WESTON PLANT SERVICES LTD PRIVACY POLICY

 

 

General –

Weston Plant Services Ltd are committed to protecting and respecting your privacy. 

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.   

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

For the purposes of the Data Protection legislation the Data Controller is Weston Plant Services Ltd whose correspondence address is 257 West End Road, Bitterne, Southampton, Hants, SO18 6PP.

You can contact the Data Controller by writing to us at the above address or sending an email to info@westonplantservices.co.uk. 

If you have any questions about this Privacy Policy, please contact the Data Controller. 

This Privacy Policy is effective from 25.5.18.

 

 

Information we may collect from you -

We may collect and process the following data - 

You may give us information about yourself by filling in forms (e.g. Credit account application) or by corresponding with us by phone, e-mail or otherwise.

We collect personal data about you to help in our communication. This data consists of information such as your business and or name, address and e-mail address. 

 

Information we collect when you contact us - 

E-mail 

When you send an email to the email address displayed on our website, we collect your email address and any other information you provide in that email (such as your name, telephone number and the information contained in any signature box in your email).  

Post 

If you contact us by post, we will collect any information you provide to us in any postal communications you send us.  

Telephone 

When you contact us by telephone, or mobile phone we collect your phone number and any information you provide to us during your conversation with us.  

 

We do not record phone calls but will make notes of the conversation. 

  

Information we receive from other sources – 

We may receive information about you from other customers’ or suppliers’.

In this case we will have informed you when we collected that data.

We may also collect information from your website and will notify you if any information is noted.

  

Disclosure of your information –

We may share your information with selected third parties (as long as you have indicated your consent by way of completing our Privacy Statement) including: 

 

·       Customers, suppliers and sub-contractors for the performance of any contract we enter into with them who are necessary to assist us with running our business and who process your information for us on our behalf. e.g. e mail provider, telephone number etc. These providers are all located in the United Kingdom.

  

We may disclose your personal information to other third parties: 

 

·       If we are under a duty to disclose or share your personal data in order to comply with any legal obligation. This includes exchanging information with other companies and organisations for the purposes of fraud, cyber protection etc.

 

We may need to use your information if we are involved in a dispute with you or a third party for example, either to resolve a dispute or as part of any mediation, arbitration or court resolution or similar process. 

 

·       If we suspect that criminal or potential criminal conduct has occurred, we will in certain circumstances need to contact an appropriate authority, e.g. the Police. This could be the case, for instance, if we suspect that a fraud or a cybercrime has been committed or if we receive threats or malicious communications towards us. 

 

We will generally only need to process your information for this purpose if you were involved or affected by such an incident in some way. 

  

Consent –

Under data protection legislation, there are 6 lawful grounds for processing your data. At any one time we can rely on any of the following 2 grounds, the other 4 not being relevant to our business. In some instances more than one may apply at the same time to the processing of your data.

 

·       Having your Consent to collect and process personal data supplied by you.

·       Processing is necessary for us to meet a legal obligation 

 

 Security –

Weston Plant Services Ltd takes every precaution to protect your personal information. All personal information entered is password protected using Sage Accounting System.

The security of your data is extremely important to us. Access to your personal data is only provided to our staff and third parties who help us to process data

We will never use your information for any use beyond that stated or the permissions you give us. 

Transmission of information over the internet is not entirely secure, and if you submit any information to us over the internet (whether by email, via our website or any other means), you do so entirely at your own risk. 

We cannot be responsible for any costs, expenses, harm to reputation, damages, liabilities or any other form of loss or damage suffered by you as a result of your decision to transmit information to us by such means. 

 

Retention Periods -

 

Correspondence and enquiries 

When you make an enquiry or contact us by email or via our Contact Us form, we will retain your information for as long as it takes to respond to and resolve your enquiry.

  

Criteria for Determining Retention Periods 

For all other circumstances, we will retain your information for no longer than necessary, taking into account the following factors: 

 

·       the purpose(s) and use of your information both now and in the future (such as whether it is necessary to continue to store that information in order to continue to perform our obligations under a contract with you or to contact you in the future); 

·       whether we have any legal obligation to continue to process your information (such as any record-keeping obligations imposed by any relevant law or regulation); 

·       whether we have any legal basis to continue to process your information (such as your consent); 

·       how valuable your information is (both now and in the future); 

·       any relevant agreed industry practices or ICO guidance on how long information should be retained; 

·       the levels of risk, cost and liability involved with us continuing to hold the information; 

·       how hard it is to ensure that the information can be kept up to date and accurate; and 

·       any relevant surrounding circumstances (such as the nature and status of our relationship with you). 

