attacks. We have an in-house IT team that regularly ensure that these technologies are the most relevant and appropriate and are updated on a regular basis.
In the case of any dealings with countries outside of the European economic area, for instance, in the situation of direct deliveries to customers, the relevant staff that are involved with the organising of these deliveries have been provided with training to ensure that no transfer of personal information must occur and only company information will be submitted for the purposes of successful delivery. In any instances where personal information does have to be processed the individual concerned will be made fully aware of this transfer of data before it occurs and full consent will be sought. In any instance the information that would be transferred will be limited to name, email address and phone number.
I. RIGHT OF ACCESS Personal information can be accessed by
the individual in question at any time. In order to access this information
requests must be made to the data protection officer in writing at our
Peterborough head office address. On such requests you will be provided
with a PDF document detailing any/all of the data that we hold on you.
II. RIGHT TO RECTIFICATION AND DATA QUALITY All customers
and employees will be contacted via email at the beginning of each new
fiscal year (01st October) to ensure that the personal
information we hold on them is still relevant and up to date. This process
is an ongoing process and whenever we are directly contacted to update
personal information that this will be actively updated at the point of
contact. All irrelevant/old data will be destroyed/deleted.
III. RIGHT TO RESTRICT PROCESSING AND TO DATA PORTABILITY
Any requests to restrict processing or access personal data must be made in
writing to the data protection officer at our Peterborough head office.
These requests will be responded to within 4 weeks of being received. As
long as these requests are reasonable and acceptable then this data will
cease to be processed. All organisations that have been sent this personal
data will be informed that there is a restriction on the processing of this
data where it is reasonable and feasible to do so. If for any reason this
restriction on processing is lifted then the individual will be informed by
our company. Where data portability is requested the same time constraints
as above apply and the individual will be provided with their data in PDF
IV. YOUR RIGHT TO OBJECT TO THE PROCESSING OF YOUR PERSONAL INFORMATION FOR CERTAIN PURPOSES Individuals have a right to object to the processing of their personal information. As per the right to restrict processing any requests to object to the processing of personal information must be made in writing to the data protection officer at our Peterborough head office. If data is processed for marketing purposes then this right to object is absolute and will be ceased with immediate effect on receipt of the objection. For all other purposes the right to object will be considered and actioned within 4 weeks if deemed legitimate and acceptable. All organisations that have been sent this personal data will be informed that there is a restriction on the processing of this data where it is reasonable and feasible to do so. If for any reason this restriction on processing is lifted then the individual will be informed by our company.
Any breach of personal information, including, but not exhaustive to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to personal information will be reported to the ICO without undue delay and no later than 72 hours after becoming aware of it. Where this breach is considered a high risk to the right and freedom of individuals we will notify those concerned directly and without undue delay.
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users' browsing actions and patterns and does not identify any individual.
For more information about cookies we recommend visiting www.allaboutcookies.org. For further details about controlling and deleting cookies we recommend www.aboutcookies.org.
Any changes to this policy will be made as soon as necessary and an updated policy will be emailed to all customers and all published policies will be made available.