In this Privacy Notice, references to “we”, “us”, “our” or “EPEL” are to E Preston (Electrical) Ltd, whose registered address is Broadway, Globe Lane Industrial Estate, Dukinfield, Cheshire, SK16 4UU, United Kingdom.
For the purposes of the General Data Protection Regulation or “GDPR” (and all other laws relating to the use your Personal Data), we are both a “data controller” and a “data processor” – meaning that we record and obtain data for ourselves, and decide how it is used, without any middlemen or third-parties. All data we obtain will be used only by us and for legitimate business purposes.
We are committed to protecting your privacy and will take all steps necessary to comply with our legal obligations when using your Personal Data. This Privacy Notice explains how we fulfil this commitment, so please read this document carefully.
What Personal Data do we collect?
You may provide us with the following types of Personal Data when you interact with us (when using our digital platforms or otherwise):
- Identity – first name, surname, gender, date of birth
- Contact – email address and physical/postal address
- Financial – payment card details, billing address, purchase information, payment history
We may collect the following types of information from you when you use our digital platforms using Cookies or other tracking technologies:
- Usage – information about how you use our digital platforms, including time spent on page, click-throughs, download errors
- Technical – IP address, browser type, hardware type, network and software identifiers, device information, operating system and system configuration
How do we use your Personal Data?
EPEL uses the information collected from you for purposes including the following:
– to provide you with products and services you request
– to process payments that you make through our digital platforms
– for internal administration and record keeping
– to notify you of changes to this Privacy Notice, our terms and conditions or other changes to our services or products
– to answer your enquiries which may involve contacting you by post, e-mail or phone
– to send you certain types of direct marketing
– to manage legal claims and other compliance/regulatory matters
– to verify your identity and detect and prevent fraud and security issues
– to process job applications
In addition to the above, we may also anonymise and aggregate your personal data in a way which means you cannot be identified. This may be helpful to us for testing our internal systems, carrying out research and general data analysis. Because this data is not personally identifiable, we can use it for any purposes.
What is our legal basis for processing your Personal Data?
We use your Personal Data on the following bases:
- To perform a contract, such as providing products or services to you
- To comply with legal and regulatory obligations
- For legitimate business purposes (see “How do we use your Personal Data” section above)
- In certain cases, with your consent
- We may process your Personal Data for more than one lawful basis depending on the specific purpose for which we are using it. Importantly, we will only use your Personal Data when the law allows us to.
Who do we share your Personal Data with?
EPEL does not share any personal data with any third-party sources. We keep all data acquired purely for use in our business, and our business alone, to keep records of your previous interactions with us, and for contacting you. Our data is both stored on site for our use, and off-site as a secure back-up in the event of any unintended loss of data.
What is our Personal Data retention policy?
We will keep your Personal Data for as long as you are a registered user of one of our digital platforms, or for as long as is necessary for us to provide products or services for you, and for a limited period of time afterwards.
Once you no longer wish to be engaged with EPEL we may still need to keep hold of your data if there is a legal reason for doing so (such as for tax purposes where you have made purchases through one of our digital platforms or where we need to resolve any disputes with you).
How do we keep your Personal Data secure?
We adopt industry standard security processes to ensure your data is kept safe and secure and to prevent unauthorised access or use or loss of your data. Despite the security measures we implement, please be aware that the transmission of data via the internet is not completely secure. As such, we cannot guarantee that information transmitted to us via the internet will be completely secure and any transmission is at your own risk.
Your rights as a data subject
At any point whilst EPEL is in possession of or processing your Personal Data, you may have the following rights:
- Right of access – you have the right to request a copy of the Personal Data that we hold about you.
- Right of rectification – you have a right to correct Personal Data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the Personal Data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply you have a right to restrict the processing of your Personal Data.
- Right of portability – you have the right to have the Personal Data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing, as well as processing we undertake based on our legitimate interests.
- Right to object to automated processing, including profiling – you also have the right not to be subject to the legal effects of automated processing or profiling.
If you want to exercise any of these rights, please contact us using the details at the bottom of the page, or through our online enquiry form. You don’t have to pay a fee to exercise your rights, unless your request is clearly unfounded, repetitive or excessive (in which case we can charge a reasonable fee). Alternatively, we may refuse to comply with your request in these circumstances. Where your request is legitimate, we will always respond within one month (unless there is a legal reason to take longer, such as where your request is particularly complex). We may also need you to confirm your identify before we proceed with your request if it is not clear to us who is making the request.
In addition to the above, you may get in touch with the ICO (Information Commissioner’s Office) if you are concerned about the way in which we are handling your Personal Data. However, where possible, we would really appreciate you speaking with us first if you have any concerns.
How to opt-out of EPEL marketing
To unsubscribe from EPEL newsletters or any other marketing emails, simply contact us (with the details below) or e-mail firstname.lastname@example.org request unsubscription.
Changes to this Privacy Notice
If we amend our Privacy Notice, it will be published on the relevant EPEL digital platform(s) so please check back regularly to see if there have been any updates. If we make any substantial changes, we may also email you if it’s appropriate.
We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure,we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.