Protecting your Information
This Privacy Notice tells you what to expect in relation to ‘Personal Data’ (or ‘information’) about you and your Company, collected, handled, processed and stored by us. The processing of Personal Data is governed by the General Data Protection Regulations (the “GDPR”).
Who are we?
Datum Alloys is the data controller, this means we decide how data is collected, handled, processed and stored, and for what purposes. If any of your information changes, you believe that any of the information we hold is incorrect or you have any queries regarding your information or our data protection policies and procedures, then please contact us at gdpr@datum.email.
What is Personal Data?
‘Personal Data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is anyone who can be identified, directly or indirectly from that data. Identification can be by the information alone or in combination with other information that is within our possession, control or from other information to which we legally have access.
How do we protect your Data?
Datum Alloys take privacy seriously and is committed to respecting and protecting your data. Datum Alloys aim to protect your Data, and to comply with its obligations under the GDPR. Datum Alloys have a legal obligation under GDPR, that we must notify any data breach to the supervisory authority without undue delay. Datum Alloys therefore has put in place suitable physical, electronic and managerial procedures for identifying, reviewing and promptly reporting data breaches to the relevant supervisory authority.
What do we use your Information for?
We use your information to: –
- fulfil our contractual obligations to businesses or individuals, for goods and services that have been requested/provided;
- verify identity, which may include natural persons where a contractual relationship is proposed or exists, in order to assess credit and other commercial risks to our business;
- improve our products and services;
- provide you with information, news, events and activities that is relevant to the goods or services that we are contractually providing to you or consuming from you;
- provide you with news, events and activities, for which you have consented to us to do so (please see ‘Marketing Consent’ section below)
Who else has access to your Data?
To ensure that our business operates in an efficient and compliant manner, our businesses share internal systems, controls and management, therefore Data provided to one of our businesses may be processed by another, either as part of providing you/providing us with goods and services for which we have a contractual obligation or in order to manage our own business (the latter supports our ‘legitimate interests’ as a business). To provide you/us with the goods and services that we/you have agreed to provide, there are 3rd parties who may need to process your Personal Data:
- Licensed credit reference agencies.
- Product and service providers whom we may be contractually obligated to engage with on your behalf.
- Insurance providers and intermediaries that are engaged to mitigate risks to our business.
- Other 3rd parties, based upon our ‘legitimate interests’ as a business, examples may include, data centres that securely store your information, Banks that require relevant personal data to fulfil, on our behalf, our obligations to you.
- Any statutory, government or regulatory body that requests Data and that we are obliged, by Law or Regulation, to provide.
- 3rd party Institutions which you may have entered into a contract with, whilst engaged with Datum Alloys. You should be aware that the 3rd party will become the ‘data controller’ of any of the Data that is provided to them either by you or by us, with your consent, however if your engagement with Datum Alloys were to end, this may not end your engagement with the 3rd party.
Marketing Consent/Further Use
- If we wish to use your data for a new purpose, not covered by this Data Protection Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
How long do we keep your Data?
We will not keep your Data for longer than reasonably necessary, however there are circumstances when we may have to retain Data for a longer period:
- where we have a statutory or regulatory obligation to retain the Personal Data;
- to ensure that our business is properly run in an efficient and compliant manner
What are your rights?
Unless subject to an exemption under the GDPR, you have the following rights in respect to your Data: –
- to request a copy of the Data we hold about you (Access);
- to request that we correct any Data if it is found to be inaccurate or out of date (Rectification);
- to request your Data is erased, unless there is a legitimate reason for us not to comply (we will always provide you with more details about your Rights in our response to your request) (Erasure – ‘Right to be forgotten’);
- to transmit that Data directly to another data controller, (Portability);
- to lodge a complaint with the Information Commissioners Office.
If you wish to exercise any of your rights, please see our ‘Contact Details’ section below
Contact Details
To exercise all relevant rights, queries or complaints please contact us:
Email: gdpr@datum.email
Phone: +44 (0)1548 855900
Post: Datum Alloys Ltd, Station Yard Industrial Estate, Kingsbridge, Devon, TQ7 1ES
You can also contact the Information Commissioners Office on 0303 123 1113 or via email https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF.