General Data Protection Regulation

Aspire House Solutions Ltd

GDPR 2018-06-18T06:32:11+00:00

Aspire House Solutions Ltd

Data Protection GDPR

As part of the new general data protection regulations that come into force on the 25th May 2018. Aspire House Solutions ltd have updated our privacy notice to clarify how we collect your data and what we do with the same. We respect your privacy and your rights to control your personal data.

Our core guidelines are simple. We will be clear about the data we collect from you and why. Your data collected is protected by us. We do not and will not sell your personal data to third parties.

The prime purpose of collecting your data within the business is two-fold initially it is collected for marketing purposes and to make contact with you to provide a written sales quotation, this data is then used to follow the sales quote up with you through to a conclusion.

As the sales quotation turns into a sale contract then this data – information is used to manage the manufacturing and installation process against your signed sales order.

Finally, your data is then used to register with the relevant accreditation bodies as we complete your works, this could include however not be limited to building control inspectors, your local planning office, CERTASS, FENSA, IWA indemnity insurance, our guarantee and other relevant bodies. This data will be used to provide essential documentation and will be retained on files for the lifetime of the guarantee which does not exceed 10 years.

This Privacy Statement (the ‘Statement’) explains the personal information we collect from you, either directly or indirectly, and how we will use it. Personal information is any information that can be used to identify you or that we can link to you. The Statement also elaborates on the choices you can make about the data we collect, and how you can control these decisions.

Please read this Statement carefully to understand how we may collect, use and share your personal information.

Who are we?

Aspire House Solutions Ltd

4th Floor, Victoria House

Victoria Road

Chelmsford

Essex

CM1 1JR

For any questions about how we use your data, or to exercise your rights over your data, you can contact us on:

Telephone: 01245 678005
Email: info@aspirehsltd.co.uk
Post: Address as above

Contact Mr James Tyson

If you do have questions, we’d ask you to read this policy in the first instance as we believe that it’s clear and comprehensive and will answer most of not all of your questions.

What data do we collect and process about you, what do we do with it and why?

When you visit our website

Our IT internet providers collect your IP address, the website you came from, what kind of browser you’re using, and what you do on the website – which links you follow, where your mouse travels, how long you spend on each page and so on.

We only use temporary cookies and don’t track you around the internet. Our website will work fine if we do not have track switched on or have third-party cookies completely disabled.

We will link some of your technical information, such as your IP address, to your name and other personal details if you log in to the website and make an enquiry through our dedicated contact form.

We use this information to make our website work more efficiently in the first instance, and to help us understand your experience of it and how to improve it progressing forward.

Formally, we justify this processing as a legitimate interest for the marketing and activity tracking aspects.

When you contact us

If you get in touch with us – whether that’s by phone, email, post or in person – we’ll collect the personal information you provide. If you use our contact form, we ask for your name, email address and contact phone number, and we’ll ask for the same things if you call our main office numbers. That information provided and anything else you tell us will be handled securely. Only what is needed to deal with your enquiry correctly will be passed on either internally or externally within the business. We do ask that you don’t include sensitive personal information in any communication you have with us. If in resolving your enquiry it involves making a refund to you we may need to collect bank details from you to do that; we will not keep these after the refund has been issued. Alternatively, we can simply refund by cheque or credit note.

We will use the information you provide to deal with your enquiry and for no other purpose. We will also track enquiries for statistical and business improvement purposes and we would share that information internally to our employees.

Formally, we justify this processing on the basis of your consent. When you use the contact form, call the contact centre via our telephone lines or visit our business in person, If you write to us by post or email, we will send you a privacy notification with the option to withdraw your consent if you wish.

Whenever you interact with us, we may ask you to consent to receive this marketing information by email or text message or signature. If you are a consumer, we will only email or text you if you have consented in this way, and you can withdraw this consent at any time by contacting us using the information at the start of this policy, following the unsubscribe instructions on our web site.

If you are a business or one of our suppliers then we may also send you marketing communications by email or text without prior consent, however you still have the same rights to ask us to stop.

We will also write to you by post to provide written quotations, schedule your works into our system  and manage the same. You may ask us to stop at any time by contacting us using the information on our web site. following the unsubscribe instructions that are visible. We will also always respect any preference you have expressed using the Mailing Preference Service.

We do not make cold telephone marketing calls to consumers and will only call you in response to an enquiry or as part of contractual customer service.

Formally, we justify our marketing activity as being in our legitimate interest. As required by the Privacy and Electronic Communication Regulation 2003.

What Information we collect about you

Subject to the circumstance around how you have contacted us we may hold some or all of the following personal information.

