Hazlin of Ludlow Ltd – Privacy Policy
We are required to provide you with this information under the new General Data Protection Regulation (GDPR.) This policy explains how we handle your personal data and what you can do if you have any concerns.
This is the privacy statement of Hazlin of Ludlow Ltd. At Hazlin of Ludlow Ltd (“Hazlin of Ludlow or we”) we are committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect from you; that you provide us or that we receive from others about you will be processed by us. It includes data that we hold electronically and in paper files.
How and why we process personal data
We confirm, when processing data on your behalf, that we will comply with the provisions of all relevant data protection legislation and regulation.
We do not sell, rent or lease any of the personal information collected from you to third parties. We do not use or disclose sensitive personal information, such as race, religion, or political affiliations (in the event that we become aware of any), without your explicit consent.
What personal information we collect
The personal information that we collect will vary depending on which product or service we deliver. These may include (the list is non-exhaustive):
- Personal Identifiable Information (Names, email address, postal information, DOB)
- Financial
- Restricted/Sensitive
- Confidential
- IP addresses
Where we collect personal information from
- Through formal engagement to provide professional services
- Via our website (General enquiries; mailing list sign ups; questionnaires or surveys; submission of a job application)
Legal bases for processing data
The legal bases for the processing of client data where a formal client engagement exists is under the following paragraphs of the GDPR: Article 6 1.(b), the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract, and Article 6 1.(f), it is in the legitimate interests of the data controller or a third party.
Our legitimate interest means the interests of our company in conducting and managing our business to enable us to give you the best service and the best and most secure experience. For example, we have an interest in making sure our marketing is relevant to you, so we may process your information to send you marketing that is tailored to your interests. It can also apply to processing that is in your interests as well. Safeguards have been put in place to ensure we achieve the correct balance between both our interests.
Where no formal engagement exists, the legal basis for processing personal information is consent provided via our website.
How we use your personal data
The purposes for which personal information is processed may include any or all of the following (the list is non-exhaustive):
- Deliver services and meet legal responsibilities
- Verify identity where this is required
- Communication by post, email, or telephone
- Understand needs and how they may be met
- Maintain records
- Process financial transactions
- Prevent and detect crime, fraud or corruption
Who as access and why?
Data will be held and processed for the purpose of providing the service that we are contracted under our Standard Terms of Business: or where you have provided your information via our website.
Only those staff who have a legitimate need to access data will be authorized to do so. We may also be required to share your data with some third parties. For example, if we have a problem with some software it may be necessary to provide the software supplier with specific data. However, where this is necessary we only disclose the information that is required to resolve the issue, and we have a contract in place that requires them to keep your information secure and not to use for their own purposes. Examples of third parties could include (this list is non-exhaustive):
- Software providers
- Website hosting provider
- Electronic communication providers
How long we retain your personal data
To meet our legal data protection and privacy obligations, we only hold on to your information for as long as we need it and for the purposes we acquired it for in the first place.
Where we have a formal engagement, we will collect personal data and retain for a long as required under current legislation.
Where we don’t have a formal engagement and you have submitted your data via our website we shall keep your personal information on our database, subject to an individual’s right to unsubscribe or be forgotten at any time. Please see the Your Rights section below.
Using our website & social media
Information Collection
We may collect information about the software on your computer (your browser version etc) and your IP address (your connection with the internet) in order to improve your interaction with our website. This may happen automatically without you being aware of it.
We may use cookies (small text files which we and other website operators store on your computer when you visit our website) to deliver a better and more personalized interaction. They enable us to recognize you when you return to the website, store information about your preferences, and improve the way your searches are processed. The helps us to better manage and develop our website, to provide you with a more enjoyable, customized service and experience in the future, and to help us develop and deliver better products and services tailored to your individual interests and needs.
Cookies also enable us to generate statistics about the number of visitors we have and how they use the website and the internet to improve the service we provide. You can set your browser to reject our cookies if you wish (you should consult your browser help section for details), but this might restrict your use of the website and other websites.
Social Media
Any social media posts or comments you send to us (on our Facebook page, Twitter or LinkedIn) will be shared under the terms of the relevant social media platform on which they are written and could be made public. Other people, not us, control these platforms. We are not responsible for this kind of sharing. We recommend you should review the terms and conditions and privacy policies of the social media platforms you use.
Your Rights
You have a number of rights under GDPR:
Right of Access
You have the right, subject to a number of exceptions, to know what information we hold about you.
Right to Rectification
You have the right to have any information we hold about you corrected if inaccurate or incomplete
Right to Erasure
You have the right to ask us to delete personal information about you were:
- You consider that we no longer require the information for the purposes for which is was obtained.
- We are using that information with your consent and you have withdrawn your consent – see Withdrawing consent.
- You have validly objected to our use of your personal information – see Right to Object.
- Our use of your personal information is contrary to law or our other legal obligations.
Right to Object
You have the right to object our processing of your personal data on the basis of legitimate interest.
We will stop processing your data on the basis of legitimate interest unless there are compelling legitimate grounds for us to continue.
We will stop any processing of your data for direct marketing as soon as we receive an objection.
Right to Restrict Processing
You have the right to restrict processing of your data in certain circumstances, such as when there is a question over the way in which we are using it.
Right to Data Portability
You have the right to obtain and reuse your personal data for your own purposes.
Automatic Processing
We will not make any decision regarding you by purely automated means.
Withdrawing consent using your information
Where we use your personal information with your consent you may withdraw that consent at any time and we will stop using your personal information for the purpose(s) for which consent was given.
Please contact us by emailing [email protected] if you wish to exercise any of these rights.
Changes to our Privacy Policy
We keep this privacy statement under regular review and will place any updates on our website www.hazlin.co.uk
Paper copies of the privacy statement may also be obtained from Caroline Cade (Director) Hazlin of Ludlow Ltd, Station Works, Bromfield, Ludlow, Shropshire SY8 2BT or Tel: 01584 856439
This privacy statement was last updated on 10/05/2018
Contact information and further advice
Any questions or comments regarding this privacy policy should be emailed to: E: [email protected]
Complaints
We seek to resolve directly all complaints about how we handle personal information but you also have the right to lodge a complaint with the Information Commissioner’s Office, whose contact details are as follows: –
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Tel: 0303 123 1113 (local rate) or 01625 545 745
Website: https://ico.org.uk/concerns