This notice explains how Beacon Group International Ltd (“We”, “Us”) collects personal data from you, why we collect it, how we process it and where we may disclose it to other entities.
We are committed to complying with the Data Protection Act 1998 and the EU General Data Protection Regulation for the purposes of data protection and privacy. We take the privacy and security of data very seriously and we want to ensure you are fully informed about your rights and how we will use your data. We will also detail which legal basis allows us to use the data that we have collected.
We will review and update this Policy on a regular basis so please check regularly for any changes / updates. We may advise you of any amendments to this policy by email. If you have any further questions after reading this Policy then please get in contact with us:
Beacon Group International Limited
228 Holme Lacy Road
The regulator for the GDPR regulations is the Information Commissioner’s Office (ICO) they can be contacted by telephone on 0303 123 1113 or by visiting www.ico.org.uk where additional information about the regulation can also be found.
ICO Registered Number:
Beacon Group (International) Ltd: ZA291078
Current data protection law states that there are a number of legal reasons why a company might collect and process personal data. We have undertaken a full review of our policies and procedures to determine the most relevant legal basis for certain situations:
Consent – when you give us specific consent to use your data for a given purpose. For example when you ask us to provide you with details of goods & services.
Contract – when you engage with our services, we will process your personal data in order to deliver the agreed service.
Legal Compliance – if the law or government requires us to we will collect and process personal data.
Legitimate Interest – this legal basis allows us to use personal data in a way that might reasonably be expected as part of running the business. This basis does not affect your freedom or rights and you have the right to request that the information we hold is erased, or that communication preferences are changed. To request changes to your data please contact us. An example of us using the legitimate interest legal basis is through direct marketing channels to advise you of services that might be relevant to you, or to advise you of a new innovative product that might be relevant to you or your business.
For more information on legitimate interests, please visit https://dma.org.uk/article/legitimately-using-legitimate-interests-new-guidance
As from the 25th of May 2018, the EU General Data Protection Regulation replaces the Data Protection Act 1998. This gives you new rights in relation to the privacy of your personal information. We have provided a brief explanation below of how you can use those rights.
In the case of any request involving one of your rights, we will respond to your request without delay and at most within one month of receipt of your request. We are permitted to extend this time period by up to two months if your request is particularly complex.
THE RIGHT OF ACCESS
Subject Access Requests allow your right to obtain a copy of the information that we hold about you. You have the right to ask us to provide you with this information free of charge. However, should the request be deemed to be manifestly excessive, manifestly unfounded or repetitive, then we are permitted to charge a reasonable fee for providing the information. In such circumstances, and as an alternative, we can refuse to comply with the request. If this is the case then we shall let you know the reasons for us refusing to comply. You have a right to appeal such a decision via the UK Information Commissioner’s Office. For further information visit https://ico.org.uk/
THE RIGHT TO RECTIFICATION
You are entitled to have the information that we hold about you rectified if it is inaccurate or incomplete. If you believe that the information that we hold about you is inaccurate, incomplete or out of date then please let us know. We will also inform any third parties of the rectification in order that they can update their records too.
THE RIGHT TO ERASURE
You have the right to request that we delete the personal information that we hold about you where we have no compelling reason for its continued processing. This right will apply:
- Where retention of the data is no longer necessary for the purposes that it was originally collected or processed
- Where you have withdrawn consent
- Where you object to us processing the data and there is no overriding legitimate interest for us to continue to do so
- When the personal data has to be erased for us to comply with a legal obligation
- When the data has been unlawfully processed
- Where the data relates to a child
This right shall not apply:
- Where we are exercising the right of freedom of expression and information
- Where we are complying with a legal obligation
- Where we are archiving data in the public interest, for scientific research or for statistical purposes
- When we need the data to exercise or defend a legal claim
We will also inform any third parties of the request in order that they can erase their records too.
