PROTECTING YOUR PRIVACY – May 2018 Introduction
This Privacy Notice explains in detail the types of personal data we may collect about you when you interact with us. It also explains how we will store and handle the data and keep it safe. We hope that the following sections will answer any questions you have but if not, please do get in touch with us. 

Identity
This Privacy Notice relates to Chaps (Southern) Limited as a Data Controller. Chaps (Southern) Limited is referred to in this document as “the company”.

The legal bases we rely on
The law on data protection sets out a number of different reasons for which a company may collect and process your personal data, including:

Consent: In specific situations we can collect and process your data with your consent. For example, when you supply us with your email address so that we can send you a quote or add you to our servicing reminder database. We will make it clear to you at the time which data is necessary for a particular service.

Contractual obligations: We will need certain personal data in order to fulfil our contractual obligations with you, for example, your name and address will be taken for us to attend your premises and will be passed on to our contractors if, for example, you have requested an electrician or drain specialist.

Legal compliance: We need certain personal data to maintain our accounting and other business records. If the law requires us to then we may need to pass on details to law enforcement if there has been a fraud or criminal activity involving the company.

 

Legitimate interest: In specific circumstances we require your data to pursue our legitimate interests in running a business. For example, we might send you a personalised offer or look at your history with us to send you information about our services that might be of interest to you.

When do we collect your personal data?
1. When you telephone or email us to make an appointment or have an enquiry.
2. When one of our engineers or surveyors visits you to carry out works or prepare a quote.
3. When you contact us via our website.
4. When you speak to our engineers or staff face to face in order to make an appointment or have an enquiry.
5. When you use social media to review our services.
6. When you have given a third-party permission to share your personal information with us, for example your insurers.
7. When you make an application for extended credit with us.
8. When we need to trace you, for example, for credit control purposes, we may collect other publicly available data from sources such as social media, Companies House, The Land Registry etc.

9. When you visit our offices which have a CCTV security system in place.

What sort of personal data do we collect?
1. When you become a customer, we will record your title (gender), name, address, telephone and/or mobile phone numbers. We will ask for an email address if you require a quote, wish to correspond by email or request invoices by email or if you have contacted us in the first place by email.

2. Detail of your interaction with us, for example, how you heard of us if you are a new customer, details of conversations we have with you (verbally or in writing), details of any complaints you make, and details of the financial transactions you make with us.

3. Where we have visited your property, we will record details of the works carried out, the appliances worked on, faults noted and recommendations made. This may be in the form of a site report completed by an engineer or his report back to the office of his findings.

How and why do we use your personal data?
1. To process requests and appointments for you. By handling this information, we can fulfil our contractual obligation to you and our legal compliance.
2. To respond to your queries or complaints. By handling your data, we are able to respond.
3. We will keep a history of communication with you so that we are able to service your property better. This is part of our contractual obligation to you and to maintain our legitimate business interest.
4. We may use your personal data for the legitimate business purpose of contacting you with reminders for servicing, offers, or after-sales care. This will help us to maintain our high levels of customer care. We may do this by phone, e mail or post.
5. To process payments and help prevent fraudulent transactions or crime. We do this on the basis of our legitimate business interest, legal compliance and to protect the company and our customers from fraud.

6. To send feedback requests on the service provided to you. This will not include any promotional content and we have a legitimate interest to help improve our service to you. If you wish to change the way we use your data then you will find details in the “What are my rights” section but if you choose not to share your data with us then we might not be able to carry on providing services for you.

How do we protect your personal data?

We are very conscious of the security of our customers’ data and with this in mind we take great care to protect it.

 

Our website is a secure area.

Our office database is accessible only by authorised personnel and is password-protected. Our passwords are changed regularly to enhance security.

 

Our office systems are encrypted and are backed up securely every day.

Our systems are protected by anti-virus technology.

Our payment processing is secure and your payment card details are never written down and retained.

 

Personal data may be required to leave the office environment, for example, with our engineers in order for them to visit your address. Our staff and engineers have been trained in the new GDPR regulations and the company’s policies and procedures for protecting your privacy. For example, we will not leave your personal data on show in our vans or give your personal data to a supplier when ordering materials (your reference will be in code form from which you cannot be identified by a third party).

How long will we keep your personal data?

Whenever we collect personal data, we will only keep it for a long as is necessary for the purpose for which it was collected.

 

At the end of that retention period your data will be deleted from computerised records or securely shredded if it is in paper form.
Examples of retention periods:
1. Your account and personal data on our database:
This will be retained for as long as you are an active customer. If you have not contacted us for five years then we will attempt to contact you to ask if you wish the account to remain open. If we cannot contact you then we will delete the personal data that we hold.

2. Goods under warranty:
If your order included goods under warranty then the associated personal data will be kept until the end of the warranty period.

3. Your financial account:

We are required by law to keep certain financial records for a minimum of six years. This will therefore apply to personal data where it is included on, for example, sales invoices and payment records.

 

Who do we share your personal data with?

We may have to share your personal data with a trusted third party, for example, a supplier who is delivering materials direct to your address or a specialist contractor.

 

Personal data is also shared by the IT companies who maintain our databases and website.

We will share personal data with law enforcement bodies where necessary as part of a fraud or other criminal investigation or as part of debt collection procedures, or with insurers where required as part of a claim. Requests for personal information will be assessed on a case by case basis and we will

also take our customers’ or employees’ privacy into consideration. 

If you ask us to process an application for consumer credit then we will be sharing your personal data with the credit provider. We will obtain your permission for this and you will be made aware of the personal data which will be shared.

 

Should the business ever be sold then personal data will be transferred accordingly to the new owners.

 

Our policy in respect of sharing your personal data with third parties is as follows:
1. We only disclose the information they need to perform their specific service.
2. They may only use your personal data for the exact purpose specified in our instruction to them.
3. We ensure that their own privacy policy protects your data at all times.
4. If we stop using their services then we will ask that your personal data is deleted from their records.

We do not share personal data with other companies for marketing purposes.

We currently do not operate outside of the EEA. Guidance on data privacy in other countries will be sought from the Information Commissioner if this changes in the future.

 

What are your rights over your personal data?
You have the right to request:
1. Access to the personal data we hold about you, free of charge. In some cases, a fee is payable in accordance with the Information Commissioner’s guidelines.
2. The correction of your personal data when it is incorrect or incomplete.
3. That we stop using your personal data to contact you.
4. That your personal data is erased from our systems (this may be refused where there is a legal obligation for us to keep it for a certain time period which has not yet expired).

5. That your personal data is transferred to another party.

 

Contact us
If you have any further queries regarding our data privacy or wish to submit a subject access request then please contact us at accounts@henleychaps.co.uk or via the “contact us” facility on our website.