This privacy statement provides information of how we process personal information. We may update this policy from time to time and therefore advise that you should periodically review this page.
a) Enfield Safety Supplies (Enfield Safety) is committed to protecting the privacy of visitors to our website. You are not required to provide any personal information on the public areas of this website. However, you may choose to do so by completing the contact or enquiry forms.
b) Enfield Safety understands that the information you provide may be confidential and will maintain the confidentiality of and protect your information in accordance with our normal procedures and all applicable laws.
c) Enfield Safety has a legal obligation to ensure that your information is kept accurate and up to date. Please assist us to comply with this obligation by ensuring that you inform us of any changes to your information. You have the right to request details of the information we hold about you and to delete or rectify any inaccurate information about you by sending us a written request.
e) Enfield Safety does not disclose information to other companies for their commercial use.
2. EXPLAINING THE LEGAL BASIS WE RELY ON
The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, the legal basis that we rely on include:
a) Consent - In specific situations, we can collect and process your data with your consent, for example, when you tick a box to receive email newsletters. When collecting your personal data, we’ll always make clear to you which data is necessary in connection with a particular service.
b) Contractual obligations - In certain circumstances, we need your personal data to comply with our contractual obligations, for example, if you order an item from us for delivery, we’ll collect your address details to deliver your purchase, and pass them to our courier.
c) Legal compliance - If the law requires us to, we may need to collect and process your data, for example, we can pass on details of people involved in fraud or other criminal activity affecting Enfield Safety to law enforcement agencies.
d) Legitimate interest - In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. We will also use your address details to send you direct marketing information by post, telling you about products that we think might interest you.
3. HOW WE COLLECT OR OBTAIN YOUR PERSONAL DATA?
In this section we have listed where we collect user information and when we collect your personal data
a) When you visit our website, and use your account to buy products.
b) When you make an online purchase and check out as a guest (in which case we just collect transaction-based data).
c) When you create an account with us, either online or as part of a company ledger account.
d) When you engage with us on social media.
e) When you contact us by any means with queries, complaints etc.
4. WHAT TYPE OF PERSONAL DATA DO WE COLLECT?
We may process the following categories of Personal Information about you:
a) Personal details, such as your name; username or log in details; password; areas or product categories of interest. If you have a web account with us: your name, gender, billing/delivery address, orders and receipts, email and telephone number. For your security, we’ll also keep an encrypted record of your login password.
b) Demographic information: gender; salutation; job title, company information.
c) Contact details: postal address; telephone and/or mobile number; email address; and your public social media handles or profile(s).
d) Consent records: records of any consents you may have given, together with the date and means of consent.
e) Purchase and payment details: records of purchases and prices; invoice records; payment records; billing address; payment method; cardholder or account holder name; payment amount; and payment date.
f) To deliver the best possible web experience, we collect technical information about your internet connection and browser as well as the country and telephone code where your computer is located, the web pages viewed during your visit, the advertisements you clicked on, and any search terms you entered.
g) Details of your visits to our websites or apps, and which site you came from to ours.
i) Device type, settings and software used.
j) Log files, which may include IP addresses, browser type, ISP referring/exit pages, operating system, date/time stamps and/or clickstream data, including any clicks on customized links.
k) Web Beacons, which are electronic files that allow a website to count users who have visited that page or to access certain cookies.
l) Mobile analytics to understand the functionality of our mobile applications and software on your phone.
5. HOW AND WHY DO WE USE YOUR PERSONAL DATA?
There are several grounds on which we may collect and use your data, depending on your relationship with us. We want to give you the best possible customer experience. One way to achieve that is to get the best picture we can of who you are by combining the data we have about you.
We then use this to offer you products, promotions and services that are most likely to interest you.
The data privacy law allows this as part of our legitimate interest in understanding our customers.
Of course, if you wish to change how we use your data, you’ll find details in the ‘What are my rights?’ section below.
Remember, if you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide some services you’ve asked for. For example, if you’ve asked us to let you know when an item comes back into stock, we can’t do that if you’ve withdrawn your general consent to hear from us.
Here’s how we’ll use your personal data and why:
a) To process any orders that you make by using our website or by phone.
b) To respond to your queries, refund requests and complaints.
c) To protect our business and your account from fraud and other illegal activities.
d) To process payments and to prevent fraudulent transactions.
e) We will use your personal data, preferences and details of your transactions to keep you informed by post, email, web, text, or through telephone about relevant products and services including special offers, promotions and so on - You are free to opt out of hearing from us by any of these channels at any time.
f) To send you communications required by law or which are necessary to inform you about our changes to the services we provide you.
g) To display the most relevant content to you on our websites, we’ll use data we hold about your favourite brands or products. We do so on the basis of your consent to receive for our website to place cookies or similar technology on your device.
6. HOW WE PROTECT YOUR PERSONAL DATA
We know how much data security matters to all our customers. With this in mind we will treat your data with care and take all appropriate steps to protect it. We secure access to all transactional areas of our websites and apps using ‘https’ technology. Access to your personal data is password-protected, and sensitive data (such as payment card information) is secured by SSL encryption. We regularly monitor our systems for possible vulnerabilities and attacks, and we constantly review our process to identify ways to further strengthen security.
7. HOW LONG WILL WE KEEP YOUR PERSONAL DATA?
Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes. Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected.
