Privacy Notice Statement to Customers

What this is about:-

On 25 May 2018, new EU Data Protection Regulations come into force. They require any organisation that keeps or processes information about people that could identify them, to comply with its directives and this includes sending them a Privacy Notice explaining certain things about what information we hold and how and why we process it.

Philip Whear Windows is committed to keeping your personal data private. We shall process any personal data we collect from you in accordance with Data Protection Legislation and the provisions of this Privacy Notice. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

Data Protection Legislation means (i) before 25 May 2018, the EU Data Protection Directive 95/46 and all national implementing laws (including the UK Data Protection Act 1998); and (ii) on or after 25 May 2018, the EU General Data Protection Regulation 2016/679 ("GDPR"); together with all other applicable and national implementing legislation relating to privacy or data protection; and where we use the terms "personal data", "data subject", "controller", "processor" and "process" (and its derivatives), such terms shall have the meanings given to them in the Data Protection Legislation.

DATA CONTROLLER

For the purpose of the GDPR Philip Whear Windows & Conservatories Ltd is the data controller of your information. This means that we are responsible for deciding how we hold and use your personal data. We are required under Data Protection Legislation to notify you of the information contained in this Privacy Notice.

COLLECTING INFORMATION FROM YOU

Philip Whear Windows & Conservatories Ltd will collect and process your personal data you provide us through contract forms, our website enquiry form, face-to-face and electronic communication (including telephone conversations) in order to provide our services to you. All of this data is provided voluntarily by you in order for us to deliver the service to you and your own customers. Where premises are controlled by you, which requires you to provide us with personal information FROM YOUR OWN CUSTOMERS, we are still bound by the requirements of this GDPR, and rely upon you to be compliant with the letter and the spirit of the GDPR in this regard.

THE KIND OF INFORMATION WE HOLD ABOUT YOU

We may collect, store, and use some or all the following categories of personal data about you:

  • Personal contact details such as name, title, addresses, telephone numbers, and personal and or business email addresses.
  • Details relating to the worksite premises where we deliver our services to you such as address, telephone numbers and email addresses. This information is supplied to us by you or your agents.
  • Details relating to occupants of the worksite premises including the address, their names, telephone numbers and email
    addresses.
  • Other information about an individual that you or they disclose to us when communicating with us
  • Other information obtained through electronic means such as recording conversations on the telephone relating to our products & services or a contract relating to your installation.

LAWFUL GROUNDS FOR USING YOUR INFORMATION

We are permitted to process your personal data in compliance with Data Protection Legislation by relying on one or more of the following lawful grounds:

  • You have explicitly agreed to us processing such information for a specific reason.
  • The processing is necessary to perform the agreement we have with you or to take steps to enter into an agreement with you.
  • The processing is necessary for compliance with a legal obligation we have.
  • The processing is necessary for the purposes of a legitimate interest pursued by us, which might be:
  • to provide services to you and to notify you that services are due
  • to send you invoices following the provision of services
  • Reminders that bills are due or overdue for payment
  • to ensure that our customer accounts are well-managed;
  • To prevent, detect, investigate and prosecute fraud and alleged fraud, money laundering and other crimes and to verify your identity in order to protect our business and to comply with laws that apply to us and/or where such processing is a contractual requirement of the services
  • To protect our business interests;
  • To ensure that complaints are investigated;

You are at liberty to withdraw your consent for us to have and process your information at any time. However in practice, this would result in our company being unable to continue to effectively provide you with the services we are in business to provide.

PURPOSES OF PROCESSING

We may use your information for the following purposes and under the following legal bases:


How we use your information

To provide and manage your account(s) and our relationship with you

Legal basis

  • Where necessary for the performance of our agreement or to take steps to enter into an agreement with you
  • Where the law requires this
  • Where it's in our legitimate interests to ensure that our customer accounts are well-managed, so that our customers are provided with a high standard of service, to protect our business interests and the interests of our customers

How we use your information

To give you statements and other information about your account or our relationship

Legal basis

  • Where necessary for the performance of our agreement or to take steps to enter into an agreement with you
  • Where the law requires this

How we use your information

To handle enquiries

Legal basis

  • Where necessary for the performance of our agreement or to take steps to enter into an agreement with you
  • Where the law requires this
  • Where it's in our legitimate interests to ensure that complaints are investigated, for example, so that our customers receive a high standard of service and so that we can prevent complaints from occurring in future

How we use your information

To provide our services to you
Legal basis

  • Where necessary for the performance of our agreement or to take steps to enter into an agreement with you
  • Where the law requires this

How we use your information

To evaluate, develop and improve our services to you and other customers

Legal basis

  • Where it’s it is our legitimate interests to evaluate, develop or improve our products as well as the experiences of users of our sites, so that our customers are provided with a high standard of service

