TPSC is committed to complying with the current data protection laws of the EU General Data Protection Regulation 2018 (GDPR) and protecting your privacy. The information we collect we use to provide you with a greater service in order to assist you through your project(s). This privacy statement sets out everything; from what data we collect and how we do it, to how we protect and store the data. It will also explains what your rights are regarding that information and how you can correct any errors in the information that we hold on you.
INFORMATION WE COLLECT
We will collect many types of personal information from you, including but not limited to:
Date of birth
Landline and mobile numbers
Other forms of personal data may be obtained via CCTV footage for example when you visit our premises.
If you are involved in or have witnessed an accident at one of our sites and/or involving one of our vehicles, we may have to collate personal information from you in order to investigate the incident fully.
If whilst visiting one of our establishments the fire alarm sounds, the appointed fire marshal may take some personal information from you.
WORKERS, SUBSIDIARIES AND SUBCONTRACTORS
We may also collect this information relating to any workers, subsidiaries and subcontractors that may carry out works on your behalf. Through their use of your account, they are agreeing to the terms outlined in this policy via your acceptance of the document within the account application process.
As such it is the responsibility of both yourself and/or your company to inform said associates of the existence of this document and show them a copy where necessary.
It is also your duty to explain the obligations of this policy as well as the said associate’s acceptance of it.
HOW WE COLLECT INFORMATION
Other ways in which we collect data is when you make an enquiry about a product(s), receive a quotation, place an order with us, access our website, enter any of our surveys or competitions and also via any correspondence that you may send us.
Due to training purposes, there may also be instances when calls are recorded.
HOW WE USE INFORMATION
We use the information that you have provided us in the following ways:
To process orders,
For record keeping purposes,
To notify you on important company changes or developments,
To ask for your opinion on our services,
To inform you of special offers and promotions,
To give you a greater personalised experience online,
To ease your online experience via stored payment information,
To report any claims for/against TPSC such as accident logs and CCTV footage.
All of which is undertaken in order to fulfil and comply with our legal and statutory requirements.
WHERE DATA IS STORED
We currently use two main methods for storing the personal information that we obtain. In the current digital age, primarily we store the majority of personal information on our computer system. We do also keep paper hard copies of some documents that we believe are of a high importance. We only store information for as long as it is deemed necessary, after which time it is securely disposed of.
HOW WE PROTECT YOUR DATA
Due to both the large amount of personal data as well as the sensitivity of it, the security of where it is stored is of paramount importance to us. We maintain procedural, physical, and organisational security measures designed to provide protection for your Personal Data against loss, abuse, unauthorised access, exposure, and modification.
We do this by engaging with relevant software and physical security in order to keep your data safe. Any paper copies that we keep are stored securely with minimal copies to minimise the possibility of a data breach. We also restrict access internally so that only employees who need your information to complete their work are able to do so.
While protecting your data is of upmost importance to us, we cannot take responsibility for protecting any personal data once it has been shared with 3rd parties. Whilst we are disciplined in meeting with the compliance of GDPR, we may not be able to confirm the subsequent receivers complicity nor take an accountability for this.
Any data breaches that occur within our security system, we will make all those affected aware within a 72 hour period in compliance with GDPR 2018.
Cookies are small files that are transferred to your computer’s hard drive. They are common practice and are used to aid your experience of a website whilst also informing the website owner of information such as spending habits and movement throughout a website.
Our cookies do not contain any personal data that allows us to identify who you are. We use them to track website traffic and areas that are accessed.
In order to keep security of our site we do not allow any personal information to be input or submitted onto our website including log in details.
In compliance with GDPR and Privacy and Electronics Communications Regulations (PECR), we currently engage in a direct marketing policy. Your details will be safely recorded on our system so that we can send you exclusive offers, deals and news. This will be via Email and across our Social Media Platforms.
We do call on individuals/businesses that are currently not our customers from time to time. This only happens with people that we believe would be interested in our services and are currently missing out. If anyone states they do not want to receive contact from us again, then we note it and make sure that does not happen.
DISCLOSURE OF YOUR INFORMATION TO 3RD PARTIES
We do not currently share your information outside of its holding company, any of its subsidiaries and/or affiliated companies for marketing purposes. We do not share your information with 3rd parties unnecessarily, however, there are some instances when this is unavoidable such as:
In the event that any business assets are bought or sold, your personal information may need to be disclosed to the prospective buyer/seller.
The acquisition of TPSC by a third party would result in all personal data being transferred to the buyer.
To obtain a greater competitive pricing structure from our suppliers, proof of purchase via customer data being shared is a necessity.
Should law enforcement or other government agent require information under legal obligation, we would then share personal information relating to the request.
It may be necessary to share personal information in order to protect the integrity, rights and/or assets of TPSC, its customers, employees or other third party; through Police reports, CCTV footage, and accident reporting to our insurers.
In the event that your information is shared with 3rd parties, we endeavour to do so in a secure manner.
TPSC currently employs the use of CCTV cameras and security systems. This is predominantly used to deter and/or resolve cases of theft, however, we can also use the information if there is an accident on site, to check loading, confirm that products are being stored correctly and ensure our Health and Safety standards are met.
Whilst recording footage for largely security purposes, customer data can also be obtained entering and/or exiting and whilst being on site. We keep the copies of CCTV footage for no longer than 3 months, to protect against historic incidents, after which time the data is overwritten.
TPSC is committed to working within the parameters of the GDPR 2018 legislation. As such, we regularly conduct audits on our policies and procedures to ensure that we are meeting the current regulations. Should any major changes occur in our policy, we will endeavour to make all of our customers aware via as many means as possible such as on our website, via email and at our premises.
Under the GDPR legislation, you are entitled to access your personal information. Please be aware that there may be a cost (not currently exceeding £10) that you will incur in order to cover our costs in meeting you request. If you have any such request, or should you believe that any of the data that we currently hold is incorrect, please email us at firstname.lastname@example.org.
You also have the right under GDPR to withdraw your consent as any time. Should you wish to do so, you have any concerns or need further clarification, you can also write to us at: The Patio Supply Centre, Unit 1, Hambro Nurseries, Chelmsford Road, Wickford, Essex SS11 8SY
Legitimate Interests are areas that the company deem that information must be stored and/or processed is vital to correct function and fundamental for day to day service to operate.
For this reason it may even be that individuals/businesses have not given, and may have even withdrawn, consent yet the company still keeps that information.
GDPR states that the legitimate interest must out way the fundamental freedoms and rights of an individual. Therefore we carry out a full assessment of the area to ascertain the validity. We balance the organisation interests against those of the individual to make sure that it is justified, as well as ensuring that the subsequent impact is minimal.