Intelligent Facility Solutions
Data Protection – Privacy Notice
Who are we, and what is this document for?
Intelligent Facility Solutions, Business Registration No. 830168 and Global Dryers and Accessories, Business Registration No. 08313901 registered in the UK (referred to as “the Company”, “we”, “us”, or “our” in this privacy notice). We are committed to protecting the privacy and security of your personal information.
“Personal information” or “personal data” means any information from which an individual can be identified, either on its own or by combining it with other information the Company has.
The privacy notice describes how we collect and use personal information about you, in accordance with data protection laws.
It applies to all customers, clients, suppliers, shareholders, website users or any other individuals who are neither employed by the Company or applying for a position with us.
We may update this notice at any time.
The Company is the controller of any personal data we hold about you. This implies we are responsible for deciding how we hold and use that information and are required under data protection law to notify you of the information contained in this privacy notice.
We have appointed a Data Manager responsible for dealing with any issues relating to this notice, who can be contacted via email at: email@example.com
The Company’s representative in the European Union for data protection matters is the Data Manager who can be contacted via email at: firstname.lastname@example.org
It is important that you read this and any other privacy notices we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such information.
Data protection principles
We will comply with data protection law. This says that the personal information we hold about you must be:
- Used lawfully, fairly and in a transparent way.
- Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
- Relevant to the purpose we have told you about and limited only to those purposes.
- Accurate and kept up to date.
- Kept only as long as necessary for the purposes we have told you about.
- Kept securely.
What personal information do we hold about you?
We will collect, store and use the following categories of personal information about you:
- Names and titles
- Addresses, including physical, registered, invoice and delivery addresses.
- Contact details such as telephone numbers, mobile numbers and email addresses.
- Registration details such as Company Registration Number
- Tax status information including Company VAT and EORI?
- Bank account details including Sort Code, Account Number, Account Name of our suppliers
- Information concerning your financial standing and credit worthiness of customer who want to open accounts with us and those who are paying through monthly finance.
- Information extracted through Google analytics
- Information about your use of our website
We do not anticipate needing to collect, store or use “special category” (more sensitive) personal information, which implies information about your
- Racial or ethnic origin
If this changes, we will inform you and, where required by law, obtain your clear consent before doing so.
How do we collect your personal information?
We collect personal information about customers, clients, suppliers, website users and others, either directly from the individuals themselves or sometimes from a third party such as a credit bureau.
We will collect additional personal information in the course of our service-related activities throughout our relationship with you.
How will we use personal information?
We need all the categories of information listed above (under ‘What personal information do we hold about you?’) mainly so we can;
- Perform our contract with you; and
- Comply with our legal obligations
We will use your personal information to pursue legitimate interests of our own or those of third parties, provided your own interest and fundamental rights do not override those interests. The situations in which we will process your personal information include:
- Determining the terms on which our relationship can develop to a formal contract
- Administering our contract with you
- Providing you with a quote, proposal or estimate of our service offering
- Identifying you and your account with us
- Invoicing you and allocating payments
- Paying you or receiving payment from you
- Managing and planning our business, including accounting and auditing
- Contacting you regarding past, current or future business
- Conducting performance (service level) reviews, managing performance and determining performance requirements
- Using Google Analytics for the measurement, collection, analysis and reporting of web page data for purposes of understanding and optimizing web page usage.
- Establishing your credit worthiness and the granting of responsible credit if appropriate
- Interacting with customs, border control or other government agencies as part of our working relationship with you
- Establishing, pursuing or defending legal claims
- Complying with laws and regulations including customs laws and health and safety obligations
- Preventing fraud
- Safeguarding network and information security, including preventing unauthorised access to our computer and electronic communications systems, and preventing malicious software distribution
- Conducting data analytics studies to review and better understand our service levels and product delivery
Some of the above grounds for processing will overlap and some processing of your personal information may be based in several grounds.
Refusal to provide personal information
If you refuse to provide certain personal information when requested, we may be unable to comply with our legal obligations or perform the contract we have with you or are trying to enter into with you (e.g. to provide you with our products and services). We will notify you at the time if this is the case.
Change of purpose
We will only use your personal information for the purpose for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for a different purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, where this is required or permitted by law.
How we use sensitive personal information
We may process special categories of personal information in the following circumstances:
- In limited circumstances with your explicit given consent.
- Where we need to carry out our legal obligations and in line with our data protection policy.
