01634 729 690
sales@eceuk.com
CONTACT

GDPR

Call us on 01634 729 690

Data Protection Act compliance

Your personal information is in your control. The Data Protection Act 2018 – referred to in the European Union as the General Data Protection Regulation (GDPR) – expands your rights over how we process and hold your personal information.

Respecting your privacy
and rights under GDPR

ECE UK respects your privacy and provides the following rights for individuals:

The right to be informed

When you use our website, we use Google Analytics with anonymised collective data to measure which parts of our website are most popular. When you contact us with an enquiry your details are stored in our computer system. We keep these so that we can respond to you and will be able to get in touch throughout our time working together.

With your permission, we may also use this information to send you targeted emails. We use a GDPR approved provider to send targeted emails and have procedures in place to allow you to opt-out at any time.

The right to access

Like under the former Data Protection Act, you have the right to see any of your information we have stored. Unlike the DPA, this access comes free of charge unless you request access repeatedly. This is so that you can always be aware of and easily verify the lawfulness of our data storage and protection.

We respond to all request for access within one calendar month.

If we hold a considerable amount of information on you specifically, we reserve the right to ask you to narrow down your request.

If you wish to receive a copy of any information we hold on you, email gdpr@eceuk.com or call 01634 729 690.

Under some circumstances, we do have the right to refuse access but must provide a valid reason. You will have recourse through the Information Commissioner’s Office if you do not agree with this reason.

The right to rectification

You have a right to have incorrect or incomplete information corrected. Typically, this comes with no charge. You can do this by emailing corrections@eceuk.com, or calling 01634 729 690. We will make the required correction and notify you within one calendar month.

Under some circumstances we have the right to refuse your request. A refusal cannot be made without a valid reason, and you can challenge our reasoning with the Information Commissioner’s Office.

The right to erasure

You can have your information removed from our records under the following circumstances:

  • The data is no longer necessary for the purpose you gave it to us for, such as when a contract has been completed and you are longer involved.
  • We are relying on consent as our lawful basis for holding the data, and you withdraw that consent.
  • We are relying on legitimate interests as our basis for processing, you object to the processing of your data, and there is no overriding legitimate interest to continue this processing.
  • We are processing your personal data for direct marketing purposes, and you object to that processing.

You can email forget@eceuk.com, or speak to a member of staff on 01634 729 690. We will delete your details and notify any third party we might have passed your information to – only having done so to carry out our legal duty in a contract – and notify you within one calendar month.

Under some circumstances we have the right to refuse your request, but only with a valid reason. If you disagree, you can complain to the Information Commissioners Office.

The right to restrict processing

You have the right to request that we restrict the processing of your personal data under the following conditions:

  • If you contest the accuracy of your personal data, you can request that we do not process your data until we have verified the accuracy of it.
  • If you think your data has been unlawfully processed, and you oppose erasure, you can request that we restrict processing
  • If we no longer need your personal data, but you need us to keep it in order to establish, exercise, or defend a legal claim
  • If you have objected to us processing your data and we are considering whether our legitimate grounds override yours.

You can restrict processing by emailing restrict@eceuk.com, or calling 01634 729 690. We will mark your records as restricted and inform any third party who processes your data on our behalf. You will be notified that this has been completed within one calendar month.

Your right to restrict processing can be invoked in conjunction with other rights such as rectification and objection.

Under some circumstances we have the right to refuse your request. If we do, we will give you a reason, and you’ll have the right to complain to the Information Commissioner’s Office (ICO) if you do not agree. In most cases, the restriction will be temporary, but we are required to notify you before we lift the restriction and why we are lifting it. You have the right to complain to the ICO if you do not agree.

The right to data portability

You have the right to request the information we have on you in a format that can easily be passed on. This is provided free of charge. The information we hold will vary from person to person so we will ask what information you would like specifically so we can better comply.

If we cannot satisfy a request due to the information not being presentable in a structured and machine-readable format, then we will notify you. You will have the right to complain to the Information Commissioner’s Office (ICO).

Under some circumstances we have the right to refuse your request but if we do, we will give you a reason, and you have the right to complain to the ICO if you do not agree. You can either email port@eceuk.com, or speak to a member of our team on 01634 729 690 to start your request.

The right to object

You have the right to object to ECE UK processing your data under specific circumstances including:

  • Processing based on legitimate interests (including profiling)
  • Direct marketing (including profiling)
  • Processing for the purpose of scientific or historical research and statistics

We will immediately stop processing your data. If we do not stop, and cannot provide a valid reason, you have a right to object to the Information Commissioner’s Office (ICO). You must give a reason relating to your unique situation to object.

You can email object@eceuk.com to begin this process.

Rights in relation to automated decision making and profiling

The only automated decision making that we carry out relates to credit accounts. We do not pass any personal information to our bank, but the bank will process director details in their own decision making. They are bound by the same GDPR rules as us.

We never make solely automated decisions. A director will always review the output from the bank and make a decision. You have the right to request that your data not be automatically processed but will need to inform us before entering into a contract with ECE UK.

Data protection officer

Under the definitions of the GDPR, we are not required to appoint a Data Protection Officer. In line with requirements, all our staff have been fully trained in GDPR compliance and will receive continuing professional development on it.

How we keep your data safe

Our core systems are stored on-site in our secure server room, on a secure server that requires complex passwords to access. We do not use any cloud-based storage for this information. We keep regular backups that are stored off-site for security purposes. Our server sits behind multiple security appliances to protect your data from external interference.

We have equipment in place that will detect any data breach and written policies to notify the Information Commissioners Office within 72 hours if necessary. If it is decided that any breach would affect your rights protected by GDPR then you will be notified by ECE UK.

We have agreements in place with any third parties we use to ensure our requirements as GDPR data processors are met.

Find out more about
your data

You can reach our team by calling 01634 729 690 or by email on sales@eceuk.com.

Our enquiry form