The General Data Protection Regulations (GDPR) (EU 2016/679) is effective from 25 May 2018 and will entirely replace the Data Protection Act 1998.
This document discloses the data protection and privacy practices for B&S Int. Ltd trading as B&S Properties. Your privacy is very important to us and this policy sets out how we collect, store and use personal data.
B&S Int. Ltd, as the Data Controller, is required to process relevant personal data as part of its operation and shall take all reasonable steps to do so in accordance with this Data Protection and Privacy Notice and the relevant legislation mentioned above.
B&S Int. Ltd shall, so far as is reasonably practicable, comply with the Data Protection Principles contained in the Data Protection Regulations to ensure all data is:
- Fairly and lawfully processed
- Processed for a lawful and specific purpose
- Adequate, relevant and not excessive
- Accurate and up to date
- Not kept for longer than necessary
- Processed in accordance with the data subject’s rights
- Kept safe and secure
- Not transferred to outside the European Economic Area (EEA) without adequate protection
WHAT THIS POLICY IS FOR
This policy is intended to provide information about how B&S Int. Ltd will use or process personal data.
This information is provided in accordance with the rights of individuals under Data Protection Regulations to understand how their data is used.
RESPONSIBILITY FOR DATA PROTECTION
The Managing Director is the senior person responsible for data protection issues and any queries and will deal with all your requests and enquiries concerning the company’s use of your personal data (see section on Your Rights below) and endeavour to ensure that all personal data is processed in compliance with this policy and the Data Protection Regulations.
For data protection queries, please email firstname.lastname@example.org. The Managing Director can be contacted by telephone at +44 (0) 2033690488 or in writing to the Managing Director, B&S Int. Ltd, 16 Upper Woburn Place, London, WC1H 0AF.
WHY THE COMPANY NEEDS TO PROCESS PERSONAL DATA
B&S Int. Ltd may process personal data about individuals as part of its daily operation.
Uses of personal data will be made in accordance with the company’s “legitimate interests”, or the legitimate interests of another, provided that these are not outweighed by the impact on individuals and provided it does not involve special or sensitive types of data.
The company expects that the following uses may fall within the category of its legitimate interests:
- To perform marketing services related to our services.
- To confirm the identity and maintain relationships with business and individual contacts, including direct marketing.
- In connection with employment of its staff, for example DBS checks, welfare or pension plan.
- To retain staff information for the purposes of managing their employment, providing and receiving information and references for current, past and future employees and for compliance with any safeguarding requirements.
TYPES OF PERSONAL DATA PROCESSED BY THE COMPANY
This will include by way of example:
- names, addresses, telephone numbers, e-mail addresses and other contact details.
- images of customers and staff (and occasionally other individuals) engaging in business activities.
HOW THE COMPANY COLLECTS DATA
Generally, the company receives personal data from the individual directly. This may be via a website form, or simply in the ordinary course of interaction or communication (such as email, telephone or letter).
However, in some cases personal data may be supplied by third parties (for example an online survey company, or other professionals or authorities working with that individual); or collected from publicly available resources.
OTHER TYPES OF DATA COLLECTED
Cookies are small text files that can be used by websites to make a user’s experience more efficient.
Some cookies are placed by third party services that appear on our pages.
Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
Preference cookies enable a website to remember information that changes the way the website behaves or looks, like your preferred language or the region that you are in.
Statistic cookies help website owners to understand how visitors interact with websites by collecting and reporting information anonymously.
Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third-party advertisers.
We use a number of different cookies on our site. If you do not know what cookies are, or how to control or delete them, then we recommend you visit https://www.aboutcookies.org/ for detailed guidance.
External Web Services
We use several external web services on the B&S Int. Ltd website, mostly to display content within our web pages (weather, photos, videos). For example, to show videos we use YouTube and Vimeo.
As with the social buttons we cannot prevent these sites, or external domains, from collecting information on your usage of this embedded content.
If you are not logged in to these external services then they will not know who you are but are likely to gather anonymous usage information e.g. number of views, plays, loads etc..
Some emails we send are tracked at an individual level to determine whether the user has opened and clicked on the email. We use it to understand open and click rates on our emails to try and improve them. Sometimes we do use the personal information e.g. to re-email people who didn’t click the first time.
