We collect, use and are responsible for certain personal information about you. When we do so we are subject to the General Data Protection Regulation (otherwise referred to as the Data Protection Act 2018), which applies across the United Kingdom, and European Union and we areresponsible as the ‘Data Controller’ of that personal information for the purposes of those laws.
It would be helpful to start by explaining some key terms used in this policy:
|We, us, our||
FM Conway Ltd of Conway House, Vestry Road, Sevenoaks, Kent, United Kingdom, TN14 5EL
|Personal information||Any information relating to an identified or identifiable individual|
|Special category personal data||
Personal information revealing racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs or trade union membership.
Genetic and biometric data
Data concerning health , sex life or sexual orientation
DATA CONTROLLER: FM CONWAY LIMITED
PURPOSE OF THIS POLICY
This website is not intended for children and we do not knowingly collect data relating to children.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
THIRD PARTY LINKS
THE DATA FMC COLLECTS ABOUT YOU
The Company may collect, use, and store personal data. Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
The Company may collect, use, store and transfer different kinds of personal data about you which we have grouped as follows:
- Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
- Contact Data includes billing address, delivery address, email address and telephone numbers.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, operating system and platform, and other technology on the devices you use to access this website.
- Profile Data includes your interests, preferences, feedback and survey responses.
- Usage Data includes information about how you use our website and services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
We do not collect any Special Categories of Personal Data about you. This includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data. Nor do we collect any information about criminal convictions and offences.
HOW DOES FMC COLLECT YOUR DATA?
The Company uses different methods to collect data from and about you including through:
- Direct interactions. You may give us your identity, contact data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you:
- express an interest in a vacancy;
- express an interest in any services we provide;
- subscribe to our publications;
- request to be considered for a charitable donation;
- enter a competition, promotion or survey; or
- give us feedback or contact us.
Your personal data may be stored in hard copy at any of our locations or in our IT systems, including our email systems.
HOW DOES FMC USE YOUR PERSONAL DATA?
Under current Data Protection Law (GDPR - DPA 2018) we will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal obligation.
- Where you have explicitly given positive consent.
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
Generally, we do not rely on consent as a legal basis for processing your personal data although we will get your consent before sending third party direct marketing communications to you via email.
You have the right to withdraw consent to marketing at any time by contacting us.
You have the right to withdraw consent at any time by contacting us.
PURPOSES FOR WHICH FMC WILL USE YOUR PERSONAL DATA
We have set out below, in a table format, a description of the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
|Purpuse/Activity||Type of data||Lawful basis for processing including basis of legitimate interest|
To manage our relationship with you which will include:
(b) Asking you to leave a review or take a survey.
To enable you to partake in a prize draw, competition or complete a survey.
To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you.
Necessary for our legitmate interests (to study how customers use our services, to develop them, to grow our business and to inform our marketing strategy)
To use data analytics to improve our website, products/services, marketing, customer relationship and experiences
Necessary for our legitmate interests (to definbe types of customers for our services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)
To make suggestions and recommendations to you about goods or services that may be of interest to you
Necessary for our legitimate interests (to develop our products/services and grow our business)
WHO HAS ACCESS TO YOUR PERSONAL DATA?
Your information may be shared internally, including to members of the FMC operational or support teams.
The Company may share your data with third parties such as its clients, insurers, subcontractors, suppliers, legal advisors, regulatory bodies, service providers and joint venture companies.
HOW DOES FMC PROTECT DATA?
FMC takes the security of your data seriously. The Company has internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused, or disclosed, and is not accessed except by its authorised users in performance of their duties.
Where the Company engages third parties to process personal data on its behalf, the third party will only do so upon written instruction, and they will be subject to a duty of confidentiality. The third party will also be obliged to implement appropriate technical and organisational measures to ensure the security of your personal data.
HOW LONG DOES FMC HOLD PERSONAL DATA?
The Company ensures that it does not retain your personal data for any longer than is reasonably necessary to fulfil its legitimate purpose, including for the purpose of satisfying any legal, regulatory, accounting or reporting requirements. We may, in specific circumstances, retain your personal data for a longer period if there is a legitimate reason to do so. Specific circumstances may include the prospect of litigation or where there is an ongoing complaint in respect of our relationship with you. Other examples may include the need for public interest archiving, scientific or historical research, or statistical purposes. This list is not exhaustive and other circumstances may arise.
The appropriate retention period for personal data is data specific and the following factors are taken into consideration when determining the length of time:
- nature and sensitivity;
- the potential risk of harm from unauthorised use or disclosure;
- the purpose for which we process your personal data;
- whether we can achieve those purposes through other means and;
- the applicable legal, regulatory, tax, accounting or other requirements.
Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us by contacting us.
In some circumstances you can ask us to delete your data: see your legal rights below for further information.
In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
YOUR LEGAL RIGHTS
You have several legal rights under data protection laws in relation to your personal data. Your rights include the ability for you to:
- request reasonable access to your personal data;
- The right to be provided with a copy of your personal information (the right of access)
- request correction of your personal data at any time;
- The right to require us to correct any mistakes in your personal information
- request erasure of your personal data, subject to qualification;
- The right to require us to delete your personal information—in certain situations
- object to processing of your personal data, such as when your data is no longer necessary;
- At any time to your personal information being processed for direct marketing(including profiling);
- In certain other situations to our continued processing of your personal information,eg processing carried out for the purpose of our legitimate interests.
- request restriction of processing your personal data;
- The right to require us to restrict processing of your personal information—in certain circumstances, e.g., if you contest the accuracy of the data
- request transfer of your personal data; and
- The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations
- Not to be subject to automated individual decision making.
- The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you
If you would like to exercise any of the rights set out above, please contact us by email at firstname.lastname@example.org.
If you believe that FMC has not complied with your data protection rights, you can complain to the Information Commissioner.
NO FEE USUALLY REQUIRED FOR YOU TO ACCESS YOUR DATA
FMC does not charge a fee for you to access your personal data upon reasonable request. We do, however, reserve the right to charge a reasonable fee in circumstances where your data request is continuous, unnecessary or unfounded.
HOW QUICKLY WILL FMC RESPOND TO A REQUEST FOR PERSONAL DATA?
We intend to respond to all legitimate requests within 30 days of receipt of your request. On occasion, where such requests are particularly complex, this may not be possible and in such circumstances, we will endeavour to keep you informed of our progress.
Full name of legal entity: FM Conway Limited
Email address: email@example.com
Postal address: Conway House, Vestry Road, Sevenoaks, Kent, TN14 5EL
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact in the first instance.