Polyprint Colours Privacy notice
We are polyprint colours. In this privacy notice we will refer to ourselves as ‘we’, ‘us’ or ‘our’.
You can get hold of us in any of the following ways: by e-mailing us at [firstname.lastname@example.org]
We take the privacy, including the security, of personal information we hold about you seriously. This privacy notice is designed to inform you about how we collect personal information about you and how we use that personal information. You should read this privacy notice carefully so that you know and can understand why and how we use the personal information we collect and hold about you.
[We do not have a Data Protection Officer, but if you have any questions about this privacy notice or issues arising from it then you should contact Philip Johnston, who is responsible for matters relating to data protection at our organisation, including any matters in this privacy notice. You can contact them using the details set out above. ]
[We may issue you with other privacy notices from time to time, including when we collect personal information from you. This privacy notice is intended to supplement these and does not override them.]
We may update this privacy notice from time to time. This version was last updated on [07/08/22].
The key terms that we use throughout this privacy notice are defined below, for ease:
Data Controller: under UK data protection law, this is the organisation or person responsible for deciding how personal information is collected and stored and how it is used.
Data Processor: a Data Controller may appoint another organisation or person to carry out certain tasks in relation to the personal information on behalf of, and on the written instructions of, the Data Controller. (This might be the hosting of a site containing personal data, for example, or providing an email marketing service that facilitates mass distribution of marketing material to a Data Controller’s customer-base.)
Personal Information: in this privacy notice we refer to your personal data as ‘personal information’. ‘Personal information’ means any information from which a living individual can be identified. It does not apply to information which has been anonymised.
Special Information – certain very sensitive personal information requires extra protection under data protection law. Sensitive data includes information relating to health, racial and ethnic origin, political opinions, religious and similar beliefs, trade union membership, sex life and sexual orientation and also includes genetic information and biometric information.
Types of Personal Data in that category
This is information relating to your identity such as your name (including any previous names and any titles which you use), gender, marital status and date of birth
This is information relating to your contact details such as e-mail address, addresses, telephone numbers
[This is information relating to your account with us (including username and password)]
[This is information relating to the methods by which you provide payment to us such as [bank account details, credit or debit card details] and details of any payments (including amounts and dates) which are made between us.]
[This is information relating to transactions between us such as details of the goods, services and/or digital content provided to you and any returns details.]
[This is information which we have collected from you or which you have provided to us in respect of surveys and feedback.]
[This is information relating to your marketing and communications preferences.]
[Website, Device and Technical Information]
[This is information about your use of our website and technical data which we collect (including your IP address, the type of browser you are using and the version, the operating system you are using, details about the time zone and location settings on the device and other information we receive about your device)]
[ANY OTHER INFORMATION]
Legal Reason(s) for using the personal information
[To enrol you as a customer]
[Legitimate Interests Reason (in order to [offer you other goods, services and/or digital content which helps us to develop our business)]]
[To process your order, which includes taking payment from you, advising you of any updates in relation to your order or any enforcement action against you to recover payment.]
[Legitimate Interests Reason (in order to [recover money which you owe us]]
[To manage our contract with you and to notify you of any changes]
[Legal Obligation Reason.]
[To comply with audit and accounting matters]
[Legal Obligation Reason]
[For record keeping, [including in relation to any guarantees or warranties provided as part of the sale of goods, services and/or digital content]
[Legal Obligation Reason.]
[To improve the goods, services, and/or digital content which we supply]
[Legitimate Interests Reason (in order to improve the goods, services, and/or digital content for future customers and to grow our business]
[To recommend and send communications to you about goods, services, and/or digital content that you may be interested in. More details about marketing are set out in section 11 below]
[Legitimate Interests Reason (in order to grow our business]
[To ensure the smooth running and correct operation of our website]
[Legitimate Interests Reason (to ensure our website runs correctly)]
[To understand how customers and visitors to our website use the website and interact with it via data analysis]
[Legitimate Interests Reason (to improve and grow our business, including our website, and to understand our customer’s needs, desires and requirements)]
[SET OUT REASONS AND IF RELYING ON LEGITIMATE INTERESTS, SET OUT THE LEGITIMATE INTERESTS]
any organisations which propose to purchase our business and assets in which case we may disclose your personal information to the potential purchaser.
[If any transfer of personal information by us will mean that your personal information is transferred outside of the EEA then we will ensure that safeguards are in place to ensure that a similar degree of protection is given to your personal information, as is given to it within the EEA and that the transfer is made in compliance with data protection laws (including where relevant any exceptions to the general rules on transferring personal information outside of the EEA which are available to us – these are known as ‘derogations’ under data protection laws). We may need to transfer personal information outside of the EEA [to other organisations within our group or] [to the third parties listed above in section 6 who may be located outside of the EEA.]
[We have set out above the details of our retention periods for different types of data. You can find them in in section 2 [and also in section 3].]
If you are unhappy about the way that we have handled or used your personal information, you have the right to complain to the UK supervisory authority for data protection, which is the Information Commissioner’s Office (ICO). Please do contact us in the first instance if you wish to raise any queries or make a complaint in respect of our handling or use of your personal information, so that we have the opportunity to discuss this with you and to take steps to resolve the position. You can contact us using the details set out at the beginning of this privacy notice.
Our website may contain links to third party websites. If you click and follow those links then these will take you to the third party website. Those third party websites may collect personal information from you and you will need to check their privacy notices to understand how your personal information is collected and used by them.]