Privacy Statement & Legal Notice
PROTECTING YOUR PRIVACY
We’ll only ever collect and use your information in ways that are necessary and described in this policy.
We’re committed to keeping your information safe and confidential. Any personal data you provide is kept on secure servers within a controlled environment and is protected from any unauthorised access, use, or disclosure.
You can trust that we’ll never sell your data to third parties.
Within this policy
- What is this policy?
- Who are we?
- What is personal data?
- How do we collect your personal data?
- How do we use your personal data?
- Who else might receive or access your personal data?
- How long do we keep your personal data?
- What are cookies and tracking?
- What are your rights?
- Changes to this policy
- How to contact us
What is this policy?
This policy explains how we, Collinson plc, collect and handle your information. Throughout this policy we’ll be referring to your information as ‘personal data’. For example, this may include information collected either through our websites, as part of a sales transaction, during telephone calls, in emails, through show enquiries or via other means.
It’s important that you understand your rights when it comes to protecting your data. See ‘What are your rights?’ for more information.
Who are we?
For all Collinson services, the data controller that’s responsible for your privacy is Collinson plc. If you have any questions about how we protect your privacy, email firstname.lastname@example.org and we’ll get back to you as quickly as possible.
Regardless of recent legislation, we’d like to reassure you that any data and information you’ve shared with Collinson has always been protected. The Data Protection Act has been in force since 1998 and Collinson has been compliant.
As always, our ethos as a company is to provide the best service and experience for our customers and users, and that includes maintaining your trust.
What’s personal data?
Your personal data is information that can be used to identify you as an individual. For example: your name, contact details, and job title.
Another type of information that can be collected we’ll call ‘Navigation Information’. It includes things like your browser, IP address, which country you’re in, and how you found and interacted with our website.
For the most part, this information is anonymous and is stored on an aggregate basis, except where it’s linked to your personal data. See ‘Cookies and tracking’ for more information.
How do we collect personal data?
Using our website
A benefit of the new GDPR legislation is that it helps you understand how your data provides a better internet experience and service from the companies you choose to use.
Bits and pieces of information will be collected about everyone who uses our website for the simple fact that some data collection is necessary for us to provide the best user experience. Please see ‘Cookies and tracking’ for more information.
Enquiries, sales and transactions
Because we can’t respond to enquiries, provide products or provide requested services without some personal data, we need to collect, process and keep that personal data and ask that you agree to that in line with this policy.
For example, in order to fulfil our contract with you, we may need to record your address so that we can deliver the products you’ve ordered. We will also need to record your contact details so we can get in touch to schedule delivery.
This kind of information is vital and, without it, we wouldn’t be able to provide you with the products and services you request.
Collecting personal data
There are three ways we collect information:
Information you volunteer
This can include any personal data you provide in order to:
- Subscribe to our marketing communications;
- Download information about one of our products;
- Access a PDF or other file;
- Request information;
- Make an enquiry;
- Or place an order.
You may have provided this personal data by filling in a form, by emailing us, or over the phone. It’s always up to you whether or not you choose to give us information in this way, and any personal data you do provide will be provided in line with this policy.
Bear in mind that in order for us to provide a product or service, it will be necessary for us to process some personal data. Otherwise, we wouldn’t be able to fulfil our contract with you.
Some information will be generated automatically or collected from your device as you use our website. Unless you’ve supplied information voluntarily, as above, this automatic data collection will be anonymous. It includes the Navigation Information we covered earlier. That could mean your IP address, location, device information and how you came to visit our site (e.g. through Facebook).
This information is vital to us improving your experience and our website. In most circumstances, it will be used on a general basis rather than an individual one. For example, if we can see that most users are viewing our website from their mobile phones, we may change our website to better suit mobile displays.
We may receive some personal data from third parties that we engage in joint marketing activities with or whose services we use. We may also get information from public sources like social media sites.
Always, we’ll endeavour to ensure any third party from whom we receive personal data has obtained express consent to share that data.
Any personal data we use to send marketing communications will come under ‘legitimate interest’. The information we provide within those marketing communications will be information we believe is relevant to you as a professional, or to your business.
