Legal grounds for processing your personal information
The law on data protection sets out several different reasons (the legal basis) for which a company may collect and process your personal data. We will only use your personal data when legally permitted.
We will not resell your personal data at any time or pass it to third parties for any other purpose than those listed below.
Depending on the relationships we have or wish to have with you, the most common reasons and legal grounds for use of your personal data that we use are:
- Where we need to for the performance of the contract between us (art. 6 para. 1 b GDPR).
- Where it is necessary for us to pursue our legitimate interests (or those of a third party) in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests (art. 6 para. 1 f GDPR).
- Where we need to comply with a legal or regulatory obligation (art. 6 para. 1 c GDPR).
- Where we collect and process your personal data with your consent usually via a tick-box opt in action (art. 6 para. 1 a GDPR).
Generally, we do not rely on consent as a legal ground other than in relation to sending some marketing communications to you where we are not relying on our legitimate interest to do so.
Where we do use consent, you have the right to withdraw it at any time using the instructions found in all relevant communications or using the details in the contact us section below.
There may be uses that are permitted based on other grounds; where this is the case we will use reasonable endeavours to identify the ground and communicate it you as soon as possible after becoming aware of the new basis.
Purposes for processing your personal data
To manage business relations based on our legitimate interest. If you are a representative of our current/potential client, supplier, business partner or investor, we may process your personal data as outlined in "Personal information we collect about you?" section above, to develop and/or maintain business relations and communications with us, to engage a new business with the company you represent, to provide you with the status/details/other information about our works and services, to organise the approval, processing and signing of contracts, orders, invoices and other contractual documentation, to promote our new products, works and services, to confirm the high level of our works and services, to invite you to meetings, events and organise them.
To manage all sales stages and activities relevant to the processing of any quotations, product/service enquiries, orders or appointments, that you make by using our websites, by telephone, by email, other written communication, or via our sales staff. We do this based on the performance of a contract with you and our legal obligations in relation to financial record keeping, etc. If we don’t collect your personal data for these purposes, we won’t be able to process your request to provide pricing or delivery of the goods of services you require.
For example, your details may need to be passed to a third party (e.g. courier service provider or installation subcontractor) to supply or deliver the product or service that you ordered, and we may keep your details for a reasonable period afterwards to fulfil any contractual obligations such as refunds, guarantees and so on.
Customer service and support to respond to your queries, refund requests and complaints. Handling the information you send enables us to respond. We may also keep a record of these to inform any future communication with us and to demonstrate how we communicated with you throughout. We do this based on our contractual obligations to you, our legal obligations and our legitimate interests in providing you with the best service and understanding how we can improve our service based on your experience.
To administer and protect our business, our website and your account (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data). We do this for our legitimate interests for running our business in the provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise.
For example, by checking your password when you log in and using automated monitoring of IP addresses to identify possible fraudulent log-ins from unexpected locations.
To provide the most interesting and relevant content to you on our websites and improve our products/services, marketing, customer relationships and experiences, we’ll use data we hold about your order history, your activity on our website (data analytics), your preferred products and so on. We do so on the basis legitimate interests to define types of customers for our products and services, to keep our site updated and relevant, to develop our business and to inform our marketing strategy.
For example, we might display a list of items you’ve recently looked at or offer you recommendations based on your purchase history and any other data you’ve shared with us.
To administer any of our prize draws or competitions which you enter, based on your consent given at the time of entering.
To send you survey and feedback requests to help improve our product and services. These messages will not include any promotional content and do not require prior consent when sent by email or text message. We do this based on our legitimate interests to help make our products and services more relevant to you, study how customers use our products/services, to develop them and grow our business.
Of course, you are free to opt out of receiving these requests from us at any time by updating your preferences or unsubscribing using the links providing in these communications.
To build a rich picture of who you are and what you like, and to inform our business decisions, we’ll combine data captured from third parties and data from publicly-available sources as we have described in the "Personal information we collect about you?" section above. We’ll do this based on our legitimate business interest.
For example, by combining this data and in some instances using automated decision making, will help us personalise your experience and decide which content to share with you. We also use anonymised data from customer order histories to identify trends in product use and report on operational data relating to our clients’ assets (areas of damage to vehicles, branding audits, etc).
To protect our customers, premises, assets and partners from crime, we operate CCTV systems at our sites and offices which record images for security. We do this based on our legitimate business interests.
To process payments and to prevent fraudulent transactions. We do this based on our legitimate business interests. This also helps to protect our customers from fraud.
If we discover any criminal activity or alleged criminal activity through our use of CCTV, fraud monitoring and suspicious transaction monitoring, we will process this data for the purposes of preventing or detecting unlawful acts. We aim is to protect the individuals we interact with from criminal activities.
To send you communications required by law or which are necessary to inform you about our changes to the services we provide you.
For example, updates to this Privacy Notice, product recall notices, and legally required information relating to your orders.
These service messages will not include any promotional content and do not require prior consent when sent by email or text message. If we do not use your personal data for these purposes, we would be unable to comply with our legal obligations.
To comply with our contractual or legal obligations to share data with law enforcement.
For example, when a court order is submitted to share data with law enforcement agencies or a court of law.
You will receive relevant marketing communications from us if you have:
(i) requested information from us or purchased goods or services from us based on legitimate interest; or
(ii) if you provided us with your details and ticked the opt-in box at the point of entry of your details for us to send you marketing communications based on consent; and
(iii) in each case, you have not opted out of receiving that marketing.
We will not share your personal data with any third party for marketing purposes.
You can ask us to stop sending you marketing messages at any time by using the unsubscribe link on these communications or emailing us with your request at firstname.lastname@example.org at any time.
Where you opt out of receiving our marketing communications, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.
Of course, if you wish to change how we use your data, you’ll find details in the ‘What are my rights?’ section below.
Remember, if you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide some of the products and services you’ve asked for.