Privacy Notice

Introduction

Eliza Tinsley Ltd is committed to data security and the fair and transparent processing of personal data.  This privacy notice sets out how we will treat the personal data which you provide to us in compliance with applicable data protection law, in particular the General Data Protection Regulation (EU) 2016/679 (GDPR).

Please read this Privacy Notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal data, your rights in relation to your personal data, how to contact us and supervisory authorities in the event that you would like to report a concern about the way in which we process your data.

Who are we?

Eliza Tinsley Ltd is a distributor of chain, rope, hardware, office furniture, shopfittings and shelving.

Eliza Tinsley Ltd is registered in England and Wales, Company Number 05319310; our registered office is Potters Lane, Wednesbury, WS10 0AS

Eliza Tinsley Ltd owns and operates www.elizatinsley.co.uk, www.elizatinsleyfurniture.co.uk, www.rbuk.co.uk, www.edenshop.co.uk and any subdomains of these sites (hereby referred to as Website). This Privacy Notice, together with our terms and conditions and any other documents referred to in them, sets out the basis on which Eliza Tinsley Ltd processes personal data.

In relation to our website and for the purposes of the GDPR, Eliza Tinsley Ltd is the ‘controller’ of the personal data you provide to us from this site or as part of general business relations.

If you have any queries about this Privacy Notice, the way in which Eliza Tinsley Ltd processes personal data, or about exercising any of your rights, please send an email to info@elizatinsley.co.uk or write to Data Protection, Eliza Tinsley, Potters Lane, Wednesbury, WS10 0AS

What personal data do we collect?

We may collect and process the following personal data:

Name, address, Telephone No and E-mail Address

If you:

If you visit our Website, we may automatically collect the following information:

How do we use your personal data?

When we ask you to supply us with personal data we will make it clear whether the personal data we are asking for must be supplied so that we can provide the products and services to you, or whether the supply of any personal data we ask for is optional.

Contract performance: we may use your personal data to fulfil a contract, or take steps linked to a contract:

Legitimate interests: where this is necessary for purposes which are in our, or third parties, legitimate interests.  These interests are:

NOTE: you have the right to object to the processing of your personal data on the basis of legitimate interests as set out below, under the heading Your rights.

Consent:  where you have given your consent to receive marketing communications, or we have provided you with products and services in the past (Soft Opt in) we may use your personal data to:

We may do this through the post, by email, text message, online, using social media, or by any other electronic means.

You may withdraw consent from being contacted via direct marketing via the links on any off our marketing e-mails.

Where required by law:  we may also process your personal data if required by law, including responding to requests by government or law enforcement authorities, or for the prevention of crime or fraud.

Who do we share your personal data with?

Eliza Tinsley will not pass data to any third parties, except to enable us to complete our contracts with you. For example delivery of your goods.

We ensure that these trusted third parties provide the same level of protection as Eliza Tinsley Ltd. These third parties have access to your Personal Information only for purposes of performing these tasks on our behalf.

We will ensure there is a contract in place with the categories of recipients listed above which include obligations in relation to the confidentiality, security, and lawful processing of any personal data shared with them.

Where a third party recipient is located outside the European Economic Area, we will ensure that the transfer of personal data will be protected by appropriate safeguards, namely the use of standard data protection clauses adopted or approved by the European Commission where the data protection authority does not believe that the third country has adequate data protection laws.

We take all reasonable steps to ensure that our staff protect your personal data and are aware of their information security obligations.  We limit access to your personal data to those who have a genuine business need to know it.

We may transfer your personal information to other organisations in certain scenarios. For example:

We do not sell your Personal Information or Content and will not share or disclose any of your Personal Information or Content with third parties except as described in this policy. We do not share Personal Information about you with third parties for their marketing purposes (including direct marketing purposes).

We sometimes provide you with links to other websites, but these websites are not under our control. Therefore we will not be liable to you for any issues arising in connection with their use of your information, the website content or the services offered to you by these websites. We advise you to consult the privacy policy and terms and conditions on each website to see how each supplier may process your information.

How long do we keep your personal data?

We will retain a record of your personal information. This is done in order to provide you with a high quality and consistent service.

Where there is a contract between us, and we are the Data Controller we will retain your personal data for the duration of the contract, and for a period of six years following its termination or expiry, to ensure we are able to comply with any contractual, legal, audit and other regulatory requirements, or any orders from competent courts or authorities.

We will always retain your personal information in accordance with law and regulation and never retain your information for longer than is necessary.

Where you have consented to marketing communications, you may change your preferences or unsubscribe from marketing communications at any time by clicking the unsubscribe link in an email from us.

How is Personal Data protected?

We take reasonable steps to protect your personal data from loss or destruction.  We also have procedures in place to deal with any suspected data security breach.  We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our Website; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.

Your rights

Under the GDPR, you have various rights with respect to our use of your personal data:

Right to Access

You have the right to request a copy of the personal data that we hold about you by contacting us at the email or postal address given below.  Please include with your request information that will enable us to verify your identity.  We will respond with 30 days of request.  Please note that there are exceptions to this right.  We may be unable to make all information available to you if, for example, making the information available to you would reveal personal data about another person, if we are legally prevented from disclosing such information. Or if your request is manifestly unfounded or excessive.

Right to rectification

We aim to keep your personal data accurate and complete.  We encourage you to contact us using the contact details provided below to let us know if any of your personal data is not accurate or changes, so that we can keep your personal data up-to-date.

Right to erasure

You have the right to request the deletion of your personal data where, for example, the personal data are no longer necessary for the purposes for which they were collected, where you withdraw your consent to processing, where there is no overriding legitimate interest for us to continue to process your personal data, or your personal data has been unlawfully processed.  If you would like to request that your personal data is erased, please contact us using the contact details provided below.

Right to object

In certain circumstances, you have the right to object to the processing of your personal data where, for example, your personal data is being processed on the basis of legitimate interests and there is no overriding legitimate interest for us to continue to process your personal data, or if your data is being processed for direct marketing purposes.  If you would like to object to the pressing of your personal data, please contact us using the contact details provided below.

Right to restrict processing

In certain circumstances, you have the right to request that we restrict the further processing of your personal data.  This right arises where, for example, you have contested the accuracy of the personal data we hold about you and we are verifying the information, you have objected to processing based on legitimate interests and we are considering whether there are any overriding legitimate interests, or the processing is unlawful and you elect that processing is restricted rather than deleted.  Please contact us using the contact details provided below.

Right to data portability

In certain circumstances, you have the right to request that some of your personal data is provided to you, or to another data controller, in a commonly used, machine-readable format.  This right arises where you have provided your personal data to us, the processing is based on consent or the performance of a contract, and processing is carried out by automated means. If you would like to request that your personal data is ported to you, please contact us using the contact details provided below.

Please note that the GDPR sets out exceptions to these rights.  If we are unable to comply with your request due to an exception we will explain this to you in our response.

Contact

If you have any queries about this Privacy Notice, the way in which Eliza Tinsley Ltd processes personal data, or about exercising any of your rights, please send an email to info@elizatinsley.co.uk or write to Data Protection, Eliza Tinsley, Potters Lane, Wednesbury, WS10 0AS

Complaints

If you believe that your data protection rights may have been breached, and we have been unable to resolve your concern, you may lodge a complaint the applicable supervisory authority or to seek a remedy through the courts.  Please visit https://ico.org.uk/concerns/ for more information on how to report a concern to the UK Information Commissioner’s Office.

Changes to our Privacy Notice

Any changes we may make to our Privacy Notice in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes. This Privacy Notice was last updated May 2018

This Privacy Notice is available to view or download as a PDF by clicking here.