  1. Title
  2. Name
  3. Address
  4. Post Code
  5. Mobile telephone number
  6. Land line number
  7. Email address
  8. Signature on sales contract
  9. Sales contract details

Who else gets to see your data

We won’t ever sell your data or provide access to it to any third parties for marketing purposes. We will only share your data in the following ways:

With our Employees and Subcontractors

Like many businesses we don’t do everything ourselves. When we have someone else help us handle an aspect of our business to complete your contract, we will pass them some of your data so that they can do their work. We will only ever give them the minimum information that they need and it will always remain under our control. This means that they can only do with your data what we tell them to, and they can’t keep it once they no longer need it or pass it on to anyone else.

At the moment, the following parts of our business work with partner companies:
• Our telephone call centre
• Skip Hire
• Scaffolding Hire
• Sub-Contract electricians
• Sub- Contract Plasterers
• Suppliers
• Distribution Partners
• Sub-Contract electricians
• Sub- Contract Plasterers
• JHAI Building inspectors
• IWA Indemnity Insurance
• CERTAS
• Business Insurance (if required)

We also outsource our IT domain name storage and web hosting. We always have control of this access and have strict contractual provisions to make sure they don’t abuse it.

If We are legally required

In some circumstances we may be legally required to pass on your data. For example, if there is a health and safety incident on one of our sites and you are involved, we will pass your data on to the Health and Safety Executive (a government agency) or to the relevant local authority. What they then do with your data is governed by the law. They may also contact you directly. We will always advise you when your data is passed on in this way. In this specific circumstance we may collect information about you where it is strictly relevant and this may be done without your consent if you are not able to consent at the time. We will only do this in order to comply with the law and to protect your vital interests.

The police and other government agencies may also request your data. We will pass it to them once they show us proof that their request is legal. We may not be able or allowed to tell you if this happens.

Making a Complaint.

If you make a complaint or if we think it’s necessary for any other reason, we may be depending on the issue pass your data on to our insurers. We will only pass them the data that they need; we have a clear agreement with them that they will only use the data to assess any claim that we may make in connection with the issue.

How we look after your data

We take the security of your data very seriously. We’ve made investments in systems and training to make sure the data we collect stays safe. We have strict contracts with anyone we share it with to ensure they do the same. It will always be stored and processed within the current guidelines where the General Data Protection Regulation gives you strong legal protection for your data privacy rights. We will always obey both the letter and the spirit of the data protection laws that apply to us.

We keep clear records of what data we have and what we do with it, and make sure that we always consider what impact our processing will have on you. We also continually assess the risks to you from possible data breaches and do everything we can to prevent them.

How long we keep your data

We won’t keep your data forever. We will only keep your data for as long as we need to, data collected as part of a sales contract has to be kept for the period of the guarantee which will not exceed ten years. Data collected as part of a sales quotation period will be kept for a period of not more than eight months.

If you haven’t communicated with us for a period of three years –  opening an email, contacting us or visiting our website – we’ll restrict your data so that it’s no longer connected to you in any way. We will keep the restricted data indefinitely to help us understand our business and our customer base.

Your rights

You have the right to see a copy of all the data we hold about you.

You have the right to ask us to delete what data we have or stop processing it. However, we may not be able to do so immediately if the data is required for us to fulfil an obligation to you – like completing your sales contract; managing your guarantee period or if we are legally required to keep it; or if we believe we need to keep it for contractual or insurance purposes or taxation purposes. We will always tell you should you ask what we are doing and why.

You have the right to ask us to correct your data – and if what we hold about you is incorrect in any way then, we’d really appreciate it if you told us – but we will in some circumstances need to check that what you’re telling us is accurate.

You also have the right to complain to the Information Commissioner’s Office – the government agency that handles data protection in the UK. You can reach them at their website: https://ico.org.uk/global/contact-us/

 

Policy information

This policy was last updated on the 24th of May 2018. We may update it at any time in order to improve our customer experience or to comply with changes in the law.

 

Additional Information

Governing Law

This Addendum shall be governed, construed and interpreted in accordance with the English laws.

DATA PROCESSING

  1. Controller means the natural or legal person, public authority, agency or other body or person which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
  2. Data Subject is the identified or identifiable natural person the Personal Data are relating to.
  3. Data Protection Laws means the Data Protection Act 1998 (as amended or replaced with English law’s adoption of GDPR) and the GDPR.
  4. GDPR means the General Data Protection Regulation 2016/679.
  5. Personal Data means any information relating to an identified or identifiable natural person (‘Data Subject’), which information is subject to the GDPR or the laws of non- EU EEA countries that have formally adopted the GDPR; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
  6. Personal Data Breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.
  7. Processing means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  8. Services means the services provided as agreed in the Contract.
  9. Supervisory Authority means the independent public authority, Information