  

Where we store your Personal Data -  

All information you provide to us is stored on our secure servers. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. 

  

Your rights –

Under data protection law, you have the following rights: 

·       We have an obligation to provide you “ fair processing information”. This is achieved by us having a Privacy Policy and ensuring it is regularly updated whenever there are changes in data protection law or our own policies and procedures

·       You have the right to see what personal information we hold about you, you are entitled to be given a description of the information, what we use it for, who we might pass it onto, and any information we might have about the source of the information. We are required to provide this information to you within one month of you making the request (Right of Access)

 

If you make such a request the process is formally termed “a Subject Access Request” (SAR) 

 

See below - Subject Access Request and verifying your Identity Where you 

Request Access to your Information 

 

·       to request the correction of your information ( Right to Rectification) 

 

·       to request the deletion of your information. The right to erasure is not an absolute right.  There are exceptions under data protection legislation where an organisation does not have to comply with a right to erasure request. For example, we may be obliged to keep your information for Business purposes only for 12 months after it was last used. (Right to  Erasure) 

 

·       to request that we restrict our use of your information (Right to Restrict Processing) 

 

 

·       to have that information transferred to another data controller (including a third party data controller) (Right to Data Portability) 

 

·       to object to the processing of your information for certain purposes (Right to Object) 

 

You have the right to object to us using or processing your information for direct sharing purposes  

You may also exercise your right to object to us using or processing your information for direct sharing purposes by: 

Completing our privacy statement (sent to you in April 2018) or

by sending an email to info@westonplantservices.co.uk. 

In order to withdraw your consent to our use of your information at any time where we rely on your consent to use or process that information. ( Right to Withdraw Consent) 

 

Please note that if you withdraw your consent, this will not affect the lawfulness of our use and processing of your information on the basis of your consent before the point in time when you withdraw your consent. 

 

You can exercise any of these rights by writing to Weston Plant Services Ltd, 257 West End Road, Bitterne, Southampton, SO18 6PP or emailing us.

  

You also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your place of residence or place of work, of an alleged infringement of the General Data Protection Regulation. 

 

For the purposes of the United Kingdom , the supervisory authority is the Information Commissioner’s Office (ICO), whose address is The Information Commissioner, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF 

Subject Access Requests (SAR’s) and Verifying your Identity where you Request Access to your Information 

 

Checking of identity –

Where you request access to your information, we are required by law to use all reasonable measures to verify your identity before doing so. 

        We will first check that we have enough information to be sure of your identity. Often we will have no reason to doubt a person’s identity, for example, if we have regularly been in contact with them. However, if we have good cause to doubt your identity we can ask you to provide any evidence we reasonably need to confirm your identity.  For example, we may ask you for a piece of information held in your records that we would expect you to know: a witnessed copy of your signature or proof of your address. 

     

Should you make a data subject access request but you are not the data subject, you must stipulate the basis that you consider makes you entitled to the information. 

The above measures are designed to protect your information and to reduce the risk of identity fraud, identity theft or general unauthorised access to your information. 

 

Will we charge a fee? 

No, under data protection law we have no general right to charge you a fee for making a Subject Access Request (SAR). However we may charge a “reasonable fee” based on the actual administrative cost of providing the information when a SAR is manifestly unfounded, excessive or repetitive. 

We have a full and separate policy and procedure relating to the way we will handle a Subject Access Request (SAR). Copies are available on request. 

  

Changes to our Privacy Policy –

 

Any changes we may make to our Privacy Policy in the future will be posted on this page and if substantial, will be posted or you will be sent an e-mail notification. 

When we update our Privacy Policy the new version will be given a new effective date which will be stated in Paragraph 1 – General.  

Our processing of your information will be governed by the procedures set out in the new version of the Privacy Policy from its effective date onwards. 

 

Cookies-

There are no cookies on our website.

 

Contact – 

Any questions, comments and requests regarding this privacy policy are welcomed and should be addressed to :- 

Weston Plant Services Ltd, 257 West End Road, Bitterne, Southampton, SO18 6PP or alternatively e mail us at info@westonplantservices.co.uk.