Gedore Torque Ltd is committed to meeting the GDPR regulations and ensuring the protection and security of all personal information we are responsible for.This policy details how we use the personal information that we collect and process and to outline the procedures in place to safeguard your privacy.
SALES & MARKETING
Should we ask you to provide any information by which you can be identified, for instance when making a telephone or e‑mail enquiry, visiting our website, attending an event or through a relationship with us, you can be assured that it will only be used in accordance with this privacy statement.
In regard to our business, the operation of our website, and our e‑marketing and other associated marketing activities, Gedore Torque Limited will continue to manage our client data and be compliant with General Data Protection Regulations (GDPR).
Gedore Torque Limited is a data controller; our registered office is at Tannery Lane, Gosden Common, Bramley, Guildford, Surrey GU5 0AJ.
What types of data do we collect and hold?
The personal data that we hold will be specific to your relationship with Gedore Torque Limited, but may include some or all of the following:
? Personal identifiers: including your name, gender, and title;
? Contact information: including your work address, work email, work telephone number;
? Information you provide to us as part of our services, or when you contact us directly;
? Information about your visits to our website, and engagement with our online information services;
How do we collect personal data?
We collect personal information about you when you provide it to us, such as, when you contact us directly by email, phone, in writing, or via social media, when you order goods and services, when you use our website or applications or any other means by which you provide personal information to us.
What do we use personal data for?
Our primary use of personal information is to enable us to deliver services to our customers. Where we have a contract with you, or your employer it is necessary for us to process certain personal data to deliver that contract and provide our services.
We also use personal information for our legitimate business interests in monitoring, developing and promoting our products and services. To do this we perform a number of administrative tasks including dealing with feedback or complaints, publicising our services; supporting quality and risk management reviews; administering our website and reviewing the efficacy of our online services and communications, and to monitor or enforce our terms and conditions or user policies.
We may also use personal information for analytics to build up a profile based on your interests. These profiles are often based on online behaviour and population segments, such as age range, interests, studies and work experience. In certain situations, we may also combine this information with data provided to us by third parties.
We use your personal data in order to send you information about GTL services, promotions and events that we believe may interest you. We may also use personal data to develop our websites and services and to measure the effectiveness of our marketing. We send marketing messages mainly by email, text messages or by telephone.
Communicating with you:
We send information about our products and services to existing customers whose contact information we have obtained over the course of our customer relationship. We may also send product updates or marketing emails to persons who have expressed an interest in purchasing Gedore products or services. Marketing information is only sent out if you have given your consent to receive this from us.
We may contact you by email or over the phone. If you do not wish to receive these communications please let us know by contacting us at firstname.lastname@example.org or by clicking the ‘unsubscribe’ link at the bottom of the marketing email.
We keep your personal data for marketing purposes for as long as you wish to continue receiving this from us. If you decide to opt-out of or withdraw your consent to our marketing communications, we will no longer use your personal data for this purpose. If the data is not needed for another purpose (e.g. for our customer relationship), we will delete the data without undue delay.
We rely on one or more of the following lawful conditions to process your personal identifiable data:
? To perform our obligations to customers
? To satisfy a legal or regulatory obligations that we are obliged to meet;
? To deliver our legitimate business interests in the effective performance of our services; and developing new contacts for marketing and business development (and we will take steps to mitigate the impact on an individual’s privacy in pursuing these interests);
? Where there are no other lawful conditions, we may process information with your consent.
Sharing personal data with third parties
Gedore Torque Limited does not disclose any personal information to other organisations.
Most of our business activities are conducted in house. Where we work with external suppliers, we ensure that we have a contract in place that requires our suppliers to handle any personal data appropriately. We check that our suppliers have correct policies and procedures, keep your information confidential and only use it in accordance with our instructions.
We may disclose personal information to third parties in the following circumstances:
? When explicitly requested by you;
? For our regulatory compliance purposes.
We may also disclose your personal information to law enforcement, regulatory and other government agencies and to professional bodies and other third parties, as required by and/or in accordance with applicable law or regulation, or where our assets are acquired by a third party.