- Where it is needed in the public interest
- If processing relates to personal data which has been made public by you
In limited circumstances, we may approach you for your written consent to allow us to process certain particular sensitive data. If we do so, we will provide you with full details of the information that we would like and the reason we need it, so you can carefully consider whether you wish to consent. We do not need your consent if we use special categories of your personal information in line with our written policy to carry out our legal obligations or exercise specific rights in accordance with the law.
Automated decision-making takes place when an electronic system uses personal information to make a decision without human intervention. We are allowed to use automated decision-making using your personal information if:
- the automated decision-making is necessary to perform our contract with you and appropriate measures are in place to safeguard your rights; or
- in limited circumstances, with your explicit written consent and where appropriate measures are in place to safeguard your rights.
We will only make an automated decision about you on the basis of any particularly sensitive personal information if:
- we have your explicit written consent or
- the processing is justified in the public interest, and
- we have also put in place appropriate measures to safeguard your rights.
Sharing your information
We may need to share your personal information with third parties, including government or regulatory authorities, third-party service providers and partners of Intelligent Facility Solutions, so we or our partners can supply you with our products and services.
Where we do share your information with third parties, they will be under binding contractual obligations to respect the security of your data and to treat it in accordance with the law.
We may transfer your personal information outside the UK and European Economic Area (EEA), but if we do, any such transfer will be subject to the necessary legal measures for safeguarding that information.
Why might we share your personal information with third parties?
We will share your personal information with third parties:
- where required by law,
- where it is necessary to administer the working relationship with you, or
- where we have another legitimate interest in doing so.
All our third-party service providers and partners are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes - they are only permitted to process your personal information for specified purposes and in accordance with our instructions.
We have put in place:
- Appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Details of these measures are available upon request.
- Procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
We also restrict access to your personal information to those of our employees, agents, contractors and other third parties who have a business need to know, and on the basis that
- they will only process your personal information according to our instructions; and
- they are subject to an enforceable duty of confidentiality
We ensure the security of any personal information we hold by using secure data storage technologies and precise procedures in how we store, access and manage that information. Our methods meet the GDPR compliance requirement.
Cross-border transfers of data
Data protection laws restrict transfers of personal information to other countries unless certain conditions are met. However, we will only transfer your information to fulfil our contact and working relationship to you. In this case, your data will be transferred across border to fulfil your order and ensure that your goods are accurately delivered to you.
How long will we keep your information?
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. Once you no longer have any relationship with the company, we will retain and securely destroy your personal information in accordance with applicable laws and regulations.
Updating your information
It is important that the personal information we hold about you is accurate and up-to-date. Please let us know if your personal information changes during your working relationship with us.
Your rights in connection with personal information
Under certain circumstances, you have the right by law to:
- Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request rectification of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you if, for example, if you want us to establish its accuracy or the reason for processing it.
- Request the transfer or portability of your personal information to another party.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please contact our Data Manager at email@example.com
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, if your request for access is clearly unfounded or excessive, we may charge a reasonable fee or refuse to comply with the request.
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Some cookies are required to enjoy and use the full functionality of this website.
Your web browser should provide you with the controls to manage and delete cookies from your device, please see your web browser options.
Cookies that we use are for Feefo (customer review), Google analytics tracking, Zopim (online chat) and our website back office.
Links from our site
Our website may contain links to other websites.
Please note that we have no control of websites outside the intelligenthanddryers domain. If you provide information to a website to which we link, we are not responsible for its protection and privacy. Always be wary when submitting data to websites. Read the site’s data protection and privacy polices fully.
Email marketing messages & subscription
In compliance with GDPR we will use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We will only collect certain data about you, as detailed in the "Processing of your personal data" above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third-party service provider of software/applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages we send will be in accordance with the GDPR and the PECR. We will provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. Instructions on how to unsubscribe or manage your preferences will be available on any marketing message.
Our EMS provider is; MailChimp. We hold the following information about you within our EMS system;
Subscription time & date
Right to withdraw consent
In the limited circumstances where we have relied on your consent for the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw that consent at any time. To withdraw your consent, please contact our Data Manager at firstname.lastname@example.org . Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis in law for doing so.
Questions and complaints
If you have any questions or complaint about this notice or how we handle your personal information, or any requests to exercise your rights in relation to your data, please contact our Data Manager at email@example.com.
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues. Details of how to make a complaint are available on the ICO website at https://ico.org.uk/
Changes to this privacy notice
We reserve the right to update this privacy notice at any time. Any changes we may make to this notice in the future will be posted on this page, we recommend that you check this page from time to time to take notice of any changes we make, as they are binding on you if you provide us with information after such a change has been made. We may also notify you in other ways from time to time about the processing of your personal information.