PRIVACY NOTICE MASTER DOCUMENT
Terms used in the privacy Notice
|You, your, data subject,||Relates to you as an individual|
|We, our||Wealthshare Ltd|
|Your representative||A person or group who are legally acting on your behalf|
|Third party(ies)||Refers to any person or organisation that is not the data subject, data controller or data processor.|
|Data||The personal information we hold identifying you|
|GDPR||General Data Protection Regulation (2016)|
|ICO||Information Commissioner’s Office. The UK Data Protection Regulator|
|EEA/EU||European Economic Area/ European Union States|
|Legitimate Interest||ICO 3 elements:
Scope of this Document
This document covers the data we collect and store relating to you personally as an individual.
How we fit into the General Data Protection Regulations
As part of the GDPR regulations that cover personal data for individuals across the EU we act as a data controller (storing and managing information you provide to us) and a data processor (using data provided by our partners / suppliers) to complete required business operations.
This privacy notice documents all data that you supply to us directly or has been supplied to us by GDPR complaint third parties.
Any personal data that you supply to us:
- Personal data can be shared with us in one of the following ways: Website contact form, newsletter registration form, direct email communication, posted letter or telephone conversation. These methods may include the following personal information: your full name, your home or business address, personal or business email address and telephone / mobile phone number. If a purchase is made online or via the telephone additional information may be collected such as your delivery address, payment provider and additional information to supply the goods in the correct size and specification.
- If you are share information with us on behalf of a third party please make sure you have their prior consent and that they receive a copy of this privacy notice for their personal records.
More about the data we collect
- We may record telephone conversations for training purposes and as a legal record of any conversations that take place.
- Our website will track user data (Google Analytics) to help us understand visitor patterns and preferences, no personnel data will be stored during this process other than the unique IP address of the computer used to visit the website.
- Third parties may provide data to us but all information will be supplied by a GDPR compliant source.
More about the information we receive from third parties
- Social Media – If you have used a promotional advert or offer through social media networks such as Twitter, LinkedIn or Facebook we may receive your profile information such as your full name, address, telephone / mobile numbers. We will use this information to contact you regarding your interest in this offer / advert if you have given your consent to do so.
How we use your data
We collect the data outlined in the Privacy Notice to be able to operate our business and provide the products and services you require from us. Your data will only be used with your consent, which you can give via digital means, online, by post or verbally. The use of this data may include contacting you via email, telephone and post to fulfil the products and services we offer.
Third-Parties Who Form Part of Our Contracted Delivery Process
To fulfil the products and services we offer your data may be shared with a third party delivery service and/or website management company. The amount of data we share will be minimal to enable the complete of the product or service purchased.
Our third party suppliers may also process your data in the following ways:
- Deliver products to you chosen address.
- Backup previous orders for archive.
- Fault find issues with an on going order.
Our legal and crime prevention policy
We will share personal information with the relevant agencies and without notice, where we are requested to or suspect fraudulent activities, money laundering, terrorist related activities or where there is another legal requirement to do so.
Children under the age of thirteen
All of our products and services are not intended to be used by children under 16 years old. We will never knowingly collect data from or on children below 13 years old.
We will not store any special category personal data (anything about your body, beliefs, race or sexual preferences as this is not required for our business processes.
Storage of Personal Data
All data that you provide to us or third parties will be stored and backed up securely within the EEA/EU. Any data that is stored outside of the EEA/EU will meet the ‘Privacy Shield’ standard or binding corporate rules will be in place.
Internet and Postal Data Security
All data once received by us will be stored and backed up securely. All data supplied digitally or by post is at your own risk until it reaches us. We cannot be held responsible for data security on your own electronic devices or the postal service.
How long do we keep your data for?
The amount of time that we store your data depends on the following:
- The reason we are using your data, memberships or product warranties may require us to store your data for unto 24 months to allow for customer communications such as renewals or product recalls.
