It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
We use different methods to collect data from and about you including through:
You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
Automated technologies or interactions
As you interact with our website, we will automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies.
We use “analytical” cookies, which allow us to recognise and count the number of visitors and to see how visitors move around the site when they are using it. This helps us to improve the way our website works, for example by ensuring that users are finding what they are looking for easily.
Third parties or publicly available sources
We may receive personal data about you from various third parties as set out below:
When we do collect information we are regulated under the General Data Protection Regulation (EU) 2016/679 which applies across the European Union (including in the United Kingdom) and the Data Protection Act 2018 and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. We will carry out an assessment when relying on legitimate interests, to balance our interests against your own.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
How long will you use my personal data for?
By law we have to keep basic information about our customers including Contact, Identity, Financial and Transaction Data for six years after they cease being customers for tax purposes. Otherwise we will keep any marketing data for the shortest duration possible and will delete this data once it has served the purpose for which it is kept.
Under the General Data Protection Regulation (EU) 2016/679 and Data Protection Act 2018 you have a number of important rights. In summary, these include rights to: