This policy applies to all the personal data we process regardless of how it was captured by electronic means, paper records, in person or via social media and how that data is stored or whether it relates to past or present customers, supplier contacts, shareholders, website users or any other Data Subject.
We are 100% committed to protecting your personal information and we shall always be transparent with you about how we are using your details. This document outlines how we do this, and regardless of the personal data we hold we shall process your personal data in full accordance the EU General Data Protection Regulation GDPR and the UK Data Protection Act 2018. We will be open about what information we collect, why we need it, and how we intend to use it. This document explains how we obtain, collect, process and store information about you, if we share with any third parties and details of your rights.
Haphazard Services Limited, is a registered company in England & Wales with company number 9965206.
Full business contact information is at the end of this policy.
Haphazard Services Limited have core beliefs regarding your data:
- We will never sell, rent, distribute or make public your personal data
- Data should only be collected and processed when absolutely necessary
- We have duty of care to hold this data safe
- The rights of the data subject remain lawful, fair and transparent
Who is responsible for managing my information?
On what basis do we process your information?
We collect your personal data directly from our website and via email and telephone. We maintain records of customer contact, which falls under the lawful basis of legitimate interest (GDPR Article 6(f)) and under the lawful basis of being necessary for the performance of a contract (GDPR Article 6(b)).
Personal data is processed entirely for the legitimate interest of maintaining contact between us and you (our customer, or potential customer) in order to deliver our service and fulfill any contracts, which exist between us. We do not process any special category data within the meaning of GDPR.
What information do we collect?
Personal and sensitive data is required to allow us to provide our services to our clients. We will obtain your name, company and contact details and details of any colleagues with whom we may need to communicate.
Cookies are small text files that are placed on your computer when you access a website. These allow websites to do several important things, including remember what’s in your shopping basket and which pages you have visited. Our website is exclusively an informational site and collects no personal data, nor is it used as an online store. We have selected the option in our website builder to prevent the placing of tracking cookies on your browser. We do not serve up advertisements or knowingly take part in any scheme that would allow your online behaviour to be tracked for the purposes of identity discovery.
For detailed information on the cookies we use and the purposes for which we use them see our Cookies Policy
How do we use and store your information?
The information you provide may be used in a number of ways, for example:
- By using the Email links, the data you input will be not be stored but will be collected and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the Internet. The email content is then decrypted by our local computers and devices and then stored on our CRM system.
- Under 16’s must obtain parental consent before interacting with our website.
Your data is stored on our secure servers hosted by DigitalOcean.
Do we ever share personal data?
No, we do not routinely share any personal data, and would only do so under a legitimate request from a law enforcement agency.
We may also disclose your personal information to third parties in the event we sell or buy business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
When can we contact you in the future?
We would like to send you information about our own products and services, as well as those of selected third parties. We may do this by post, telephone, email or SMS, unless you have told us that you do not wish to be contacted in this way. We will always ask you to confirm in advance that you are happy for us to allow third parties to contact you by email.
If you would like to change any of your preferences relating to the way in which we may use your information for direct marketing, then please update your user preferences or send an email to email@example.com.
How long will we hold your information for?
We have a system of retention periods in place to ensure that your information is only stored whilst it is required for the relevant purposes or to meet legal requirements. Where your information is no longer required, we will ensure it is disposed of in a secure manner.
How can you access and update your information?
You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please email or write to us at the address noted at the bottom of this policy.
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.
Does this policy apply to linked websites?
What happens if there is a data breach?
As per the GDPR regulations all data breaches will be reported to the ICO within 72 hours. This includes those of any 3rd parties where it’s apparent that personal data stored has been compromised.
Who can we contact if we have any queries about this policy or how our data is processed?
By email: firstname.lastname@example.org.
Or write to us at Haphazard Services, 4 Prince Albert Road, London, NW1 7SN
The Data Protection Officer’s email address is email@example.com.
How can we make a complaint?
You can contact us at the above address, alternatively the supervisory authority in the UK for data protection matters is the Information Commissioner (ICO) www.ico.org.uk.
If you think your data protection rights have been breached in any way by us, you are able to make a complaint to the ICO. The ICO Helpline number is 0303 123 1113.