Home » Xtra-Sense Ltd Privacy Policy

Xtra-Sense Ltd Privacy Policy

At Xtra-Sense Ltd we take your privacy seriously. Under GDPR, all personal data obtained and held by us must be processed according to a set of core principles. In accordance with these principles, we will ensure that:

•  Processing is fair, lawful and transparent
•  Data is collected for specific, explicit, and legitimate purposes
•  Data collected is adequate, relevant and limited to what is necessary for the purposes of processing
•  Data is kept accurate and up to date. Data which is found to be inaccurate will be rectified or erased without delay
•  Data is not kept for longer than is necessary for its given purpose
•  Data is processed in a manner that ensures appropriate security of personal data including protection against unauthorised or unlawful processing, accidental loss, destruction or damage by using appropriate technical or organisation measures

 How and Why we Collect Information

We collect information in a number of ways:

Visitors to our Website

The Contact Page of our website offers a facility to request information on any of the products or services that we supply. As part of this process, we ask for a name and email address to enable us to respond to your enquiry.

Enquiries Received by Telephone, Fax or Email

You will provide a range of personal information, such as name, address, phone numbers and email address when contacting us. We collect sufficient information to maintain contact with you and to enable us to respond to your enquiries and requests.

People who Place Orders with Us

We collect sufficient information to support the original supply of any goods or services and to maintain future support to the goods or service. This includes names, addresses, phone numbers and email addresses.

People from whom we Purchase Goods or Services

We collect sufficient information to complete the purchase order for any goods or service, to make payment and to ensure that we can maintain continuing support for the goods and service going forward. In addition to names, addresses and contact information, this may include Bank details.

 Information Published in the Public Domain

We collect information published in the public domain that has relevance to our business activities for aspects such as sales and marketing and in support of operations and purchasing requirements.

 Information from Business Partners

We work closely with a number of business partners in supplying goods and systems appropriate to the needs of either their or our customers. Information is only shared between the companies that is strictly relevant to the work involved and where there is a legitimate interest to do so.

If you do not provide us with certain data, it may mean that we are unable to fulfil our requirements for entering into a contract with you or performing the contract that we have entered into.

Where the Data is Held

We store the data for potential customers, customers and suppliers in files and on the Company’s IT systems.

Information Security

We are aware of the requirement to ensure your data is protected against accidental loss or disclosure, destruction and abuse and we make every effort to guard against such. On our website, we use Secure Sockets Layer (SSL) certificates to verify our identity to your browser and to encrypt any data you give us.

How Long We Keep Your Data

We only keep your data for as long as we need it for, which will be at least for the duration of any contract and any following warranty period. In some cases we will keep your data for a period after your contract and warranty has ended to help future support and comply with the requirements of regulatory authorities, such as the UK Tax authorities.

Who We Share Your Data With

Employees within our company who have responsibility for sales, marketing, purchasing, recruitment, and administration of payment and receipts will have access to your data that is relevant to their function. All employees with such responsibility have been trained in ensuring data is processed in accordance with GDPR.

Data may be shared with third parties for the following reasons:

1.  Where necessary, for the performance of the contract
2.  Where there is a legitimate interest to do so
3.  Where there is a legal obligation to do so

We may also share your data with third parties as part of a Company sale or restructure, or for other reasons to comply with a legal obligation upon us. We will ensure that a suitable data processing agreement is in place with such third parties to ensure that data is not compromised. Third parties must implement appropriate technical and organisational measures to ensure the security of your data.

We do not share your data with bodies outside of the European Economic Area.

Your Rights in Relation to Your Data

You have the following rights in relation to the personal data we hold on you:

1.  The right to be informed about the data we hold on you and what we do with it
2.  The right of access to the data we hold on you. More information on this can be found in our separate policy on Subject Access Requests
3.  The right for any inaccuracies in the data we hold on you, however they come to light, to be corrected. This is also known as ‘rectification’
4.  The right to have data deleted in certain circumstances. This is also known as ‘erasure’
5.  The right to restrict the processing of the data
6. The right to transfer the data we hold on you to another party. This is also known as ‘portability’
7.  The right to object to the inclusion of any information
8.  The right to regulate any automated decision-making and profiling of personal data.

 

More information can be found on each of these rights in our separate policy on your rights in relation to your data.

Procedure for Supplying Personal Data when Requested

If anybody requests to know details of their own personal data held by Xtra-Sense Ltd, this will be provided by email, together with the source of the data, as soon as possible, and within one month of the date of the request, at the latest.

There will normally be no fee for providing the information in electronic format, but Xtra-Sense Ltd reserves the right to charge an appropriate charge where costs are incurred in supplying the information or where requests are manifestly unfounded or excessive.

Requests for Deletion of Personal Data

Where a person requests that their personal data is deleted from Xtra-Sense’s records, this will be carried out as soon as possible, unless there is a compelling or legal requirement to retain this data.

Deletion of personal data will not apply to pre-existing archive backup data.

Where you have provided consent to our use of your data, you also have the right to withdraw that consent at any time. This means that we will stop processing your data.

Making a Complaint

If you have any concerns or complaints with our privacy policy you are welcome to raise this with us.

If you think your data rights have been breached, you are able to raise a complaint with the Information Commissioner (ICO). You can contact the ICO at Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF or by telephone on 0303 123 1113 or 01625 545 745.