Data controller: Grosvenor Technology Ltd Limited, Endeavour House, Coopers End Road, Stansted, Essex CM24 1SJ – Company No 02412554
Data protection officer contact: firstname.lastname@example.org
The organisation collects and processes a range of information about you or your organisation. This includes:
- Your Name
- Your Company Name
- Your Company Address
- Site name/Serial Number
- Your Company Contact Details, including business email address and business phone number/s
- Your Correspondence with us, through enquiry form or email
- Details of visits to our website and any enquiry forms sent
All of the specific data above is provided to us, or collected by us, during the pre-sales, sales, and after-sales stages of purchase of products and/or services offered by us; from correspondence with you, your organisation, your organisation’s contractors subcontractors or representatives; or through meetings, whether general or sales or other such visits to your organisation premises.
Other than the aforementioned ways of obtaining data we may obtain data about you from third party sources, such as public databases, data service companies. We take steps to ensure that such providers are legally permitted or required to disclose such information.
In some cases, we may collect personal data from third parties, such as information from background and staff vetting providers, information from credit reference agencies and criminal record checks permitted by law. The organisation will seek this information only with your given consent.
Data is stored in a range of different places, including IT email servers, our CRM management system, email and EMS (email marketing service) systems. The data we collect may be transferred to and stored at a destination outside of the European Economic Area (“EEA”). For certain orders, it may be processed by staff operating outside of the EEA who work for us or for one of our contractors or suppliers. By submitting your personal data, you agree to our data management in terms of transfer, processing and recording.
The organisation needs to process data to supply information, estimates, quotations, and to enter into a sales or service contract with you, to meet its obligations under the business relationship and contract. For example, it needs to process your data to provide you with information, products and services, to request payment in accordance with the sales terms and to administer credit reference checks (where applicable).
In addition, the organisation processes data on the basis of Legitimate Interest (i.e. when we believe there is a benefit or relevance to you, for example to supply information on products or services relevant to your business or project) before, during and after the end of the sales relationship. Processing customer data allows the organisation to better serve its customers and end-users. When utilising personal data, the organisation relies on legitimate interests as a reason for processing and it has considered whether or not those interests are overridden by the rights and freedoms of customers.
The data held is used to improve user experience and fulfill projects. This includes:
- To ensure the information on our website and materials is presented in the most effective manner possible for all users
- To provide clear responses to any enquires about our specifications, products and services that you requested from us
- To carry out our obligations arising from agreements between you and us
- To notify you about changes to our service
- For sales and marketing activities such as calls, emails and other types of communications
We do not disclose information about identifiable individuals to our suppliers or business partners, but we may provide aggregate information about users (i.e. the popularity of a specific product or service).
Your data will be shared internally, including with members of the sales, marketing, project management and finance teams. If necessary, the IT staff will have access to the data if it is necessary for the performance of their roles.
The organisation may need to share your data with third parties for financial, sales or marketing purposes. The organisation may also share your data with third parties in context of a sale of some or all of its business. In those circumstances, the data will be subject to confidentiality agreements.
The organisation also shares your data with third parties that process data on its behalf, including our EMS system (MailChimp) and financial options.
The organisation has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or unnecessarily disclosed. It is not accessible internally except by employees in the performance of their duties. All data on the company CRM is subject to a standard deletion policy. Records are kept of customers and contacts so that we are able to supply information, products, and services.
Where the organisation engages third parties to process personal data on its behalf, they do so on the basis of written instructions, and are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.
The organisation will hold your data for the duration of the business and service relationships, as defined by the Grosvenor Technology Ltd data retention policy and schedule. Your data can be deleted on request.
The organisation uses data to help better serve customers, but it still belongs to you. As a data subject, you are able to:
- Access and obtain a copy of your data on request;
- Require the organisation to change incorrect or incomplete data;
- Require the organisation to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing;
- Object to the processing of your data where the organisation is relying on its legitimate interests as the legal ground for processing; and
- Ask the organisation to stop processing data for a period if data is inaccurate or there is a dispute about whether or not your interests override the organisation’s legitimate grounds for processing data.
If you would like to exercise any of these rights, please contact the organisation’s data protection officer:
Web Cookies and Tracking
Cookies are small files saved to the user’s computer’s browser and hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored and faster experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and its external serving vendors or use the cookie control system if available upon their first visit.
WebForms and Enquires
Users contacting us through this website do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use. If a business opportunity becomes available, data provided through enquiry form will become a part of the organisation’s data management.
Email Mailing List and Marketing Messages
The organisation utilises both email and an EMS (email marketing service) to provide information to customers and contacts, in addition to providing specialised marketing materials about projects. Email details are collected, processed, managed and stored in accordance with the regulations above.
Media Files and Downloads
Any downloadable documents, files or media made available on this website are provided to users at their own risk. While all precautions have been undertaken to ensure only genuine downloads are available users are advised to verify their authenticity using third-party anti-virus software or similar applications.
External Website Links and Third Parties
The organisation looks to only include safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links. We do not own and therefore cannot verify the authenticity of externally linked contents. Web users should note they only click on external links at their own risk.
RESOURCES AND FURTHER INFO
- Overview of the GDPR – General Data Protection Regulation
- Data Protection Act 1998
- Privacy and Electronic Communications Regulations 2003
- The Guide to the PECR 2003