At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
In some cases it may not always be possible for us to specify in advance the periods for which your personal data will be retained however we will determine the period of retention based on the following criteria:
(a) We will retain information contained in any enquiry that you submit to us regarding products or services. In circumstances where you (or your business) have not become a customer of ours we would retain the information contained in the enquiry for our future reference for a period of five years;
(b) We will retain information that you provide to us for the purpose of subscribing to our offers and emails for as long as you have consented to receive such communications; and
(c) The period of retention of contractual data will be determined based on whether there is an ongoing relationship between us and on our assessment of whether we may need that data to comply with our legal obligations or for our legitimate business interests.
8. WHO DO WE SHARE YOUR PERSONAL DATA WITH?
We sometimes share your data with trusted third parties, for example delivery couriers, fraud management, to handle customer enquiries and complaints, to help us personalise our offers to you and so on.
We respect your privacy and do not share your details with other retailers who may seek to use your details for commercial benefit.
We apply the following policy whenever we deal with any third parties in order to maintain your privacy:
(a) We only provide them with information essential for their specific services.
(b) They may only use your data for the exact purposes we specify in our contract with them.
(c) Any third parties we deal with must provide proof of their compliance with the latest GDPR (General Data Protection Regulation).
(d) We work closely with them to ensure that your privacy is respected and protected at all times.
(e) If we cease working with them, any of your data held by them will either be deleted or rendered anonymous.
Examples of companies we work with:
- IT companies who support our business and website.
- Operational companies that help fulfil our contracts with the customers i.e. delivery companies and couriers.
- Data insight companies to ensure your details are up to date and accurate.
- Direct marketing companies to ensure we can communicate our offers with you efficiently depending on your mailing preferences.
Sharing your data with third parties for their own purposes:
We will only do this in very specific circumstances, for example:
- For fraud management, we may share information about fraudulent or potentially fraudulent activity in our premises or systems. This may include sharing data about individuals with law enforcement bodies.
- We may also be required to disclose your personal data to the police or other enforcement, regulatory or Government body, in your country of origin or elsewhere, upon a valid request to do so. These requests are assessed on a case-by-case basis and take the privacy of our customers into consideration.
- For further information please contact our customer service department.
9. WHAT ARE YOUR RIGHTS OVER YOUR PERSONAL DATA?
Your principal rights under General Data Protection Regulation are:
(a) the right to access;
(b) the right to rectification;
(c) the right to erasure;
(d) the right to restrict processing;
(e) the right to object to processing;
(f) the right to data portability;
(g) the right to complain to a supervisory authority; and
(h) the right to withdraw consent.
You have the right to confirmation as to whether or not we process your personal data and, where we do, access to the personal data, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Providing the rights and freedoms of others are not affected, we will supply to you a copy of your personal data. Access to the personal data we hold about you, is free of charge in most cases.
You have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed.
In some circumstances you have the right to the erasure of your personal data without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; the processing is for direct marketing purposes; and the personal data have been unlawfully processed. However, there are certain general exclusions of the right to erasure. Those general exclusions include where processing is necessary: for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims.
In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are: you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defence of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defence of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
You have the right to object to our processing of your personal data for direct marketing purposes (including profiling for direct marketing purposes). If you make such an objection, we will cease to process your personal data for this purpose.
To the extent that the legal basis for our processing of your personal data is consent, and such processing is carried out by automated means, you have the right to receive your personal data from us in a structured, commonly used and machine-readable format. However, this right does not apply where it would adversely affect the rights and freedoms of others.
If you consider that our processing of your personal information infringes data protection laws, you have a legal right to lodge a complaint with a supervisory authority responsible for data protection. You may do so in the EU member state of your habitual residence, your place of work or the place of the alleged infringement.
To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing before the withdrawal.
You may exercise any of your rights in relation to your personal data by written notice to us, in addition to the other methods specified in this section.
You have the right to request a copy of any information about you that Enfield Safety holds at any time, and also to have that information corrected if it is inaccurate. To ask for your information, please contact:
Subject Access Request
Data Protection Officer,
Or email: firstname.lastname@example.org
To ask for your information to be amended, please update your contact details via our Customer Services team via email at email@example.com
or via telephone on 0333 003 5710.
If we choose not to action your request we will explain to you the reasons for our refusal.
Checking your identity
To protect the confidentiality of your information, we will ask you to verify your identity before proceeding with any request you make under this Privacy Notice. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
You will need to complete a Subject Access Request form and supply proof of identity before any information can be supplied.
11. HOW CAN YOU STOP THE USE OF YOUR PERSONAL DATA FOR DIRECT MARKETING?
There are several ways you can stop direct marketing communications from us:
a) Click the ‘unsubscribe’ link in any email communication that we send you. We will then stop any further emails.
b) Write to Marketing Team clearly identifying which channel of communication you wish to be unsubscribed from (email, postal or SMS) via:
1) Email - firstname.lastname@example.org
2) Post - Unsubscribe, Enfield Safety, Langley House, Standon, Herts, SG11 1QN
c) Please note that you may continue to receive communications for a short period after changing your preferences while our systems are fully updated.
12. CONTACTING THE REGULATOR
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
You can contact them by calling 0303 123 1113
Or go online to www.ico.org.uk/concerns (opens in a new window; please note we can't be responsible for the content of external websites)
This notice was last updated on 25/05/2018