DATA PROTECTION POLICY
We are committed to protecting and respecting your privacy, in this Data Protection Policy which takes effect on 25th May 2018, we explain how and why we collect, store, process and share your personal data. This document also explains your rights in relation to the personal data you give us. If you have any questions relating this Data Protection Policy, please contact:
Address: Unit 3, Stratford Workshop, Burford Road, London E15 2SP, United Kingdom
Telephone: 020 3239 3502
GBPL Limited (company number 07442572) trading as Smart Space Group is the “data controller” of any personal data it may collect and hold about you, unless we inform you otherwise.
1. What personal data do we collect?
1.1 What are personal data?
‘Personal data’ are those data that can lead to identification of you, directly or indirectly. Personal data includes such information as your full name, an identification number, location data or an email address.~
1.2 Type of personal data we collect.
The personal data we collect from you directly can include your:
mobile/landline telephone number,
and other information you give us when you contact us.
If you are our client and we provided installation services to you, we might collect some additional personal information such as IP and MAC addresses of devices connected to your network.
1.3 Data we collect when you visit our website.
To host our website, we use a third-party service, WordPress.com, which is run by Automattic Inc. We use a standard WordPress service to collect anonymous information about users’ activity on the site, for example the number of users viewing pages on the site. We do that to monitor effectiveness of the site and to help us improve it. For more information about how WordPress processes data, please see Automattic’s privacy notice by following this link: https://automattic.com/privacy.
To monitor website performance, we use Google Analytics. We collect standard internet log information and details of visitor behaviour patterns. This information is processed in the way that it those not identify you.
2. When do we collect your personal data?
When you contact us in person, over the phone, by email, by contact form on our website or by post.
When you engage with us on social media.
3. What are legal bases for processing your personal data?
3.1 Processing personal data without your explicit consent.
We will not use your data for any other purpose then those listed below, unless you will give us your permission to do so.
To perform a contract.
We use your personal data to perform a contract or to take actions that you requested prior to entering into a contract (i.e. to provide you with quotation, to deliver services or products, to take a payment, to communicate with you regarding those services and to answer your questions and comments).
The lawful basis we are relaying on with the actions described above is the right to process personal information to perform a contract.
To comply with legal obligations.
In some cases, we are obligated by law to process your personal data to comply with legal obligation (such as if we receive a legitimate request from a law enforcement agency).
For legitimate interest.
We may use your personal data in our legitimate interest as a business (i.e. to inform you about expiring guarantee or relevant to you upgrade, to measure customer satisfaction, and troubleshoot customer issues).
The lawful bases for the processing described above is the legitimate interest, we will always make sure to balance these interests against your rights and freedoms.
3.2 Processing personal data that require your consent.
If we would like to process your data for other specific purpose, we will ask for your consent in the clear manner and we will not use it for any other purpose.
4. Who do we share your personal data with?
In order for us to provide our services to you, we share your personal data with our trusted service providers described below. We will never sell any of your personal data to a third party.
When you purchase services from us we might share your personal information with our trusted subcontractors and other third-party providers such as delivery companies and equipment suppliers.
We work with carefully selected customer database hosting provider which is based in United States and is obligated to the same practises regarding personal data of European Union’s citizens as stated in this Data Protection Policy.
We may need to disclose your personal data to our insurers where we believe that it is required under our contractual relationship with our insurance provider to do so.
In each case, we will ensure that the service provider is only allowed to use your personal data in order to provide the services to us and for no other purpose.
5. Your rights.
You have a number of rights relating to your personal information and what happens to it. You are entitled to:
have your data processed fairly, lawfully and in a transparent manner;
have your data processed only for specified, explicit and legitimate reasons as stated in this data protection policy;
require us to correct any mistakes and make necessary updates in your personal data;
have your data kept for no longer than necessary in a secure manner.;
access personal data we hold about you;
require us to delete personal data concerning you in certain situations;
request that we transfer your personal data to you or another service provider in a simple, structured format;
object at any time to processing of your personal data when the basis of processing is consent; and
object in certain other situations to our continued processing of your personal data;
You can read more about your rights, including the circumstances in which they apply, in the Guidance from the UK Information Commissioner’s Office (ICO) https://ico.org.uk/for-the-public. You also have the right to complain about our use of personal data to the ICO. You can do these by contacting the ICO via their website https://ico.org.uk/concerns.
If you would like to speak to us in relation to any of your rights, please contact us.
We want to ensure that all the information we have about our clients is factually correct and up to date. If you find that the personal data we have about you is inaccurate or needs updating (for instance, you may have changed your name or address) then please contact us so that we can correct it.
6. Security and retention of your personal data.
Security of your personal data.
We take the security of your personal data very seriously. We have policies and measures to keep your data secure. We protect your data by password protection and we are implementing a solution to strengthen the security by encrypting the relevant devices. Your data is protected and only accessible by employees who need it to carry out their job responsibilities. We also ensure that there are physical security measures in our office which unable access to your personal data by other parties.
Retention of your personal data.
In broad terms, we will only retain your personal data for as long as is necessary for the purposes described in this Data Protection Policy. This means that the retention periods will vary according to the type of the data and the reason that we have the data in the first place.
We have procedures in place regarding our retention periods which we keep under review taking into account our reasons for processing your personal data and the legal basis for doing so.