Spolding and Sons Ltd. is committed to protecting the privacy and security of data of all visitors to https://www.spoldingandsons.co.uk (hereinafter, “the website”) in accordance with the General Data Protection Regulation (GDPR).
In this Policy, “Spolding and Sons”, “we”, “us” and “our”, refer to Spolding and Sons Ltd.; a limited company registered in England & Wales (registered office: Campbell Drive, Barrow Hill, Chesterfield, Derbyshire, England, S43 2PR. Registration no. 09631743). For the purposes of the Data Protection Legislation, we are deemed to be the “data controller” in respect of any Personal Information that you provide to us or we otherwise obtain about you.
Spolding and Sons Ltd. is a “data controller” and is responsible for making decisions about the collection, storage and processing of personal data; and for providing the information herein.
1. Principles of Data Protection and Privacy
1.1 We are obligated by data protection legislation to: use personal information lawfully, fairly and with transparency; collect personal information only for valid purposes that are explained clearly and not used for any incompatible or undefined purpose; ensure that the personal information that we hold is relevant and limited to being used for the purposes of which you have been notified; ensure that personal information is accurate and kept up to date; ensure that personal information is kept only as long as necessary for the purposes of which you have been notified; and, ensure that personal information is kept securely.
2. Personal Information
2.1 Personal information, or personal data, means ‘personal identifiable data’ which is any information about an individual from which that individual can be identified.
2.2 Personal information does not include ‘anonymised data’ which means data from which the identity has been removed.
3. Specific data that we collect and how we use it.
3.1 We collect any data, such as names, email addresses and contact details, that you have submitted to us by using our contact forms and/or by sending emails to us. This data is used for initiating and managing all communications where you have made a request for information and/or communications in relation to standard business operations. This data is also held in a secure database for customer relationship management.
3.2 We also collect information on how you use the site by using cookies that enable us to make improvements to the website through the use of Google Analytics and page clicks.
3.3 We ensure the secure processing of all data through encryption in transit and at rest for all services provided by us. We accept no liability for data transferred over the Internet or external networks.
4. Using your information.
4.1 Where necessary, we will use your personal information to perform our contractual obligations to you and conduct any requisite tasks within the confines of our agreement.
4.2 Your personal information will be used to comply with any legal obligation(s).
5. Change of purpose.
5.1 We will conduct an annual review of this policy unless there are any significant changes to our website, business processes, internal systems or government legislation. Any such changes will be made herein and notification will be forwarded by email or other means, where appropriate.
5.2 We recommend that you revisit this page to view any changes that may have been made.
6. Third-party data sharing.
6.1 We may need to share your data with third-parties for the purposes of business operations and collaborative work. This includes third-party service providers such as CRM platforms, manufacturing and logistics partners and/or any authorised agents.
6.3. We do not permit third-parties to use your personal information for their own purposes or any other purpose(s) than notified herein.
7. Time limits for data retention.
7.1 We will store your personal information for as long as it is necessary to fulfil our contractual obligations, standard business operations, legal obligations, accounting, reporting and any requisite task(s) that sit within the constraints of the purposes for which your personal information has been collected, processed and retained.
7.2 Providing that your personal information is no longer required for any such purpose, as stated herein Clause 7.1, it will be discarded securely after a period of 36 months has elapsed since it was last processed for any notified legitimate purpose(s) contained herein.
8. Opt-in marketing communications.
8.1 If you have chosen to ‘opt-in’ to receive emails from us that contain further information in respect of our products and services, including promotions and offers, we will use your personal information to contact you as indicated by the preferred method(s) of communication that you have chosen, either at the point of ‘opt-in’ or at the point that you provided updated information to us.
8.2 You have the right to update, amend or withdraw permission for us to contact you with marketing communications. To do so, contact us at: firstname.lastname@example.org.
9. Your rights and obligations.
9.1 In some circumstances, current legislation gives you the right to request access, correction and/or erasure of your personal information.
9.2 In some circumstances, current legislation gives you the right to object to processing or request the restriction or transfer of your personal information.
9.3 We will process all requests in a reasonable time-frame and as prescribed by the provisions of any current legislation.
9.4 No fee is usually chargeable although we may charge a reasonable fee, or decline your request(s) where they are unfounded or excessive.
10. External sites
11. Queries and complaints
11.2 You have the right, at all times, to make a complaint to the Information Commissioner’s Office (ICO); the UK supervisory authority for data protection.
12. Policy updates.
This policy was last updated on 6th August, 2019.
Date of next review: 1st August 2020.