WHO HAS ACCESS TO PERSONAL DATA AND WHO THE COMPANY SHARES IT WITH
Occasionally, the company will need to share personal information relating to its staff with third parties, such as professional advisers (lawyers and accountants) or relevant authorities (HMRC, police or the local authority).
To fulfill the company direct mail requirements, we may use approved mailing houses, who provide the business with security and undertakings to process any data provided to them solely for the purposes of mailing services and in no circumstances will be shared with any other third party.
For the most part, personal data collected by the company will remain within the business and will be processed by appropriate individuals only in accordance with access protocols (i.e. on a ‘need to know’ basis).
Finally, in accordance with Data Protection Regulations, some of the company’s processing activity is carried out on its behalf by third parties, such as IT systems, web developers and cloud storage providers. This is always subject to contractual assurances that personal data will be kept securely and only in accordance with the company’s specific directions.
We are committed to ensuring that your information is secure. To try and prevent unauthorised access or disclosure, we have put in place strict procedures and security features around our websites.
All services have active SSL Certificates in place.
However, transmission of information via the internet is not completely secure. We do our best to protect your personal data, but we cannot guarantee the security of your data transmitted to our sites. Any transmission is at your own risk.
The data that we collect from you will be typically transferred to, and stored at, a destination inside the EEA. It will also be processed by staff operating inside the EEA.
We do use the services of several companies who are not located in the EEA. We are only using the services of providers who are recognised as market leaders in their field. This includes but is not limited to the following organisations.
All of these organisations have subscribed to the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework (collectively, “ Privacy Shield ”). The links provided are to the relevant privacy information for each service.
- Dropbox – for file storage
- Google – Google’s Cloud Platform for the cloud storage of data, Google Analytics, GSuite email, GDrive
- MailChimp – for the secure transmission of marketing emails.
- HeartInternet – for the hosting of our website
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our sites, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
B&S Int. Ltd cooperates with law enforcement inquiries and other third parties to enforce laws, intellectual property rights and other rights. Local and international law enforcement agencies can request and may receive your personally identifiable information.
HOW LONG WE KEEP PERSONAL DATA
The company will retain personal data securely and only in line with how long it is necessary to keep for a legitimate and lawful reason. If you have any specific queries about how this policy is applied or wish to request that personal data that you no longer believe to be relevant is considered for deletion, please contact the Managing Director who is responsible for handling such requests at the company.
Individuals have various rights under Data Protection Regulations to access and understand personal data about them held by the company, and for it to be erased or amended or for the company to stop processing it, but subject to certain exemptions and limitations.
Any individual wishing to access or amend their personal data or who has some other objection to how their personal data is used, should put their request in writing to the Managing Director.
The company will endeavour to respond to any such written requests as soon as is reasonably practicable and in any event within statutory time-limits, which is one month in the case of requests for access to information.
HOW WE USE PERSONAL INFORMATION FOR MARKETING
The company will use the contact details of businesses and individuals to keep them updated about the activities of the company, or events of interest. This will include sending updates and newsletters, by email and by post, unless the relevant individual objects.
If at any stage, you wish no longer to receive any emails that you receive you can unsubscribe or change your preferences by ticking the unsubscribe box in the footer of any of the emails you receive.
MANAGING AND DELETING YOUR INFORMATION
We store information until it is no longer necessary to provide our services, or until your account is deleted, whichever comes first. This is a case-by-case determination that depends on things like the nature of the information, why it is collected and processed, and relevant legal or operational retention needs.
If you would like to manage, change, limit, or delete your information you can do that anytime by emailing email@example.com. The Managing Director can be contacted by telephone at +44 +44 (0) 2033690488 or in writing at Managing Director, B&S Int. Ltd, 16 Upper Woburn Place, London, WC1H 0AF.
QUERIES AND COMPLAINTS
Any comments or queries on this policy should be directed to the Managing Director. If an individual believes that the company has not complied with this policy or acted otherwise than in accordance with Data Protection Regulations, they should contact the Managing Director by emailing firstname.lastname@example.org or by calling +44 (0) 2033690488 or in writing to B&S Int. Ltd, 16 Upper Woburn Place, London, WC1H 0AF.