“We”, “our” or “us” means Grant and Stone Limited (company number 01987538). Our registered office is Unit 2, Mill End Road, High Wycombe, Buckinghamshire, HP12 4AX.
If you have any questions about this policy or the ways in which we use your personal information, please contact the Data Protection Officer, Grant and Stone Limited, Unit 2, Mill End Road, High Wycombe, Buckinghamshire, HP12 4AX, by calling 01494 430348 or via email at gdpr@grantandstone.co.uk.
This policy has been prepared in accordance with the Data Protection Act 2018, which implements the General Data Protection Regulation.
This policy sets out our privacy practices relating to our customers, suppliers and potential employees. Links within our website and to other websites are not covered by this privacy policy. You should review the privacy information on those other websites to find out how they may use your personal information. This policy also tells you what your rights are over your personal information and how to exercise those rights.
The General Data Protection and Privacy Policy answers the following questions:
What types of personal information do we collect?
What do we do with your personal information?
What is the legal basis on which we use your personal information?
How long do we keep your personal information?
Marketing
Who do you share my personal information with?
Will you transfer my personal information outside of the EEA?
What rights do I have over my personal information?
Cookies
How will you tell me about changes to your privacy policy?
How can I contact you?
WHAT TYPES OF PERSONAL INFORMATION DO WE COLLECT?
We will collect and use the following personal information about you: Information you give us.
This is information about you that you give us by:
Filling in forms on our website to subscribe to our newsletter. This information will include your name and e-mail address.
Completing an application for a credit account. This information will include your name, address, e-mail address, telephone number, date of birth.
When submitting an order for the purchase of goods. This information will include your name, address, e-mail address, telephone number.
When accepting an order for the purchase of goods from us. This information will include your name, address, e-mail address, telephone number.
When submitting a Curriculum Vitae or job application for a job we have advertised. This information will include your name, address, e-mail address, telephone number.
If you communicate with us electronically, including by e-mail, telephone or fax, this communication may be randomly monitored and/or recorded to protect the interests of our business and our customers. This includes the purposes of maintaining customer/service quality standards, detection of and/or prevention of crime and ensuring that our employees comply with legal obligations and our policies and procedures (including our customer relations practices).
Information we collect about you automatically. With regard to each of your visits to our website, we will automatically collect information about your visit including:
the number of visitors;
the pages you have visited;
and where you have come to our site from.
This data is anonymous and presented at an aggregated level so that we can use it to improve the site and give customers a better experience in the future. We use Google Analytics to do this and Google stores this information (see the section below entitled “Cookies” for further information).
Information we receive from other sources. We may occasionally obtain personal information about you from credit reference agencies.
WHAT DO WE DO WITH YOUR PERSONAL INFORMATION?
We will use your personal information set out above as follows:
to monitor the usage of our website;
to help us track the traffic we get through our website;
to help us improve the user experience of our website;
to open and manage your account with us;
to provide discounts and offers to you;
to fulfil an order you have placed with us;
to send marketing correspondence in relation to products or offers we think might be of interest to you;
to help us improve our service;
to purchase goods and services from you; and
to consider you for a job.
We treat your personal information confidential and we do not use it for any other purposes. Your personal information will never be supplied to external third parties (other than those described in this policy) that you have not explicitly consented to unless we are required to do so in order to comply with legal, statutory or regulatory obligations; to prevent and/or to detect crime.
WHAT IS THE LEGAL BASIS ON WHICH WE COLLECT AND USE YOUR PERSONAL INFORMATION
Under data protection law, we must have a legal basis to use your personal information. We have set out these out below.
We will use your personal information:
to send information you have requested on the basis that you have consented to us doing so;
to send marketing correspondence, where you have not opted out, on the basis of our legitimate interest in promoting our products and services. We do not consider that our legitimate interests in promoting our products and services have a disproportionate effect on your rights because when we collect your personal information which we intend to use for marketing purposes, we always offer you the opportunity to opt-out of marketing and we allow you to unsubscribe at any point. If you have not provided us with your personal information during the course of a sale or negotiation for sale, we will send marketing correspondence on the basis that you have consented to us doing so. Please see the separate “Marketing” section below for further information on this;
process your application for our loyalty card on the basis that you have consented to us doing so;
if you are an individual, sole trader or in a partnership, to register and manage your account on the basis that it is necessary for the performance of our contract with you relating to contracts entered into between us for the sale and purchase of goods;
if you are an individual, sole trader or in a partnership, to process any order placed by you on the basis that it is necessary for the performance of our contract with you relating to you purchase goods from us;
if you are an individual within a corporate organisation, to administer and manage the performance of a contract entered into with your company on the basis of our legitimate interests. We consider that our legitimate interests of wishing to interact with you in order to perform our contract with your company do not unduly interfere with your interests, rights or freedoms because the processing we undertake is limited and concentrates on the management and performance of our contract with your company and such processing would be reasonably expected by you;
To manage and make payment of any order placed by us on the basis that it is necessary for the performance of our contract with you relating to us purchasing goods or services from you;
To review and consider your Curriculum Vitae or job application for a specific job on the basis that it is a necessary preparatory step for entering into an employment contract with you;
To review and consider your Curriculum Vitae or job application for a future job on the basis that it is in our legitimate interests. We do not consider that our legitimate interest in retaining candidates for future job opportunities has a disproportionate effect on your rights because we do not use this information for any purpose other than considering you for a future job opportunity;
That is collected through Google Analytics or the other cookies on our website, to monitor how our website is used, the traffic we get through our website, and to help us to improve the user experience of our website, on the basis that is in our legitimate interests. We do not consider that our legitimate interest in having a well-functioning website has a disproportionate effect on your rights because we collect minimal information from you which is largely anonymised. We do not use the information we collect to make any decisions about you; and
That is collected by monitoring and/ or recording communications, on the basis that it is in our legitimate interests. We do not consider that our legitimate interests in maintaining customer/service quality standards, detection of and/or prevention of crime and ensuring that our employees comply with legal obligations and our policies and procedures (including our customer relations practices) has a disproportionate effect on your rights because we collect minimal information about you and do not use the information we collect to make any decisions about you.