- Legal requirements and where a minimum timescale is set (E.G. Her Majesty’s Revenue and Customs (HMRC))
We will keep your data for the term you have specifically consented to, the contracted term between us or where there is a legitimate interest for us to remain in contact with you in for up to 24 months in case of any queries that you may have or for legally required reasons (E.G. HMRC), whichever is the longest period.
Your Data Protection & Privacy Rights – this is taken directly from the ICO – it doesn’t demonstrate how you are implementing it
There are various rights that you have as a UK natural living person (individual) under the GDPR. Below are the abbreviated ICO definitions and include:
- The right to be informed – Individuals have the right to be informed about the collection and use of their personal data
- The right of access – Individuals have the right to access their personal data and supplementary information
- The right to rectification – Individuals have the right to have inaccurate personal data rectified, or completed if it is incomplete
- The right to erasure – The right for individuals to have personal data erased. This is also known as ‘the right to be forgotten. Please note this right is not absolute and only applies in certain circumstances
- The right to restrict processing – The right to request the restriction or suppression of their personal data. Please note this is not an absolute right and only applies in certain circumstances
- The right to data portability – The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services
- The right to object – Individuals have the right to object to processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling), direct marketing (including profiling) and processing for purposes of scientific/historical research and statistics
The full ICO rights under GDPR can be seen at the Internet link below or calling them on 0303 123 1113:
You can exercise your rights by contacting us using the details set out in the “Contact us” section below.
You have a right to see what information that we hold about you.
You can get in contact with our Data Protection Officer at the following address: Sunrise Villa, Bottom Lane, Seer Green, Beaconsfield, Bucks HP9 2UH or you can email at firstname.lastname@example.org
Under the GDPR you have the right to request a copy of the personal information that we hold about you and to have any inaccuracies corrected or information deleted. You will need to prove your identity with 2 pieces of approved identification which can be a: passport, driving licence, birth certificate, utility bill (from last 3 months), current vehicle registration document, bank statement (from last 3 months) or a rent book (from last 3 months). We will verify your identity, noting how and when we verified it, then we will immediately delete that data.
If you can advise of the specific information that you require, we can process your request more quickly. We will respond to your request within one month of you providing information that confirms your identity.
We will then give you a copy of your data, why we have it, who it could be disclosed to and it will be in a format that you can access easily. You have the right to clarify and correct the information as necessary. It can be deleted providing that it is not required for legal or public interest reasons.
If you have any questions or queries about your data subject access request (DSAR), then please get in touch with our Data Protection Officer at email@example.com
If you have any concerns about how your data is being used or processed and we have not been able to help you, then you can contact the ICO. Ways to report concerns are detailed on their website: https://ico.org.uk/concerns/.
To Make a Data Subject Access Request
To make a Data Subject Access Request please following this link – https://www.barrytyler.com/gdpr-data-subject-access-request/
To make a Data Removal Request
To make a Data Removal Request please follow this link – https://www.barrytyler.com/gdpr-data-removal-request/
Cookies are small files stored by your web browser when you visit our website, some cookies simply remember the links you have clicked on and change the colour of visited links when you return. Some more complicated copies store more detailed information such as your login information if you are visiting a website with an online store or membership area. Cookies will never store personnel information about you, just your preferences since your last visit / login.
Cookies and can deleted by clearing your web browser history / cache. Please note disabling cookies in your browser will stop most modern websites such as online stores and membership areas from functioning correctly.
Data Protection Officer: Contact Us Details
If you have any questions about this Privacy Notice or any other data protection queries, our Protection Officer can be contacted at: firstname.lastname@example.org or on the phone numbers listed below.
We are registered in the UK and our registered address is Sunrise Villa, Bottom Lane, Seer Green, Beaconsfield, Bucks HP9 2UH
By post at our office address: Sunrise Villa, Bottom Lane, Seer Green, Beaconsfield, Bucks HP9 2UH
Or by e-mail: email@example.com
Or by phone on 01494 730000