Charles Rayner Ltd is committed to ensuring that your privacy is protected and will treat all information held about you in accordance with this policy which is in line with current UK legislation. For these purposes Charles Rayner Ltd is a ‘data controller’ meaning that we decide how and why the personal data that we collect is used.
This notice applies to:
- All Client’s
- All Third Parties and Suppliers with whom we have dealings in the ordinary course of our business including those individuals with whom we send marketing information
Any reference to ‘we’, ‘us’, ‘our’, ‘the company’ shall mean Charles Rayner Ltd.
- How we collect personal information
- How we use the information we collect
- Your rights and how you can manage the use of your personal information
- Procedures that we have in place to safeguard your privacy
- How you can make a complaint or contact us
The information we collect
We only gather the personal information we need for business purposes in order to provide you with the services you have requested or to comply with our regulatory obligations, as well as appropriate news and information.
The personal data we collect will be the information that you provide and will include your name, (billing and delivery) address, phone numbers and email address and may also include information about you from the e-mails, letters and other communications you send and documents you provide to us.
We may also collect information about your usage of our website (please refer to our Cookies Policy).
Charles Rayner Ltd collects this information in a variety of ways. We obtain personal data about you, for example, when:
- You request a quote/proposal from us in respect of the (print production) services we provide;
- You or your employer or our clients engage us to provide our services and also during the provision of those services;
- You contact us by email, telephone, post etc. (for example when you have a query about our services);
- We meet with you.
We also collect personal data about you from third parties and/or publicly available resources, (for example, internet searches). Data is stored in a range of different places, including in relevant files, and within email and IT systems.
How we will use your personal data
We will only use your personal information when the law allows us to. Most commonly, we will use your personal information in the following circumstances:
- Where we need to perform the contract we have entered into with you
- Where we need to comply with a legal obligation
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
We may also use your personal information in the following situations, which are likely to be rare:
- Where we need to protect your interests (or someone else’s interests).
- Where it is needed in the public interest (or for official purposes).
We need all the categories of information in the list above primarily to allow us to perform our contract with you and to enable us to comply with legal obligations. In some cases we may use your personal information to pursue legitimate interests of our own or those of third parties, provided your interests and fundamental rights do not override those interests. The situations in which we will process your personal information are listed below.
- Administering the contract we have entered into with you
- Business management and planning, including accounting, auditing, network and IT security
- Managing and conducting performance
- Dealing with legal disputes involving you
- To prevent fraud
Some of the above grounds for processing will overlap and there may be several grounds which justify our use of your personal information. Although we haven’t sent you marketing emails in the past, we have a legitimate business interest in retaining your data to keep you informed about our company updates and advise you of products, services and promotions we offer that may be of interest to you. In these circumstances, you will always be able to ‘unsubscribe’ from receiving these marketing communications from us at any time.
What if you do not provide personal data?
If you refuse to provide us with certain information when requested, we may not be able to perform the contract we have entered into with you or we may be unable to comply with our legal obligations.
Do any third parties have access to my data?
We will share your personal information with third parties where required by law, where it is necessary to administer the working relationship with you or where we have another legitimate interest in doing so.
We will share your personal information within Charles Rayner Ltd in the context of system maintenance support and hosting of data.
“Third parties” includes third-party service providers (including contractors and designated agents). These “third parties” are other companies employed to provide services for us who will have access to the personal information needed to perform their functions and not for any other purpose. The following activities are carried out by third-party service providers: IT (and cloud services), professional support services (such as website management), administration services (including Occupational Health & Safety), distribution/delivery services and banking services.
Unless required to do so by law, we will not otherwise share, sell or distribute any of the information you provide to us without your consent.
How secure is my information with third-party service providers?
All our third-party service providers are required to take commercially reasonable and appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
We will put in place appropriate security measures to protect your data proportionate to the size of our operation, the resources available to us and the nature of the data we store on you.
How does Charles Rayner Ltd protect data?
Our business operates in compliance with ISO 9001 Quality and ISO 14001 Environmental standards. We take our high standards seriously, which involves us making efficient use of resources, reducing waste and showing due diligence to protect the security of your data as part of our focus on delivering customer satisfaction and high performance. We have internal policies and controls in place in respect of security that are regularly reviewed to ensure that they are commercially reasonable and appropriate, to prevent data from being accidentally lost or destroyed, used or accessed in an unauthorised way, altered or disclosed. Our policies and controls are designed to limit access to those employees, agents, contractors and other third parties who have a business need to know.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Where Charles Rayner Ltd engages third parties to process personal data on its behalf, they do so on the basis of written instructions and are obliged to implement appropriate measures to ensure the security of data.
All employees, agents, contractors and other third parties are subject to a duty of confidentiality.
How long does Charles Rayner Ltd keep data?
We will only retain your personal data for as long as the law requires or as long as it is necessary to fulfil the purposes for which it is collected, taking into account the nature of the information and purpose for which it has been obtained and is used or held.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In respect of client data we will typically hold data relating to your instructions for a period of 7 years after completion of the matter. The reason for this is that the Limitation Act 1980 typically provides that legal proceedings for breach of contract or negligence can be brought up to 6 years after the events. We therefore have a legitimate business interest in retaining the data in the event of any subsequent legal proceedings.
Under certain circumstances individuals have certain rights over their personal data. These include:
- requesting access to and thereby receiving details of personal data held;
- requesting correction of personal data, where appropriate;
- requesting erasure of personal data, where appropriate;
- objecting to the processing of your personal data where Charles Rayner Ltd is relying on its legitimate interests as the legal ground for processing; and
- requesting the restriction of processing of your personal data for a period if data is inaccurate or there is a dispute about whether or not your interests override Charles Rayner Ltd’s legitimate grounds for processing;
- Requesting the transfer or your personal data where processing is based on consent, is carried out by automated means and is technically feasible.
If you want to review, verify, correct, request erasure, request that we transfer a copy of your personal data to a third party or object to the processing of your personal data, please contact us in writing at our registered office or by emailing email@example.com
Please note that where you ask us to erase, correct, object to process or seek to restrict our processing of data we may refuse your request where we have a legal obligation, contractual or other legitimate business interest to refuse your request. If we refuse your request then we will notify you of this refusal and you will have the right to appeal.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
Your duty to inform us of changes
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.
Changes to how we protect your privacy
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information that you provide whilst visiting other sites even if you access them using links to or from our website. You should exercise caution and look at the privacy statement applicable to the website in question.
Charles Rayner Ltd tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention and welcome any suggestions for improving our procedures.
If you believe that we have not complied with your data protection rights please contact us accordingly. We will look into any complaint carefully and promptly and do all we can to explain the position to you.
You also have the right to complain to the Information Commissioner’s office (https://ico.org.uk/)
How to contact us
We always want to hear from our customers. If you:
- Have any questions or feedback
- Would like us to stop using your information
- Want to exercise any of your rights as set out above, or have a complaint.
Please don’t hesitate to contact us and we will be happy to answer any questions you may have.
You can contact us at email address: firstname.lastname@example.org or else through the Charles Rayner Ltd website. Or if you’d like to, you can write to us at: Charles Rayner Ltd, 12 Drakes Mews, Crownhill, Milton Keynes, Buckinghamshire, MK8 0ER.
Review of this Policy
We keep this Policy under regular review. This Policy was last updated on 31 May 2018.