HOW LONG DO WE KEEP YOUR PERSONAL INFORMATION
We will not keep your personal information for longer than we need it for the purposes we have explained above. The Retention period for data will depend on the type of data we hold. The data will be securely deleted in accordance with our data retention policy. We will securely delete the information you give us when registered for our newsletter immediately after you withdraw your consent for us to send you newsletters. We will securely delete the information you give us to process your credit account application 7 years post account closure. We will securely delete the information you give to us when we submit an order for goods or services after 7 years has expired from the date of your last order. We will securely delete any information you give to us when applying for a job or prospective job after 6 months following the competition of the recruitment process.
MARKETING
Where we obtain your personal information during the course of a sale or the negotiation of a sale, unless you have opted-out of marketing texts and newsletters at the time we collected your personal information, we will use your personal information to:
send marketing texts and newsletters; and
tailor the marketing and newsletters we send, based on what we think you are most likely to be interested in.
Where we obtain your personal information because you have signed up to receive marketing texts and newsletters, we will use your personal information to send you promotions or updates. You may opt-out of receiving marketing communications at any time. You can withdraw your consent at any time by contacting the Data Protection Officer, Grant and Stone Limited, Unit 2, Mill End Road, High Wycombe, Buckinghamshire, HP12 4AX, by calling 01494 430348 or via email at gdpr@grantandstone.co.uk or by unsubscribing using the link in any of our marketing communications. Where you opt-out of receiving marketing communications, we will retain your personal data to the extent necessary to continue performing our contract with you or your organisation, for example, if you have a live credit account but we will not send any marketing to you.
WHO DO YOU SHARE MY PERSONAL INFORMATION WITH?
We use reputable third parties to provide us with support for our internal systems and also to develop and improve our website. We will share your personal information with our suppliers to the extent it is necessary for them to perform their services to us. Most notably this will be with the providers of our IT systems. We consider it is in our legitimate interests to be able to use reputable third-party providers to facilitate us having well-functioning IT systems and website and to fix any issues with our IT systems and website where we have a contract with them which requires them to observe your rights in relation to data protection.
If you have applied for a credit account, we will share your personal information with credit reference agencies for the legitimate interest of establishing your creditworthiness and assessing whether to open your credit account with us. We do this on the basis that is our legitimate interest as a business to credit check our customers and potential customers in order to safeguard our finances. We consider the use of your personal information is proportionate because we will only pass limited information to reputable credit reference agencies.
We may share the personal information that you give us with reputable third party suppliers to the extent necessary to fulfil the contract entered into between us. This personal information will include your name, delivery address, email address and phone number. This information is required for the courier to deliver your order to your chosen delivery address and to be able to contact you with tracking information or to be able to contact you on the delivery day if necessary.
We also use Mail Chimp and Text Local to facilitate the sending of marketing communications and promotions. We consider that our use of your personal information is in our legitimate interests as is proportionate because we only pass personal information to this provider as required to send marketing communications and our newsletter. We do not share your personal information that we have for marketing purposes with any third parties.
WILL YOU TRANSFER MY PERSONAL INFORMATION OUTSIDE THE EEA?
No.
WHAT RIGHTS DO I HAVE OVER MY PERSONAL INFORMATION?
You have a number of rights over your personal information, which are:
the right to make a complaint to the Information Commissioner’s Office (ICO) if you are unhappy about the way your personal data is being used – please refer to the ICO’s website for further information about this (https://ico.org.uk/);
the right to ask us what personal information about you we are holding and to have access to a copy of your personal information;
the right to ask us to correct any errors in your personal information;
the right, in certain circumstances such as where our use of your personal information is based on your consent and we have no other legal basis to use your personal information, to ask us to delete your personal information;
the right, in certain circumstances such as where we no longer need your personal information, to request that we restrict the use
that we are making of your personal information;
the right, in certain circumstances, to ask us to review and explain our legitimate interests to you; and
the right, where our use of your personal information is carried out for the purposes of an agreement with us and is carried out by automated means, to ask us to provide you with a copy of your personal information in a structured, commonly used, machine-readable format.
COOKIES
A cookie is a small file of letters and numbers that are stored on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer’s hard drive. We use cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve it. Depending on the purpose, we may use session cookies (which remain on your browser until you leave the site) and/ or persistent cookies (which remain on your browser or hard drive for a longer period).
We use the following categories of cookies:
Strictly necessary cookies. These cookies are required for the operation of our website. They include, for example, cookies that enable you to log into any secure areas of our website;
Analytical/performance cookies. These allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily;
Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you; and
Please note that third parties (including, for example, advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.
You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website. We use Google Analytics to help us to understand how people use our website. To view Google’s privacy policy, please click here: https://policies.google.com/privacy. We do not share the information we gather using cookies with anyone else. We will assume that you have no objections to our use of cookies in this way and that by using our website you consent to our use of cookies in this way.
HOW WILL YOU TELL ME ABOUT CHANGES TO YOUR PRIVACY POLICY?
We keep our privacy policy under regular review. Any changes we make to our privacy policy in the future will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy.
HOW CAN I CONTACT YOU?
If you have any questions about this privacy policy or about the ways we use your personal information, please contact the Data Protection Officer, Grant and Stone Limited, Unit 2, Mill End Road, High Wycombe, Buckinghamshire, HP12 4AX, by calling 01494 430348 or via email at gdpr@grantandstone.co.uk.