THE RIGHT TO RESTRICT PROCESSING
You can request that we restrict the processing of your information. This means that you may have requested one of your other rights, where until the request is concluded that we suspend the processing of your data. If we have passed your data to a third party, we will also inform them that they must restrict the processing of your data. This right will apply:
- Where you contest the accuracy of the information that we hold about you and you request that we restrict processing while we investigate
- You object to us processing your personal data, but we believe that processing is in the public interest or the performance of our legitimate interests and that these are legitimate grounds to override your interest
- Where you believe that processing is unlawful and you request restriction instead of deletion
- Where we no longer need that data, but you require the data stored in order to pursue a legal claim
THE RIGHT TO DATA PORTABILITY
You have the right to request the information that we hold on you be supplied to you in a portable format. This allows you to take your information from our IT environment to another organisation's IT environment. The format in which we supply your data will be a structured and machine readable CSV file or a spreadsheet.
THE RIGHT TO OBJECT
You have the right to object to your personal information being processed by us. This means at any time you are free to:
- Advise us of any incorrect information that we hold about you in order for us to correct such information
- Withdraw consent – if you request that you no longer want us to contact you then we will change your preferences in order to suppress any future marketing. Please note, that we will retain information in order to recognise that you have withdrawn consent. If we were to delete all the information we hold about you then we are unable to ensure that you are not contacted again in the future. In such circumstances we will only keep the minimal amount of information required.
- Ask us to stop processing your data under legitimate interests. In such circumstances we will comply with your request unless there is a legitimate overriding reason to continue processing the data. Please note, that we will retain information in order to recognise that you have withdrawn consent. If we were to delete all the information we hold about you then we are unable to ensure that you are not contacted again in the future. In such circumstances we will only keep the minimal amount of information required.
- Ask us to delete your data in its entirety – please note that if we do this we are unable to recognise that you do not want to receive communications with us as no data of this nature will be held.
INFORMATION WE MAY COLLECT FROM YOU
We may collect and process the following data about you:
- Information that you provide by filling in forms on our website, information provided via live chat, information provided to our call centres and information provided by you directly. This includes information provided at the time of registering to use the website, subscribing to our service, posting material or requesting further services. We may also ask you for information when you report a problem with the website
- If you contact us, we may keep a record of that correspondence
- If you telephone us, we may keep recordings of the call for training, fraud prevention, servicing your account and regulatory consent
- Details of transactions you carry out through the website and of the fulfilment of your orders
- Details of your visits to the website including, but not limited to, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access
- Payment card information. This is not stored on our systems and is used at the point of payment only.
- We may also receive your information from another organisation that you have consented for them to share your data
- When we collect information from publicly available sources, such as companies house
- When information has been made public as a matter of law
PRIVACY NOTICE UK WEBSITE
We may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies and other such software on our website contain information that is transferred to your computer's hard drive. They help us to improve the website and to deliver a better and more personalised service.
This includes, but is not limited to:
- Your IP address
- Your operating system
- Your browser type
- The name of your internet service provider
- The date, time and duration of your visit
- The name and URL of pages you access
The purpose of this is for system administration and to report aggregate information to our marketing department. This contains statistical data about our users' browsing actions and patterns, and does not identify any individual.
The website may, from time to time, contain links to and from the websites of our partner networks and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
USE OF OUR SERVICES BY CHILDREN
Our website is not intended for the use of children under the age of sixteen. We ask that children do not provide personal information through our website. If we become aware that we have collected personal information from a child under the age of sixteen, then we will delete that information from our records.