Our websites and webpages are not intended for or targeted at children under the age of 16, and we don’t knowingly or intentionally collect personal data from children under the age of 16.
If you believe we have collected personal data or information about someone under the age of 16 that wasn’t provided with the consent of the child’s parent or legal guardian, please contact us at email@example.com so we can delete that information.
How do we use your personal data?
You’re free to explore our websites without volunteering any personal data, but some information is collected automatically. This is standard practice for most modern businesses and is part of what makes the internet such a useful tool. See ‘Cookies and tracking’ for more information.
Any personal data we collect is used to provide you with services you’ve requested, for normal business purposes, or to exercise or comply with any legal rights or obligations.
We also use this data to protect or further our legitimate interests as a business. This includes making our websites and your experience with Collinson even better.
For example, we may use the data:
- To understand and review how and why people are viewing the Collinson websites and webpages so we can provide better products and services;
- To run A/B tests and to adjust the information we show to users based on their activity. One example would be preventing you from seeing the same advert over and over again. Instead, we could show you something new.
- It also helps us figure out the best visual experience for a user. For example, we can test different button colours and placement to see what most users prefer interacting with. In this way, we can display useful information in the most effective way.
- To measure how effective our communications are by recording whether our emails have been opened by users and which links are most clicked.
- To personalise your experience. This may include adjusting our email content and the information we display to reflect what we believe may interest you the most.
We may need to keep a record of your contact history with us, such as telephone calls or emails, so that we can provide you with appropriate customer service. This allows us to fulfil our contract with you by making sure you receive the right support. It also means we can accurately address any queries or complaints you may have.
Credit and Debit Cards
If you provide credit or debit card information, we’ll only use that information to fulfil our contract with you. This may include checking your financial qualifications, detecting and preventing fraud, taking payments and/or issuing refunds.
We use a third-party service provider to manage credit card processing. This service provider is not permitted to store, retain or use the information you provide except for the sole purpose of processing your credit card on our behalf.
Who else might receive or access your personal data?
You can rest assured we do not and will never sell any of your personal data to any third party.
It’s incredibly important to Collinson that we maintain your trust. We take your privacy very seriously.
We share your personal data only where you ask us to, where it’s a necessary part of doing business with you and providing you with services, or where we’re legally required to do so.
As an essential part of being able to provide our services and fulfil our contract with you, it may be necessary for us to share information with third parties. For example:
- Companies that are involved in successfully fulfilling your order, such as payment service providers, business control software providers, couriers and transport services
- Professional services and agencies who help us run our business such as marketing agencies, advertising partners and website hosts
- Credit reference agencies and fraud prevention agencies to help find and prevent debt, fraud, or loss
- For any associated legal action
Social media and advertising
We use a variety of digital marketing networks, ad exchanges and services offered by sites and social networks, such as Facebook’s Custom Audience service.
Banners and advertisements you see may be based on personal data we’ve stored, your previous activity on our websites, or on Collinson advertisements you’ve interacted with before.
Our websites also include social media features such as Facebook and Twitter ‘like’ and ‘share’ buttons. These features might collect your IP address and may set a cookie so that the feature can work correctly.
Our websites include links to other websites. We don’t control the content or practices of these other websites.
How long do we keep your personal data?
We only keep data as long as we need to. This includes:
- Where there is an ongoing legitimate interest or legitimate business need. For example, to contact you about our other products and services, or in relation to a contract or transaction.
- Where there is a legal need.
How long we keep your data depends on:
- Why it was collected
- How long it will take to fulfil that purpose
- Whether there’s a specific legal obligation for us to keep your data for a certain amount of time.
When there’s no longer a legitimate business or legal need to process your personal data, where possible, it will be deleted or anonymised. We regularly check, maintain, update and remove data that’s no longer accurate.
Regardless of the retention period, you can ask us to delete your personal data at an earlier date. See ‘What are your rights?’ below for information on how to do this.
We may keep information derived from cookies and other tracking technology indefinitely because it’s used to improve our products and services and to protect our business interests.
Cookies and tracking
Cookies and tracking technologies have been around for a long time. They are part of what makes the internet such a useful tool for businesses and consumers.
