PURPOSE OF POLICY
At Brompton Technology we are committed to protecting your personal information and being transparent about what information we hold about you.
Using personal information allows us to develop a better understanding of our patrons and to provide you with relevant and timely information about our products and services.
The purpose of this policy is to give you a clear explanation about how we collect and use the information we collect from you.
We use your information in accordance with all applicable laws concerning the protection of personal information. This policy explains:
- What information we may collect about you
- How we may use that information
- In what situations we may disclose your details to third parties
- Information about how we keep your personal information secure, how we maintain it and your rights to be able to access it
If you have any queries about this policy, please contact us by calling 020 7471 9449 or email firstname.lastname@example.org
WHO WE ARE
Brompton Technology is a limited company in England and Wales under registration number 07756396.
We collect various types of information and in a number of ways:
Information you give us
For example when you sign up to our mailing list on our website, contact one of our sales team with an enquiry, or request technical support, we store personal information you give us such as your name, email address, postal address, and telephone number.
Information about your interactions with us
We will store a record of any transactions such as product sales. We also store a record of sales enquiries and technical support requests. We collect information about how you interact with content on our website and any of our ads or social media. When we send you a mailing we store a record of this, and in the case of emails we keep a record of which ones you have opened and which links you have clicked on.
Information from third parties
Brompton Technology may buy advertising from companies such as Google, to give you information about our products on other websites that you visit. This advertising uses the IP address of your computer and, in buying this advertising, Brompton Technology does not collect or have access to any additional personal information about you.
Sensitive personal data
Data Protection law recognises that certain categories of personal information are more sensitive such as health information, race, religious beliefs and political opinions. We do not collect this type of information about any of our customers. For our employees we may have some sensitive records, for example if they have given us information about a health condition so that we can help them manage the condition appropriately, but access to any data of this type we do hold will be tightly controlled with appropriate security measures.
There are three bases under which we may process your data:
When you engage with us about purchasing our products or seeking our services or support you are entering into a contract with us. In order to perform this contract we need to process and store your data. For example we may need to contact you by email or telephone to provide the information or support you have requested, to arrange a delivery, or in the case of problems with a payment.
Legitimate business interests
In certain situations we collect and process your personal information for purposes that are in our legitimate organisational interests. However we only do this if there is no overriding prejudice to you by using your personal information in this way. We describe below all situations where we may use this basis for processing.
With your explicit consent
For any situations where the two bases above are not appropriate, we will instead ask for your explicit consent before using your personal information in that specific situation.
We aim to communicate with you about our products and services in ways that you find relevant, timely and respectful. To do this we use data that we have stored about you, such as where you are located or the type of work you do, as well as any preferences you may have told us about.
We use our legitimate organisational interest as the legal basis for communications by post and email. In the case of postal mailings, you may object to receiving these at any time using the contact details at the end of this policy. In the case of email, we will provide you with an option to unsubscribe in every email that we send you, or you can alteatively use the contact details at the end of this policy.
We may also contact you about our work by telephone however we will always get explicit consent from you before doing this. Please bear in mind that this does not apply to telephone calls that we may need to make to you related to your purchases, direct enquiries or support requests.
OTHER PROCESSING ACTIVITIES
In addition to marketing communications, we also process personal information in the following ways that are within our legitimate organisational interests:
- We may analyse data we hold about you to ensure that the content and timing of communications that we send you are as relevant to you as possible.
- We may analyse data we hold about you in order to identify and prevent fraud.
- In order to improve our website, we may analyse information about how you use it and the content and ads that you interact with.
- For applicants for employment, we may analyse data you provide as part of your application or notes were taken during the interview as part of the decision-making process.
- For visitors to our premises, we may record your image on CCTV and may analyse the data to investigate reports of criminal or anti-social acts and we would share this data with the police if they ask us to do so.
In all of the above cases, we will always keep your rights and interests at the forefront to ensure they are not overridden by your own interests or fundamental rights and freedoms. You have the right to object to any of this processing at any time. If you wish to do this, please use the contact details at the end of this policy. Please bear in mind that if you object this may affect our ability to carry out the tasks above that are for your benefit.
There are certain circumstances under which we may disclose your personal information to third parties. These are as follows:
- To our own service providers who process data on our behalf and on our instructions (for example our support system software provider). In these cases, we require that these third parties comply strictly with our instructions and with data protection laws, for example around security of personal data.
- Where we are under a duty to disclose your personal information in order to comply with any legal obligation (for example to government bodies and law enforcement agencies).
TRANSFERS OF DATA OUTSIDE THE EEA
Some of our service providers are based in the US, and in these cases, we ensure they are certified under the Privacy Shield scheme to ensure your personal information is secure at all times. The specific service providers we work with are:
- MailChimp (https://mailchimp.com/legal/privacy )
Cookies are small text files that are automatically placed onto your device by some websites that you visit. They are widely used to allow a website to function as well to provide website operators with information on how the site is being used.
YOUR DEBIT AND CREDIT CARD INFORMATION
If you use your credit or debit card to purchase from us, we will ensure that this is carried out securely and in accordance with the Payment Card Industry Data Security Standard (PCI-DSS).
MAINTAINING YOUR PERSONAL INFORMATION
For our customers, we will retain your personal information in case you require technical support or to make a warranty claim, and such that for any subsequent purchases you make we are able to link them back to a single unique record that we hold for you on our system.
For our suppliers, we will continue to retain your personal information where we believe you would wish to be contacted about future business opportunities.
If there are aspects of your record that are inaccurate or that you would like to remove, you can usually do this by speaking to your normal contact person. Alternatively please use the contact details at the end of this policy.
Any objections you make to any processing of your data will be stored against your record on our system so that we can comply with your requests.
SECURITY OF YOUR PERSONAL INFORMATION
We have in place appropriate safeguards (both in terms of our procedures and the technology we use) to keep your personal information as secure as possible. We ensure that any third parties we use for processing or storing your personal information do the same.
Where we are working with third parties outside of the European Economic Area we will ensure that we have an appropriate agreement in place to ensure they are complying with the same standards.
YOUR RIGHTS TO YOUR PERSONAL INFORMATION
You have a right to request a copy of the personal information that we hold about you and to have any inaccuracies in this data corrected. Please use the contact details at the end of this policy if you would like to exercise this right.
CONTACT DETAILS AND FURTHER INFORMATION
Data Protection, Brompton Technology Ltd., 272 Gunnersbury Avenue, Chiswick, London W4 5QB
For further details, please see the ‘about Hotjar’ section of Hotjar’s support site.”