WHERE WE STORE YOUR PERSONAL DATA
The data that we collect from you may be transferred to, and stored at, a destination outside the European Union ("EU"). It may also be processed by staff operating outside the EU who work for us or for one of our suppliers. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with the appropriate EU General Data Protection Regulation Article, including Article 45 - Adequacy Decision, Article 46 - Appropriate Safeguards, Article 47 - Binding Corporate Rules, Article 49 (1) - Specific Situation Exemption or Article 49(2) - Transfer to the Data Subject.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of the website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
We use physical, technological and administrative safeguards to protect your personal information against loss, misuse or alteration. All your personal information is stored securely and may only be accessed by employees with a legitimate business need to access the information. Unfortunately, the transmission of information via the internet is not completely secure and we cannot guarantee the security of your data transmitted to the website. Any transmission is at your own risk.
HOW WE USE YOUR INFORMATION
In order to make our communication relevant it is important that we use your data to build up a picture of which services & products might be relevant to your situation. Beacon Group understand that irrelevant communication is frustrating and unnecessary, therefore we undertake regular reviews to determine that our contract strategy is relevant and informative.
The legal basis of legitimate interests allows us to use your data to determine what products & services might be of interest to you, and to contact you to inform you of said services. This legal basis allows you to object to us sending you communications and to request that we do not contact you in the future, or that we only contact you in specific circumstances.
We use your data in the following circumstances:
- To send or telephone you about details of relevant products & services including promotions and industry updates
- To conduct customer feedback surveys
- To ensure that content from the website is presented in the most effective manner for you and for your computer
- To carry out our obligations arising from any contracts entered into between you and us
- To allow you to participate in interactive features of our service, when you choose to do so
- To notify you about changes to our service
- To process payments where relevant
- To protect our business and any online account you hold from fraud. We may also monitor your web browsing history to check for any website problems. We do this to protect the integrity of our websites and your online account. We will work to rectify any issues immediately and advise you if your account needs any maintenance from you personally.
In the seven circumstances above, we will use the following legal basis for processing:
- Legitimate Interest
You are free to modify how we contact you or opt out of receiving further communications at any time.
DISCLOSURE OF YOUR INFORMATION
We may disclose your personal information to any member of the Beacon Group (International) Ltd, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006 or one of our connected companies.
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets
- If Beacon Group International Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets
In addition to the information that we share in order to comply with our legal obligations, we also may share or disclose the information:
- To third parties that process data on our behalf
- To any other party with your prior consent
We may also exchange your information with other companies and organisations for the purposes of fraud protection and credit risk reduction. Where false information or fraud is suspected, we may pass this information to fraud prevention and law enforcement agencies.
RETENTION OF DATA
We retain your information for as long as you hold an account with us or have been registered as having an interest in our goods or services. This enables us to maintain an ongoing relationship with you and allows us to service any orders that you place with us. We follow a data retention schedule; this has been put in place to ensure that we retain the minimum amount of personal data about you.
We ask that you not send or disclose any sensitive personal information to us either through our website, post, email, text message, live chat, telephone call or by any other method. For clarity, sensitive personal information means information related to racial or ethnic origin, political opinions, religion or other beliefs, health, criminal background or trade union membership.
In the unlikely event that information that you have supplied us is compromised then we shall notify both the UK Information Commissioner's Office and you that this is the case. This notification will be made without due delay.
CHANGES TO THIS PRIVACY NOTICE
We review this notice at least annually or after any significant change to our website, processes, and systems or because of government regulations. Any changes we may make to our privacy notice in the future will be posted on this page and, where appropriate, notified to you by e-mail. We recommend that you visit this page from time to time to view any changes that we may have made.
Date of Last Review: 15th May 2018
The Compliance Officer
Our Compliance Officer Stephen Williams may be contacted in writing at:
The Compliance Officer, Beacon Group International Ltd, Leachs, Beacon Park, 228 Holme Lacy Road, Hereford. HR2 6BQ
Or by email at email@example.com
If you have a complaint relating to our data protection or data privacy then please email our Compliance Officer at firstname.lastname@example.org.
If you are unhappy with the final response that you receive from us in relation to a complaint, then you have the right to complain to our supervisory authority – the UK Information Commissioner's Office. For further information, please visit https://ico.org.uk/concerns/