How we use your information
To protect our business interests and to develop our business strategies

Legal basis

  • Where it's in our legitimate interests to protect our people, business and property and to develop our strategies
  • Where necessary for the performance of our agreement or to take steps to enter into an agreement with you
  • Where the law requires this

How we use your information

To contact you, by post, phone, text, email and other digital methods. This may be: to help you manage your accounts, to meet our regulatory obligations

Legal basis

  • Where the law requires this
  • Where we have agreed to contact you in our agreement
  • Where the law requires this
  • Where you agree

How we use your information
To collect any debts owing to us

Legal basis

  • Where it's in our legitimate interests to collect any debts owing to us

How we use your information
To meet our regulatory compliance and reporting obligations and to prevent, detect, investigate and prosecute fraud and alleged fraud, money laundering and other crimes.

Legal basis

  • Where the law requires this
  • Where it's in our legitimate interests to prevent and investigate fraud, money laundering and other crimes
  • Where such processing is a contractual requirement of the services you have requested

How we use your information

To assess any application for services you make, including carrying out fraud, money laundering, identity, sanctions screening and any other regulatory checks.

Legal basis

  • Where you have made data public
  • Where such actions are in our legitimate interests, for the protection of our business interests
  • Where the law requires this

How we use your information

To monitor, record and analyse any communications between you and us, including phone calls

Legal basis

  • Where it’s in our legitimate interests, to check your instructions to us, to prevent and detect fraud and other crime, to analyse, assess and improve our services to customers, and for training, for the enhancement of our customer service provision and protection of our business interests

INFORMATION SHARING

We keep all your personal data confidential. However, in order to be able to service your needs to the best of our ability, we may share any information you provide to us with subcontractors. This may include contact and site information, who may be required to carry out specialist works for us. If you have provided information to other members of our group, those entities may also share that information with us. We will ensure that if we share such information with third parties, any such disclosure is at all times in compliance with Data Protection Legislation.

To help us provide services, your data will be processed internally. We will outsource some services to third parties whom we consider capable of performing the required processing activities so that there is no reduction in the service standard provided to you by us.

The recipients or categories of recipients, of your information may be:

  • Anyone to whom we may transfer our rights and/or obligations;
  • Managing related accounts or facilities;
  • Recovering debt;

RETENTION AND DISPOSAL OF DATA

We will only keep the information we collect about you on our systems or with third parties for as long as required for the purposes set out above or as required to comply with any legal obligations to which we are subject. This will involve us regularly reviewing our files to check that information is accurate and up-to-date and still required.

We may retain your information relating to your account post your guarantee period, provided it is for legitimate reasons relating to your contract. An example of this would be where we are required to continue to hold information on our products provided within our contract for future reference with regards to providing new parts etc.

STORAGE OF YOUR PERSONAL DATA AND DATA SECURITY

All information you provide to us is stored in our secure servers or those of trusted third parties such as our CRM system.

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know basis. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

RIGHTS OVER YOUR PERSONAL DATA

Under certain circumstances, by law you have the right to:

  • Be informed about the processing of your personal data (i.e. for what purposes, what types, to what recipients it is disclosed, storage periods, any third party sources from which it was obtained, confirmation of whether we undertake automated decision-making, including profiling, and the logic, significance and envisaged consequences).
  • Ask us to transfer a copy of your personal data to you or to another service provider or third party where technically feasible and otherwise required by applicable regulations.
  • Withdraw, at any time, any consent that you have previously given to us for our use of your personal data.
  • Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your working relationship with us.

Any request for access to or a copy of your personal data must be in writing and we will endeavor to respond within a reasonable period and in any event within one month in compliance with Data Protection Legislation. We will provide this information free of charge unless the request is manifestly unfounded or excessive. We will comply with our legal obligations with regards to any individual’s rights as a data subject.

If you would like to contact us in relation to any of the rights set out above please contact us using the following contact details. To protect your privacy and security, we may take reasonable steps to verify your identity before providing you with the details.

Karen Turner 01209 215759

RIGHT TO COMPLAIN TO THE ICO (Information Commissioners Office)

You can contact the ICO if you have any concerns about how Philip Whear Windows & Conservatories Ltd has handled your personal data and you also have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues. You can contact the ICO via their helpline on 0303 123 1113. You can find out more information about your rights as a data subjects, their regulatory powers and actions they can take on their website https://ico.org.uk/

THIS PRIVACY NOTICE

The content or services mentioned on our website may be changed in future and consequently this Privacy Notice may also change. Any changes we may make to this Privacy Notice in the future will be posted on this page and where appropriate, notified to you by email. We recommend that you re-visit this page regularly and inform us if you do not agree to any term mentioned here.

25th May, 2018