Privacy Policy 2018-05-25T13:06:31+00:00

PRIVACY & DATA PROTECTION POLICIES

Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this Privacy Policy. If we are provided with information about you direct or from a third party to fulfil a contractual obligation to you, we shall not use your information for any other purpose than fulfilment of that obligation.
We are Flooring Contracts Limited (“FCL”) company Number 07158874 and our registered office / trading address in 6 Highcroft, Leighton Buzzard, Beds, lu7 4rg
FCL may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.

What we collect:

We may collect the following information: Name and job title, Contact information including email address, contact telephone numbers, demographic information such as postcode, preferences and interests. Other information relevant to customer payments which are destroyed immediately after use. Please refer to our Data Protection Policy below for more information.
What we do with the information we gather:

We require this information to understand your needs and provide you with a better service and to provide for your needs.

Security:

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. Your information will not be passed to countries outside the European Economic Area (“EEA”).

How we use cookies on our websites:

A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system. Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Links to other websites:

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Data protection policy

Introduction

FCL is a supplier of flooring and supply labour for the fixing, finishing and maintenance of Wood flooring to both the trade and customers direct.
The personal data that FCL processes to provide these services relates to its customers and other individuals as necessary, including staff and suppliers’ staff. This policy sets out FCLs commitment to ensuring that any personal data, including special category personal data, which FCL processes, is carried out in compliance with data protection law. FCL processes the personal data of staff and customers including the personal data of non-EU citizens, but is committed to ensuring that all the personal data that it processes is done in accordance with data protection law. FCL ensures that good data protection practice is imbedded in the culture of our staff and our organisation.
FCL’s other data protection policies and procedures are (these should be considered and may not all be necessary):
record of processing activities
privacy notices (website, customers, employees)
personal data breach reporting process and a breach register
data retention policy
data subject rights procedure
data protection impact assessment process
IT security policies
‘Data Protection Law’ includes the General Data Protection Regulation 2016/679; the UK Data Protection Act 2018 and all relevant EU and UK data protection legislation.

Scope

This policy applies to all personal data processed by FCL and is part of FCL’s approach to compliance with data protection law. FCL will not process any personal data for any customer without their express consent which may be given orally or in writing or to enable the performance of a contract for the sale of goods that the customer has entered into with us or a third party supplier for the benefit of the customer.

Data protection principles

FCL complies with the data protection principles set out below. When processing personal data, it ensures that:
it is processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’)
it is collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (‘purpose limitation’)
it is all adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimisation’)
it is all accurate and, where necessary, kept up to date and that reasonable steps will be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’)
it is kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed (‘storage limitation’)
it is processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’)
FCL will facilitate any request from a data subject who wishes to exercise their rights under data protection law as appropriate, always communicating in a concise, transparent, intelligible and easily accessible form and without undue delay.

Process/procedures/guidance

FCL will: •
ensure that the legal basis for processing personal data is identified in advance and that all processing complies with the law
not do anything with your data that you would not expect given the content of this policy and the fair processing or privacy notice
only collect and process the personal data that it needs for purposes it has identified in advance
ensure that, as far as possible, the personal data it holds is accurate, or a system is in place for ensuring that it is kept up to date as far as possible
only hold onto your personal data for as long as it is needed, after which time FCL will securely erase or delete the personal data
ensure that appropriate security measures are in place to ensure that personal data can only be accessed by those who need to access it and that it is held and transferred securely
FCL will ensure that all staff who handle personal data on its behalf are aware of their responsibilities under this policy and other relevant data protection and information security policies, and that they are adequately trained and supervised.

Data Subject Rights

FCL has processes in place to ensure that it can facilitate any FCL made by an individual to exercise their rights under data protection law. All staff have received training and are aware of the rights of data subjects. Staff can identify such a request and know who to send it to.
All requests will be considered without undue delay and within one month of receipt as far as possible.
Subject access: the right to request information about how personal data is being processed, including whether personal data is being processed and the right to be allowed access to that data and to be provided with a copy of that data along with the right to obtain the following information:
the purpose of the processing
the categories of personal data
the recipients to whom data has been disclosed or which will be disclosed
the retention period
the right to lodge a complaint with the Information Commissioner’s Office
the source of the information if not collected direct from the subject, and
the existence of any automated decision making
Rectification: the right to allow a data subject to rectify inaccurate personal data concerning them.
Erasure: the right to have data erased and to have confirmation of erasure, but only where:
the data is no longer necessary in relation to the purpose for which it was collected, or
where consent is withdrawn, or
where there is no legal basis for the processing, or
there is a legal obligation to delete data
Restriction of processing: the right to ask for certain processing to be restricted in the following circumstances:
if the accuracy of the personal data is being contested, or
if our processing is unlawful but the data subject does not want it erased, or
if the data is no longer needed for the purpose of the processing but it is required
by the data subject for the establishment, exercise or defence of legal claims, or
if the data subject has objected to the processing, pending verification of that objection.
Data portability: the right to receive a copy of personal data which has been provided by the data subject and which is processed by automated means in a format which will allow the individual to transfer the data to another data controller. This would only apply if FCL was processing the data using consent or on the basis of a contract.
Object to processing: the right to object to the processing of personal data relying on the legitimate interests processing condition unless FCL can demonstrate compelling legitimate grounds for the processing which override the interests of the data subject or for the establishment, exercise or defence of legal claims.

Special category personal data

FCL will not process Special category personal data in relation to its customers but may do so in relation to its employees under the following areas that reveal:
an individual’s health
an individual’s disability
criminal convictions or offences
FCL processes special category data of employees as is necessary to comply with employment and social security law. This policy sets out the safeguards we believe are appropriate to ensure that we comply with the data protection principles set out above. FCL also has a data retention policy which sets out how long special category data will be held onto.

Responsibility for the processing of personal data

The directors of FCL take ultimate responsibility for data protection.
If you have any concerns or wish to exercise any of your rights under the GDPR, then you can contact the data protection lead in the following ways:

Name: Jamie Tyas
Address: 6 Highcroft , Leighton Buzzard, Beds , lu7 4rg
Email: jamie@flooring-contracts.com
Telephone: 0333 444 0243
Monitoring and review

This policy was last updated on 21 May 2018 and shall be regularly monitored and reviewed, at least every two years.