Denleigh is committed to minimising its data collection and safely processing and storing all personal data, and using data for the purposes collected; this notice provides more information.
Who is the privacy notice for?
This privacy notice is for website visitors, customers, prospective customers, suppliers, prospective suppliers and third parties. Staff should refer to the employee privacy notice.
The Data Controller
The Data Controller is Ashton Solutions UK LLP T/A Denleigh
To contact us write to our registered address: 14 Edison Road, Salisbury SP2 7NU, or call us on 01722 337060 or email firstname.lastname@example.org.
What is personal data?
Under the EU’s General Data Protection Regulation ‘Personal Data’ is defined as: “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
For what purposes does Denleigh collect personal data?
To provide you with information, promotions, services and products we collect personal data, such as names and contact details. Occasionally more general non-personal information is obtained for deliveries/collections and to resolve any queries. We are committed to ensuring that the information we collect and use is appropriate for this purpose and does not constitute an invasion of your privacy.
What is processing of personal data?
Under the EU’s General Data Protection Regulation ‘Processing’ is defined as: “Any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use , disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.”
The bases of processing your personal data
With GDPR there are six legal bases for processing personal data, which are:
- Legal obligation
- Vital Interests
- Public interests
- Legitimate interests
Any personal data processed by Denleigh will be on a legal base of contract, consent, legitimate interests or legal obligation.
What personal data is collected?
Denleigh will typically just collect the following personal data:
- Name, job title and/or trade/profession
- Contact details including email address and phone number, and occasionally your social handle(s)
- In the case of a sole trader and partnerships, sales and credit information
Occasionally Denleigh may obtain the following personal data:
- Location, including additional addresses and/or GPS coordinates
- Computer device type, IP address, browser fingerprint
- Communication, including telephone recordings, voice mail, email
- CCTV footage
Using your personal data
Denleigh will typically use your personal data for:
- Marketing – to share construction news and specific business and product promotions
- Sales – to provide goods and services to you
- Operational – to deliver goods and services to site(s)
- Correspondence – email and mail of invoices, important announcements etc
- Customer research and feedback – to help us continually improve our products and services
- Website – to enhance the performance of our website specifically for you, refer to our cookies policy
Other data we may have access to
Systems and/or platforms we use may provide additional information about yourself, such as your approx location or your preferences from emails you open and your behaviour on social networks; all of which can be controlled by adjusting your privacy settings.
Data Processors for Denleigh
Other companies (known as Data Processers), who process personal data on behalf of Denleigh so we can fulfil our services, are:
- Deliveries: DPDlocal Doccombe Others as occasionally instructed
- Marketing: Hubspot
Data from other organisations
Denleigh does not obtain personal data from other organisations.
Your individual rights
Your individual rights within the Data Protection Act (GDPR) are:
- the right to be informed;
- the right of access;
- the right to rectification;
- the right to erasure (or to be forgotten);
- the right to restrict processing;
- the right to data portability;
- the right to object; and
- the rights in relation to automated decision making and profiling.
Your individual rights – Subject Access Request (SAR)
Should you wish to know what personal data we have collected and stored about yourself, please submit a ‘subject access request’ in writing to the registered company address. Your SAR will be handled in accordance with the prevailing Data Protection regulations.
Your individual rights – more detail
How to exercise your individual rights at Denleigh:
- the right to be informed – please read this privacy notice, if you still have questions please contact us,
- the right of access – please follow the SAR instructions above.
- the right to rectification – please email rectification requests to email@example.com.
- the right to erasure (or to be forgotten) – Submit your request by email to firstname.lastname@example.org.
- the right to restrict processing – please submit restrictions to email@example.com.
- the right to data portability – please contact firstname.lastname@example.org.
- the right to object; and – please contact email@example.com.
- the rights in relation to automated decision making and profiling – Denleigh doesn’t use any form of automated decision making including profiling, however if you have any questions please contact firstname.lastname@example.org.
This policy will be periodically updated to reflect governmental or internal operational changes.