Newframe Privacy and Data Protection Policy
These 8 principles summarise our commitment to protecting your privacy:
We only collect and use the personal information we need to provide or improve our products and services
You can check whatever information we hold about you
We will keep your personal information safe
We are fair and open about how we use your details
We will never sell your details or share it except in the ways mentioned in this policy or unless you ask us
We will let you know if there are important changes that affect your information or how we use it
We take responsibility for the information we hold about you
We only keep your information for as long as necessary.
When we review our privacy policy we will note the date it was last updated and try to let you know by email, if we have it, of any changes.
This privacy policy was last reviewed and updated in May 2018.
Your Rights
You have the right to:
- Ask for a copy of any information we hold about you
- Withdraw any consents you have given
- Lodge a complaint with us or the Information Commissioner’s Office or with any other relevant supervisory authority about how we handle your personal data
- Ask us to correct any inaccurate or incomplete information we have about you
- Ask us to delete your information from our records
- Ask us to send a copy of your information to a third party in a data portable format.
The legislation that applies to this privacy policy includes the:
- Industrial Training Act 1982 and any relevant Levy Order
- Data Protection Act 1998 (DPA)
- EU Data Protection Directive 95/46/EC
- Regulation of Investigatory Powers Act 2000
- Telecommunications (Lawful Business Practice) (Interception of Communications) Regulations 2000
- Electronic Communications Data Protection Directive 2002/58/EC
- Privacy and Electronic Communications (EC Directive) Regulations 2003
- General Data Protection Regulation ((EU) 2016/679) (GDPR) as introduced into national law on 25 May 2018
- All applicable laws, regulations and secondary legislation relating to the processing of personal data and privacy
- Guidance and codes of practice issued by the Information Commissioner
- Any successor legislation to the DPA and GDPR.
How we collect
You give us information when you use our websites, products and services, including when you:
- Submit one of our forms
- Correspond with us by phone, email or otherwise
- Register with us
- Subscribe to our services
- Search for a product
- Participate in our discussion boards, chat or social media
- Enter a competition or promotion
- Respond to a survey.
We collect information about you when you visit our websites through the use of cookies
We may also get information from other sources, including:
- Third parties involved with the supply and installation of your products
- Closed circuit television (CCTV) at Northbrook Business Park premises
What we collect
The information we collect from you could include your:
- Name, address, email and phone number
- Financial and credit card information
- Geographical location
- Device type
- Browsing data, such as access times
- Navigation history.
We may also have sensitive information, including about your:
- Physical health
- Religious or other beliefs that may affect us whilst working in your home.
How we use your Information
We use your information for many purposes, including to:
- Ensure we respect your environment whilst we are in your home
- Advertise, promote and market our services
- Administer certification, qualification and Guarantee schemes
- Notify you about a change to our service
- Carry out our contractual obligations
- Provide and improve our services
- Analyse your website behaviour
- Improve the operation, security and presentation of our sites
- Target our online advertising to your interests and preferences
- Measure and understand the effectiveness of our online content and marketing
- Enable you to participate in interactive features on our website.
How we keep it safe
We take the security of your personal information very seriously.
We use technical measures, such as encryption, and carry out regular security reviews to keep our protections up to date. We also strictly control access and ensure staff who are authorised for access are adequately trained in keeping your information safe.
Our procedures mean that we may ask you to prove your identity before we share your personal information with you.
Third-party websites you access through links on our websites will have their own privacy policies. We do not accept any responsibility or liability for them.
There are many ways you may communicate with us online, including by:
- Chat and instant messaging (such as Skype for Business)
- Social media (such as Facebook or Twitter)
- Video conferencing (such as GoToMeeting)
- File sharing platforms (such as OneDrive and SharePoint)
What we do
When you use email, chat, social media and other online platforms, it is likely you know what information you are sharing with us.
How we use and process your information, who accesses it, and how long we keep it, depends on the context in which we collected it, but follows the terms of our privacy policy and UK law.
The information is normally only handled by our authorised staff and is not shared with or sold to any third parties.
Images from closed circuit television (CCTV) of a recognisable person are treated as personal data in data protection law.
How we use CCTV at our Our Offices
We use CCTV to:
- Maintain the safety and security of our property, premises, and people
- Prevent and investigate crime
- To assist disciplinary procedures in cases of serious misconduct.
- Who has access to your information
Our CCTV system is operated from the Director’s office, a self-contained secure room, access to which is strictly limited to the security supervisor when empty.
Where necessary we may share CCTV image information with:
- The person in the image
- Employees and agents
- Services providers
- Police forces
- Security organisations
- Individuals making an enquiry.
How long we keep it
Unless we need them for an active investigation, we keep recorded images for 30 days. After that, the images are automatically overwritten by the recording equipment.
We destroy recordings that are part of an active investigation as soon as they are no longer needed.
Your rights
You can ask for a copy of your information recorded by CCTV, except in certain circumstances described by applicable legislation. You do not have the right to instant access.
How we use your Financial/Payment information
We do not use your information for any purpose you have not authorised, or disclose it to third parties. We process credit and debit card transactions following the Payment Card Industry Data Security Standard (PCI DSS).
Who has access to your information
The Finance Manager and Assistant Finance Manager only have access to your payment details to carry out your transaction.
What we do
For bank and building society account transactions, we may make a record of your:
- Name
- Branch address
- Sort code
- Account number
- Signature
Where possible, we only store the verification code of card transactions and other data needed to process the payment once the transaction is complete. Where this is not feasible, we use other security methods to keep your data secure. We may process data such as the:
- Cardholder’s name
- Card number
- Card security code (CSC)
- Validity and expiry dates
- Issue number
How long we keep it
We do not keep payment card information once the transaction has been completed.
Making a Request to see your Information
To see the information we hold about you, you should make a Subject Access Request in writing, including your:
- Full name, including previous or other names, if appropriate
- Address
- Telephone
- Unique CITB registration or ID numbers, if appropriate
- Date of birth, if you don’t have a unique registration number
and send it to:
Privacy Team
Newframe Glazing Specialists Ltd, Drifter’s Lodge, Newhouse Lane, Storrington, West Sussex RH20 3HQ