We use them to:
- Optimise, personalise and deliver our services
- Administer our websites and webpages
- Gather information about demographics and user trends on a wide-scale basis.
What is a cookie?
A cookie is a small file sent from our website that’s stored on your device or computer. Cookies record preferences and settings so you don’t need to re-enter them every single time you visit a site.
They can also record information about how you use our site, which helps us test improvements to see whether they are effective.
Cookies on our websites and webpages may be set by us or controlled by third parties we’re working with, such as for advertising purposes.
What are pixels and web beacons?
These are small, transparent image files placed on a webpage or in an email. They help us understand how you interact with our services.
For example, seeing whether or not you’ve opened an email helps us send you better and more relevant communications in the future.
Mostly, this is useful on a general basis rather than an individual one. Seeing that an email was opened by lots of people tells us that email is useful and effective.
What are tracking codes?
These can also be called ‘tags’. They’re used to measure things like website visits and interactions. Again, these help us see how you interact with our website and webpages and which adverts you see.
Cookies and your personal information
Cookies and tracking allows us to track things like users’ movement around the website, and to collect information in line with this policy.
For the most part we use this information to review website use on a general and anonymous basis, rather than an individual one.
The exception is where Navigation Information is stored alongside your personal data. Whilst cookies and tracking technologies don’t usually identify you by themselves, the information they collect can be connected to you as an individual by linking to your other personal data that’s been provided—for example, by you filling in a form on our website.
What are your rights?
You’re well protected when it comes to your personal data. Here are your rights:
- The right to request access to the personal data we have for you, and to receive a copy of that data
- The right to request any personal data we have for you be updated or corrected
- The right to request that we stop processing your data or delete it (depending on the circumstances)
- The right to unsubscribe from and stop receiving direct marketing communications, even if you’ve previously given consent
- The right to request that we pass on parts of your data to you or another service provider
- The right to complain to a data protection regulator (that’s the Information Commissioner’s Office in the UK)
To exercise your rights, make a complaint, or if you have any questions, please don’t hesitate to contact us at firstname.lastname@example.org.
Reviewing, correcting and removing your personal data
Accessing your data
You can request a copy of the personal data we hold on you. Where possible, this will be provided within 30 days (see ‘Limitations’).
Updating your data
You can ask us to update or correct your personal data at any time.
Removing your data
You can ask that we remove, restrict or refrain from processing your personal data. This won’t be possible in circumstances where it’s necessary for us to process your data for transactional, sales, contractual or legal purposes.
Where we’ve requested your consent, you can choose to withdraw that consent at any time. However, this won’t affect any data processing that has already occurred at that time.
Unsubscribe from marketing communications
You can unsubscribe from our marketing messages whenever you like. Just use the ‘unsubscribe’ link at the bottom of any of our emails, or contact us at email@example.com.
Please note that stopping marketing communications will not stop service communications (such as order updates). It’s not possible for customers to opt out of receiving transactional emails that are related to their account or any purchases they might have made. See ‘Removing your data’ above.
The above rights may be limited.
For example, limitations may apply if complying with your request would reveal someone else’s personal information, or if your request would require us to delete information we are required by law or have compelling legitimate interests to keep.
Changes to this policy
In accordance with the new GDPR regulations, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April on the protection of natural persons with regard to the processing of personal data and the free movement of such data, and repealing Direction 95/46/EC (General Data Protection Regulation), Collinson plc are committed to full compliance and will ensure that personal data shall be:
(a) Processed lawfully, fairly and in a transparent manner
(b) Collected for specified, explicit and legitimate purposes and not further processed
(c) Adequate, relevant and limited to what is necessary
(d) Accurate and, where necessary, kept up to date
(e) Kept in a form which permits identification of data subjects for no longer than is necessary
(f) Processed in a manner that ensures appropriate security of the personal data
How to contact us
Should you have any questions or concerns about this policy or your data, or to exercise any of your rights, please contact our Data Control Officer on firstname.lastname@example.org or at Riverside Industrial Estate, Tan Yard Road, Catterall, Preston PR3 0HP.
We’ll respond to your request within a reasonable period of time and will let you know what action we’ve taken.