Data Protection law - GDPR
Data protection law is changed on the 25th May 2018 and this means you have more rights over how your data is used, protected and how you are contacted.
If you would like to receive updates about our products, sales promotions, special offers, news & events please 'opt-in' at the check out or simply sign up to our newsletter. You can change your mind at anytime by emailing us at firstname.lastname@example.org or by looking at the 'How to Contact us' section on this page.
What are your Rights?
Under the 'GDPR', you have the following rights, which we will always work to uphold:
- The right to be informed about our collection and use of your personal data. This privacy notice should tell you everything you need to know, but you can always contact us to find out more.
- The right to access the personal data we hold about you. To do this refer to the "How Can I Access my Data" section.
- The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in the "How to Contact us" section.
- The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data we have. This is not an absolute right and only applies in certain circumstances.
- The right to restrict (i.e. prevent) the processing of your personal data. This is not an absolute right and only applies in certain circumstances.
- The right to object to us using your personal data for direct marketing.
- The right to data portability. This means that you can ask us for a copy of your personal data held by us to re-use with another service or business in many cases.
- Rights relating to automated decision-making and profiling. We do not us your personal data in this way.
What Personal Data do we collect and Store?
As explained in the opening few paragraphs of this page, currently we do not send marketing emails or use your personal data for anything else other than records. We currently work with paper invoice & supplier order books, so we only take personal data once a product has be ordered, purchased or a customer has brought in a product for servicing so the Personal Data required matches the area of interest per customer. See table below for more information on what data is collected, reasons for collection & where the data will be stored.
|Source of Data||Type of Personal Data||
Reason for Personal Data Collection
|Where would the Data be Stored|
|When a Purchase Invoice, Servicing Worksheet or Product Order is filled out. (By a Store member on behalf of customer)||
For Contact purposes & records of;
Depending on what service the customer requires:
|" "||Payment Address||" "||" "|
|" "||Delivery Address||" "||" "|
|" "||Telephone Number||" "||" "|
|" "||Email Address||" "||" "|
|" "||Payment Method||" "||" "|
|" "||Date||" "||" "|
|" "||Products Ordered/Purchased||" "||" "|
How we MAY use your Personal Data/Who we MAY share it with.
Under the GDPR, we must always have basis for using personal data. We will only share your data/information with permission from you or on your behalf.
If you have given your permission for us to pass your details externally to a third party company. For example; You've ordered a product through our website and we need to pass over the delivery details to our courier service (click here for our courier information) so they can ensure they get the order to your shipping address.
On your behalf:
If we are applying for some type of goods or service for you. For example; you have requested a warranty claim and we need to process this for you and file the relevant details with the supplier. So this would be us passing your details over to achieve fulfilling of the warranty claim to the supplier.
Where your details may be passed
|FINANCE COMPANIES & BANKS||FINANCIAL & PAYMENT PROCESSING||
|COURIER COMPANIES||ORDERS DELIVERY||
|PRODUCT SUPPLIERS, MANUFACTURERS||PRODUCT WARRANTY CLAIMS||
||WITH IN AND OUTSIDE EU|
|LEGAL & PROFESSIONAL ADVISORS; E.G. AUDITOR, DEBT COLLECTION AGENCY||AUDITING & DEBT COLLECTING||
If any of your personal details/data is required by a third party, as described above, we will take steps to ensure your personal data is handled safely, securely and in accordance with your rights, our obligations and the third party's obligations under law.
How Can I Access my Personal Data?
If you wish to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it. This is known as a Subject Access Request.
All subject access requests should be made in writing to the email or postal address shown in the "How to Contact us" section.
Please provide us with proof of identity and address (for example a copy of a driving license or passport and a recent utility bill)
There is not usually a charge for a Subject Access Request, however if your request is 'manifestly unfounded or excessive' (for example, if you make repetitive requests or ask for data from a great duration than 2 years old) an admin fee may be charged to cover costs responding.
Your Subject Access Request will be responded within 28 days of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, if the application is more complex the request may take more time - the maximum can be up to three months from receiving your request - whereby you will be kept informed of our progress.
How to Contact us:
To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details for the attention of Janice Mitchell or Stephen Mitchell: