This notice explains how Lea Scaffolding & Access Ltd (“We”, “Us”) collects personal data from you, why we collect it, how we process it and where we may disclose it to other entities.
We are committed to complying with the Data Protection Act 2018 and the EU General Data Protection Regulation for the purposes of data protection and privacy. We take the privacy and security of data very seriously and we want to ensure you are fully informed about your rights and how we will use your data. We will also detail which legal basis allows us to use the data that we have collected.
We will review and update this Policy on a regular basis so please check regularly for any changes/updates. We may advise you of any amendments to this policy by email. If you have any further questions after reading this Policy then please get in contact with us:
Lea Scaffolding & Access Ltd
The regulator for the GDPR regulations is the Information Commissioner’s Office (ICO) they can be contacted by telephone on 0303 123 1113 or by visiting www.ico.org.uk where additional information about the regulation can also be found.
Current data protection law states that there are a number of legal reasons why a company might collect and process personal data. We have undertaken a full review of our policies and procedures to determine the most relevant legal basis for certain situations:
Consent – when you give us specific consent to use your data for a given purpose. For example when you ask us to provide you with details of goods & services.
Contract – when you engage with our services, we will process your personal data in order to deliver the agreed service.
Legal Compliance – if the law or government requires us to, we will collect and process personal data.
Legitimate Interest – this legal basis allows us to use personal data in a way that might reasonably be expected as part of running the business. This basis does not affect your freedom or rights and you have the right to request that the information we hold is erased, or that communication preferences are changed. To request changes to your data please contact us. An example of us using the legitimate interest legal basis is through direct marketing channels to advise you of services that might be relevant to you, or to advise you of a new innovative product that might be relevant to you or your business.
For more information on legitimate interests, please visit https://dma.org.uk/article/legitimately-using-legitimate-interests-new-guidance
With effect from 25 May 2018, the EU General Data Protection Regulation replaces the Data Protection Act 1998. This gives you new rights in relation to the privacy of your personal information.
We have provided a brief explanation below of how you can use those rights.
In the case of any request involving one of your rights, we will respond to your request without delay and at most within one month of receipt of your request. We are permitted to extend this time period by up to two months if your request is particularly complex.
The Right of Access
Subject Access Requests allow your right to obtain a copy of the information that we hold about you. You have the right to ask us to provide you with this information free of charge. However, should the request be deemed to be manifestly excessive, manifestly unfounded or repetitive, then we are permitted to charge a reasonable fee for providing the information. In such circumstances, and as an alternative, we can refuse to comply with the request. If this is the case then we shall let you know the reasons for us refusing to comply. You have a right to appeal such a decision via the UK Information Commissioner’s Office. For further information visit https://ico.org.uk/
The Right to Rectification
You are entitled to have the information that we hold about you rectified if it is inaccurate or incomplete. If you believe that the information that we hold about you is inaccurate, incomplete or out of date then please let us know. We will also inform any third parties of the rectification in order that they can update their records too.
The Right to Erasure
You have the right to request that we delete the personal information that we hold about you where we have no compelling reason for its continued processing. This right will apply:
This right shall not apply:
We will also inform any third parties of the request in order that they can erase their records too.
The Right to Restrict Processing
You can request that we restrict the processing of your information. This means that you may have requested one of your other rights, where until the request is concluded that we suspend the processing of your data. If we have passed your data to a third party, we will also inform them that they must restrict the processing of your data. This right will apply:
The Right to Data Portability
You have the right to request the information that we hold on you be supplied to you in a portable format. This allows you to take your information from our IT environment to another organisation's IT environment. The format in which we supply your data will be a structured and machine readable CSV file or a spreadsheet.
The Right to Object
You have the right to object to your personal information being processed by us. This means at any time you are free to:
· Advise us of any incorrect information that we hold about you in order for us to correct such information
· Withdraw consent – if you request that you no longer want us to contact you then we will change your preferences in order to suppress any future marketing. Please note, that we will retain information in order to recognise that you have withdrawn consent. If we were to delete all the information we hold about you then we are unable to ensure that you are not contacted again in the future. In such circumstances we will only keep the minimal amount of information required.
· Ask us to stop processing your data under legitimate interests. In such circumstances we will comply with your request unless there is a legitimate overriding reason to continue processing the data. Please note, that we will retain information in order to recognise that you have withdrawn consent. If we were to delete all the information we hold about you then we are unable to ensure that you are not contacted again in the future. In such circumstances we will only keep the minimal amount of information required.
· Ask us to delete your data in its entirety – please note that if we do this we are unable to recognise that you do not want to receive communications with us as no data of this nature will be held.
Information We May Collect From You
We may collect and process the following data about you:
Use of Our Services by Children
Our website is not intended for the use of children under the age of sixteen. We ask that children do not provide personal information through our website. If we become aware that we have collected personal information from a child under the age of sixteen, then we will delete that information from our records.
Where We Store Your Personal Data
The data that we collect from you may be transferred to, and stored at, a destination outside the European Union ("EU").
We use physical, technological and administrative safeguards to protect your personal information against loss, misuse or alteration. All your personal information is stored securely and may only be accessed by employees with a legitimate business need to access the information. Unfortunately, the transmission of information via the internet is not completely secure and we cannot guarantee the security of your data transmitted to the website. Any transmission is at your own risk.
How We Use Your Information
We use your data in the following circumstances:
In the circumstances above, we will use the following legal basis for processing:
You are free to modify how we contact you or opt out of receiving further communications at any time.
Disclosure of Your Information
We may disclose your personal information to any member of Lea Scaffolding & Access Ltd.
We may disclose your personal information to third parties:
In addition to the information that we share in order to comply with our legal obligations, we also may share or disclose the information:
We may also exchange your information with other companies and organisations for the purposes of fraud protection and credit risk reduction. Where false information or fraud is suspected, we may pass this information to fraud prevention and law enforcement agencies.
Retention of Data
We retain your information for as long as you hold an account with us or have been registered as having an interest in our services. This enables us to maintain an ongoing relationship with you and provide any services you may required
We ask that you not send or disclose any sensitive personal information to us either through our website, post, email, text message, telephone call or by any other method. For clarity, sensitive personal information means information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership.
In the unlikely event that information that you have supplied us is compromised then we shall notify both the UK Information Commissioner's Office and you that this is the case. This notification will be made without due delay.
Changes to This Privacy Notice
We review this notice at least annually or after any significant change to our website, processes, and systems or because of government regulations. Any changes we may make to our privacy notice in the future will be posted on this page and, where appropriate, notified to you by e-mail. We recommend that you visit this page from time to time to view any changes that we may have made.
Date of Last Review: 9 April 2019
The Compliance Officer
01204 800 224
If you have a complaint relating to our data protection or data privacy then please email our Compliance Officer at firstname.lastname@example.org
If you are unhappy with the final response that you receive from us in relation to a complaint, then you have the right to complain to our supervisory authority – the UK Information Commissioner's Office. For further information, please visit https://ico.org.uk/concerns/