SANDFORD ELECTRICAL SERVICES LTD DATA PROTECTION POLICY

Policy Statement

Sandford policy is to ensure that data of clients, customers, or suppliers or any other third party, who supplies personal data to the company, is processed lawfully and in a manner compliant with the provisions of the GDPR.

Sandford Electrical is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.

Sandford Electrical may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from 25 May 2018.

Sandford responsibilities under the GDPR

Sandford controls the content and use of data it holds relating to clients or customers, suppliers or other third parties whom supply it with personal data during the normal course of its business.

The Company also processes such data and accordingly is also a Data Processor for the purposes of the GDPR.

The GDPR regulates the use and processing of data and provides rights to living individuals whose data is held (such individuals are known as “the data subject”).

The GDPR provides that data will only be fairly processed if the Data Controller ensures that employees have access to certain information in relation to the processing of data. The required information is set out in this policy and attached Privacy Notice.

The Company will also liaise with clients and supplier, who do or may process personal data about staff, to assess their commitment to compliance with the GDPR.

The Privacy Officer should be contacted if you have any questions about this policy or the GDPR. The Privacy Officer has overall responsibility for the day to day implantation of this policy.

What we collect

We may collect the following information:

• Name,
• Contact information including email address and mobile number,
• Demographic information such as postcode, preferences and interests,
• Other information relevant to customer enquiry.

What we do with the information we gather

We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:

• Internal record keeping,
• We may use the information to improve our products and services,
• We may use the information to customise the website according to your interests.

We may also use your personal information for the following purposes:

• For research and statistical purposes,
• Maintain or develop systems and processes,
• Improving service levels.

Security

We are committed to ensuring that your information is secure. In order to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

How we use cookies

A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.

You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Links to other websites

Our website may contain links to enable you to visit other websites of interest easily. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

Controlling your personal information

We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen.

If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.

Your rights under the GDPR

Right of access to data:

You may wish to be notified about the categories of information being held about them by us. This request should be made in writing or by e-mail. We aim to deal with all requests as quickly as possible, but will ensure that in any event, a response is provided within 1 month of the receipt of the request.

Where disclosure of data ‘adversely affect the rights and freedoms of others, we may withhold personal data. Likewise, where disclosure of data would necessarily mean that information relating to a third party would be disclosed we may refuse to disclose it unless the third party consents. We can refuse to respond to a Subject Access Request if it is manifestly unfounded or excessive. All refusals must be in writing setting out the reasons and your right to complain to the ICO and to seek a judicial remedy.

Right to opt out of direct marketing:

You have the right to require in writing that Sandford within a reasonable time cease or not begin processing data of which he or she is the subject for the purpose of direct marketing.

Right to restrict processing:

You have the right to request that processing of your personal data is restricted in the following circumstances:

• You are contesting the accuracy of your personal data and we are verifying the accuracy of the data;
• The data has been unlawfully processed, and you oppose erasure and request restriction instead;
• We no longer need the personal data but you need us to keep it in order to establish, exercise or defend a legal claim; or
• You have objected to us processing your data and we are considering whether our legitimate grounds override those of yours.

Right to object to processing:

You have the right to:

• Object to processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling),
• Direct marketing (including profiling), we will stop processing personal data for direct marketing purposes as soon as we receive an objection. We will deal with an objection to processing for direct marketing at any time and free of charge
• Processing for research and statistics purposes. The objection must be on “grounds relating to your particular situation”. We will then stop processing your personal data unless: we can demonstrate compelling legitimate grounds for the processing, which override your interests, rights and freedoms or the processing is for the establishment, exercise, or defence of legal claims.

Right to data portability:

Upon request, you have the right to receive a copy in a structured format of your automated data (held electronically) and which has previously been actively provide by you and which is processed by our Data Controller. These requests will be processed within one month, provided there is no undue burden and it does not compromise the privacy of other individuals. You may also request that your data is transferred directly to another system. We will respond to such request free of charge.

Right to be forgotten:

You have the right to request that any data held on you if,

1. it is no longer necessary for the purposes for which it was collected,
2. there is no legal ground for the continued processing,
3. the data has been unlawfully processed,
4. there are no overriding legitimate grounds for the processing or
5. removal is necessary for compliance with a legal obligation, is deleted or removed. An erasure request can only be refused if an exemption applies. We will tell other applicable data controller or processors to delete any copies of such information, upon recent of such request.

Right to rectification:

You have a right to ask that data, if incorrect or incomplete, to be rectified at any time. Any inaccuracy in disclosed data should be brought to Sandford attention in writing. We will take all necessary steps to rectify any inaccuracies as soon as is reasonably practicable.

Right to complain to the Information Commissioners Office (“ICO”)

You have a right to complain to the ICO regarding the use and processing of your personal data. Please use the following link to obtain more information: -
https://ico.org.uk/concerns/handling/

Policy Status

This policy is not contractual and may be updated and amended at any time and from time to time.