Although we do not routinely transfer personal information outside the European Economic Area (EEA), we may be required to transfer your personal data to provide you with a specific service at your request, or to our partners or suppliers if they are based outside of the EEA. Where this is the case, we will make sure that they agree to: apply the same levels of protection and security as we are required to apply to information held in the UK, and to use it only for the purpose of providing the service to us. By submitting your personal data, you acknowledge this transfer, storing and processing.
Storing and retaining personal information:
We will hold your personal information on our systems for as long as it is necessary for the purpose for which it was collected. Information on client files is stored for up to 10 years following completion of an engagement, and we will review this retention periodically.
Gedore Torque Limited treats all personal information as confidential and our staff are trained and encouraged treat all personal information in the same manner. Where your information is recorded electronically we have implemented accepted standards of organisational and technical security measures to protect and secure it, For example, using secure passwords; ensuring our staff are fully trained, and only recording the minimum data sets necessary to complete a specific task.
SUPPLIERS(including subcontractors and individuals associated with our suppliers and subcontractors)
Collection of personal data
We collect and process personal data about our suppliers (including subcontractors and individuals associated with our suppliers and subcontractors) based on the lawful process of legitimate interest, in order to manage the relationship, contract, to receive services from our suppliers and, where relevant, to provide professional services to our clients.
Use of personal data
We use personal data for the following purposes:
1) Receiving goods and services
We process personal data in relation to our suppliers and their staff as necessary to receive the goods and services being provided.
2) Providing services to customers
Where a supplier is helping us to deliver services to our customers, we process personal data about the individuals involved in providing the services. This is in order to administer and manage our relationship with the supplier and the relevant individuals.
3) Administering, managing and developing our businesses and services
We process personal data in order to run our business, including:
— managing our relationship with suppliers;
— developing our business
— maintaining and using IT systems;
— administering and managing our website and systems and applications.
4) Security, quality and risk management activities
We have security measures in place to protect our own information as well as our suppliers information (including personal data), which involve detecting, investigating and resolving security threats.? Personal data may be processed as part of the security monitoring that we undertake; for example, automated scans to identify harmful emails.? We have policies and procedures in place to monitor the quality of our services and manage risks in relation to our suppliers.? We collect and hold personal data as part of our supplier contracting procedures.? We monitor the services provided for quality purposes, which may involve processing personal data.
Providing information about us and our range of services
Unless we are requested not to, we use business contact details to provide information that we think will be of interest about our company and our services.? For example, industry updates and insights, other services that may be relevant and invites to events.
5) Complying with any requirement of law, regulation or a professional body of which we are a member
As with any provider of manufactured goods and services, we are subject to legal, regulatory and professional obligations.? We need to keep certain records to demonstrate that our services are provided in compliance with those obligations and those records may contain personal data.
We retain the personal data processed by us for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation).
Personal data may be held for longer periods where extended retention periods are required by law or regulation and in order to establish, exercise or defend our legal rights.
Your rights under the protection law
As an individual you have a number of rights under the relevant data protection laws, including:
— The right to request access to your own personal information from us;
— The right to ask us not to process your personal data for direct marketing;
— The right to request any inaccurate or incorrect information we hold about you is corrected;
— The right to request your information is deleted in certain circumstances;
— A right to request that we stop using your personal information for certain purposes;
— A request to request that decisions are not taken by wholly automated means.
These rights may be limited to certain defined circumstances and we may not be able to comply with your request. If you request to exercise these rights, we aim to respond to you within one month.
Whilst we will always strive for excellent service, we recognise you might not be happy with the way we handle your personal information. If this is the case please contact, email@example.com and we will try to resolve any issues.
Changes to this privacy notice
Any changes we may make to our privacy notice in the future will be updated on this page.
This policy is effective from 25th May 2018
Status of this policy
This policy does not give contractual rights to individual employees.? We reserve the right to alter any of its terms at any time although we will notify you in writing of any changes.