This policy describes how Davlav Limited (a company registered in England under CN 3916775) (“Davlav”) protects and makes use of the information you give to us when you interact with our business or enter into a contract with us. This may be as a customer, a supplier, an employee or a visitor to our website.
We promise to keep personal data confidential, safe and secure at all times.
If you do have any questions you may wish to write to our Data Protection Controller at Davro House, Granites Farm, Granites Chase, Billericay, CM11 2UQor alternatively please call +441375398398 between the hours of 08:30 – 16:30, email email@example.com.
Davlav store the following information from their customers:
Davlav will use this information for our own internal records. We may use to contact you in reply to an enquiry. We may also send promotional mailings or call as part of a quality control measure.
Davlav may collect information about you from third parties, for example from publicly available information such as Companies House, websites such as LinkedIn, references from banks or other third parties (with your consent), or from credit reference agencies.
Davlav may collect information about you via our IT systems, eg. door entry systems and reception logs; automated monitoring of our websites and other technical systems, such as our computer networks and connections, CCTV and access control systems, communications systems, email and instant messaging systems.
Under data protection law, we can only use your personal information if we have a proper reason for doing so, eg:
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
We may use your personal information to send you updates (by email, text message, telephone or post) about our products and services.
We have a legitimate interest in processing your personal information for promotional purposes. This means we do not usually need your consent to send you promotional communications. However, where consent is needed, we will ask for this consent separately and clearly.
We will always treat your personal information with the utmost respect and never share it with other organisations outside Davlav’s group for marketing purposes.
You have the right to opt out of receiving promotional communications at any time by:
Information collected from daily sales enquiries is not retained.
Customer information is not shared with any third parties without consent to do so.
Onsite data is held on Windows servers in an Active Directory Domain structure. File, folder permissions and passwords are in place along with a password complexity policy and regular password changes.
Archived records are treated in the same way as live records.
Only relevant, accurate and non-excessive data is stored and is only accessible for those that have the need to access, as part of their role within the company.
We will keep your personal information while you have an account with us or we are providing products and services to you. Thereafter, we will keep your personal information for as long as is necessary:
We will not retain your personal information for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal information. Further details on this are available in our Data Protection Controller (see “Key details” above for contact details).
When it is no longer necessary to retain your personal information, we will delete or anonymise it.
We may share your data with:
We only allow our service providers to handle your personal information if we are satisfied they take appropriate measures to protect your personal information. We also impose contractual obligations on service providers relating to ensure they can only use your personal information to provide services to us and to you. We may also share personal information with external auditors, eg in relation to the audit of our accounts.
We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
Davlav will always hold your information securely. To prevent unauthorised access to your information we have implemented strong physical security safeguards. Davlav also follow stringent procedures to ensure we work with all personal data in line with EU General Data Protection Regulations. Data will not be kept for longer than necessary and will only be used for the correct purpose. Personal data will be processed fairly and lawfully.
To deliver services to you, it is sometimes necessary for us to share your personal information outside the European Economic Area (EEA), eg:
with your and our service providers located outside the EEA;
if you are based outside the EEA;
where there is an international dimension to the services we are providing to you.
These transfers are subject to special rules under European and UK data protection law.
If you would like further information please contact our Data Protection Controller (see ‘Key details’ above).
You have the following rights, which you can exercise free of charge:
|Access||The right to be provided with a copy of your personal information (the right of access)|
|Rectification||The right to require us to correct any mistakes in your personal information|
|To be forgotten||The right to require us to delete your personal information—in certain situations|
|Restriction of processing||The right to require us to restrict processing of your personal information—in certain circumstances, eg. if you contest the accuracy of the data|
|Data portability||The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations|
|To object||The right to object:
—at any time to your personal information being processed for direct marketing (including profiling);
—in certain other situations to our continued processing of your personal information, eg processing carried out for the purpose of our legitimate interests.
|Not to be subject to automated individual decision-making||The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you|
For further information on each of those rights, including the circumstances in which they apply, please contact us or see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
We hope that our Data Protection Controller can resolve any query or concern you may raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns or telephone: 0303 123 1113.
This privacy notice was published on 25 May 2018 and last updated on 25 May 2018.
We may change this privacy notice from time to time—when we do we will inform you via our website.
Ref: POL003 Rev 1.0 May 2018