- What is the purpose of this notice?
To describe how we collect and use personal data about you in accordance with the General Data Protection Regulation (GDPR).
- The personal information that we collect
Hoad & Taylor will be what’s known as the “Data Controller” of the personal information you provide to us. We only collect basic personal information about you such as your name, address, telephone numbers, email address and debit/credit card information (only if you are settling an invoice or making a purchase).
We will maintain records of the goods and services that you have requested from us.
Payment card details are not stored on our systems, this information is only used to process your payment via the relevant companies.
- What we do with your information.
We only use your personal data with your consent, or where it is necessary to:-
- enter into, or fulfil a contract with you
- manage your account
- to process information for any enquiry you may submit to us regarding goods and/or services that we offer
- comply with a legal duty
- to protect your vital interests
In any event we will only use your information for the purpose or purposes it was collected for (or for closely related purposes).
We may process personal information for certain legitimate business purposes which include some or all of the following:
- where the processing enables us to enhance, modify, personalise or otherwise improve our services/communications for the benefit of our customers.
- to identify and prevent fraud
- to enhance the security of our network and information systems
- to provide postal communications which we think will be of interest to you
- to determine the effectiveness of promotional campaigns
Whenever we process data for these purposes we will ensure that we always keep your personal data rights in high regard and take account of these rights at all times.
When we process your personal data for our legitimate interests we will ensure, consider and balance any potential impact on you (both positive and negative) and your rights under data protections laws. Our legitimate business interests do not automatically override your interests – we do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You have the right to object to this processing if you wish, and if you wish to do so please contact us to advise.
- Who will we share your information with?
We will not without your express consent pass on your personal details to any other company.
The need may arise to share you details with reputable third-party companies i.e., banks, credit card companies or a product manufacturer where a need for their input is required.
- Where we keep your personal data
We are based in the UK and we store our data within the EU on secure servers.
Our servers are monitored and maintained by a reputable company who adhere to strict security policies.
- If you no longer wish to hear from us
Should no longer wish to receive communications from Hoad & Taylor, please email us at firstname.lastname@example.org stating your name, address and postcode or send an instruction by post to: Hoad & Taylor Ltd, 5 Manfield Park, Cranleigh GU6 8PT. We will ensure your details are deleted and no further contact is made.
- Your rights – you have the right to:
- the right to confirmation as to whether we have your personal data and, if we do, to obtain a copy of the personal information that we hold (this is known as a data subject access request)
- the right to have your personal data removed
- the right to have inaccurate data rectified
- the right to have your information used for marketing or profiling
Please bear in mind that there are exceptions to the rights above and, although we will always make every effort to respond to your satisfaction, there may be legitimate reasons why we are unable to do so.
If you wish to make a complaint on how we have handled your personal data, you can contact Danny Adams (our Data Privacy Manager) who will investigate the matter.
If you are not satisfied with our response you can complain to the Information Commissioner’s Office, the UK supervisory authority for data protection issues.