Privacy Notice 24th May 2018
This privacy notice applies to the processing (holding and using) of our customers and business partners personal data.
All personal data processed (held and used) by Filon Products Ltd is held for the purposes stated at the time of submission or collection and not for any other purpose, unless with your explicit consent.
Lawful grounds upon which we will process your data
We will only process your data on the following grounds that are approved and permitted under General Data Protection Regulations (GDPR); these being
Consent: Your explicit consent for us to hold and use your information: Under GDPR your consent must be informed, unambiguous, detailed, and require a positive action from you. We will never assume your consent, or infer it on the grounds that you have not withheld it.
Contract: Processing your data is necessary to enter into or perform a contract with us.
Legal obligation: We are obliged to hold your personal data because of a common law or statutory requirement:
To protect or maintain your vital interests
To carry out public tasks
For legitimate business reasons
Sharing your data
We will not sell or rent your details to any third party.
We will not share your details with a third party except where specifically authorised to do so on lawful grounds: your explicit consent; to perform a contract, to fulfil a legal obligation; to protect your vital interests; to carry out public tasks or for legitimate business purposes.
Retaining your data
We will only retain your personal data for the period necessary to fulfil the purposes outlined in this Privacy Notice. This may be up to 5 years, unless a longer retention period is required or permitted by law (which is typically the case in the context of our obligations under tax law).
Should you choose to unsubscribe from our mailing list, please note that your personal data may still be retained on our database to the extent permitted by law. Normally this will be on a ‘suppression list’ to ensure that we do not contact you in circumstances where you have withdrawn your consent.
Protecting and storing your data
We make all reasonable endeavours to protect your personal data against loss, alteration or any form of unlawful use. We will store your data in the most secure environment possible, whether physically or electronically. A limited amount of people will have access to your personal data and only ever for the purposes and upon the grounds detailed in this Privacy Notice.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Under GDPR, you have the following rights:
Right to be informed: You have the right to know how we process your information, you have the right to expect that we will hold all personal details in a secure and protected environment, and to know how we are meeting that obligation, you have the right to know how long your data will be kept for.
Right of access: You have the right to access any personal data that we. You can request access by using a Subject Access Request Form.
Right of rectification: You have the right to expect that we will, without delay, rectify any data held about you that is inaccurate or requires updating.
Right to erasure (‘The Right to be Forgotten’): You have, at any time, the right to request that we delete any personal data we hold about you (unless we are obliged to hold it for legal reasons or to carry out public tasks).
Right to restrict processing: You have the right to request that we not process your data in any circumstances where you have concerns as to its accuracy, or in circumstances where you prefer this option to the erasure of your data.
Right to data portability: You have the right to have your data transmitted to you in a commonly used electronic format (e.g. by e-mail) and the right to share that data with another party without hindrance from us.
Right to object: You have the right to object to our processing your data on grounds relating to any particular situation, except in cases where you have explicitly consented to our processing your data (a consent you may withdraw), or in cases where we are required to process your data to perform a contract or fulfil a legal obligation.
The right not to be subject to automated decision-making: We are obliged to provide safeguards for individuals against the risk that a potentially damaging decision is taken without human intervention.
We will be pleased to answer any queries you may have about our collection, use and storage of your data. Please contact: firstname.lastname@example.org
We will always work with you to resolve any complaint brought to our attention, however if you feel that your complaint has not been adequately resolved, you reserve the right to contact your local data protection supervisory authority, which for the UK, is the Information Commissioner’s Office.