Steadcross Solutions Limited (Steadcross) is committed to protecting and respecting your privacy.
This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the General Data Protection Regulation (EU) 2016/679) (“GDPR”), the data controller is Steadcross Solutions Limited, 35 Westgate, Huddersfield, HD1 1PA
Our nominated representative for the purpose of GDPR is Ian Roberts.
We are not required to appoint a Data Protection Officer for the purposes of GDPR
2. INFORMATION WE MAY COLLECT
We may collect and process the following data about you:
- Information that you provide by filling in forms on our sites, and which may be amended from time to time (“our sites“). This includes information provided at the time of registering to use our site, subscribing to our services, posting material or requesting further services. We may also ask you for information when you report a problem with our site.
- Information that you provide to third party sites and which is publicly available to access.
- Information in connection with your business or employment which you have provided to third parties where you have given consent for them to share that data, for purposes compatible with our business.
- Information supplied to us by our clients for us to market goods and services on their behalf
- If you contact us, we may keep a record of that correspondence.
- If you speak with us via telephone, or other electronic voice medium we may take notes of that conversation. We may keep an audio recording of any conversations or online meetings
- Where you meet with face to face we may take notes of any conversations
- We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
- Details of your visits to our site including, but not limited to, traffic data, location data, weblogs and other communication data and the resources that you access.
3. IP ADDRESSES
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on your browser or the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service.
Our Cookie categories
Some of the cookies we use are essential for the site to operate. The cookies we use can be grouped into two separate categories:
- Strictly necessary
‘Strictly Necessary’ cookies allow you to navigate the website and use essential features like secure areas and online registration. These cookies don’t gather any information about you that could be used for marketing or remembering where you’ve been on the internet.
Since these cookies are essential in our being able to guarantee the performance of our website, should you disable them we won’t be able to ensure your security or predict how our website will perform during your visit.
This type of cookie collects information about how you use our website e.g. which pages you visit, and if you experience any errors. The information collected is anonymous and is only used to help us improve how our website works, gauge what interests our users and assess the effectiveness of advertising.
Our 3rd party services
3rd party services that we use on our site that may set cookies include:
- Google Analytics
To find out more about cookies, including how to control and disable them, please visit www.allaboutcookies.org
5. WHERE WE STORE YOUR PERSONAL DATA
The data that we collect from you will be stored on secure cloud hosted by providers within the European Economic Area (“EEA”) with secure data access controls and back ups.
6. USES MADE OF THE INFORMATION
We use information held about you in the following ways with the following legal bases as defined under GDPR:
Where we are in the final stage of negotiating or have in place a contract with you or your employer or business we may store and process data about you as necessary for the fulfilment of the contract.
This data may include, for example
- Your work e-mail address
- Your work phone number(s)
- E-mails that we exchange
- Recordings of telephone conversations or on-line meetings
Where we need consent to contact you under direct marketing rules we will have obtained your consent by one of the following means
- Direct from you via a consent request on a document or web form that you have completed.
- Where we are using a list which we have bought, and the supplier has ensured us that you have given clear consent to receive marketing of the type and subject matter being sent.
Where we do not need consent to contact you under direct marketing rules, e.g. where we are contacting by: a live telephone call; an e-mail to your work e-mail address where the organisation you work for is a corporate body, we may process your data and may contact you with direct marketing using the legal basis of legitimate interest.
Where we use legitimate interest we will
- Give clear instructions of how to opt out of future e-mails (unsubscribe)
- Provide a method by which you can ask us not to call you in future and we will record any phone numbers you specifically ask us not to call
- Adopt similar opt out mechanisms other forms of direct marketing where consent is not required.
Where you ask us not to contact you further we will record this fact and we will not contact you further by that method for any direct marketing on behalf of ourselves or any of our clients.
We will also inform the client for whom the campaign was being conducted and inform them not to contact you again. Whilst we will make every reasonable effort to ensure our client complies with your wishes in this regard we cannot guarantee it.
Where we use legitimate interest we will not contact you by telephone on any number which has been registered with either TPS or CTPS
7. DISCLOSURE OF YOUR INFORMATION
We may disclose your personal information to any relevant part of our business.
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If Steadcross or substantially all of its assets are acquired by a third party, in which case personal data held by it will be one of the transferred assets.
8. YOUR RIGHTS
You have the right to ask us not to process your personal data for marketing purposes, this also applies where we do this under the legal basis of legitimate interest. You can exercise your right to prevent such processing by at any time by contacting us at firstname.lastname@example.org with “Marketing Opt Out” in the subject heading.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
You have the right to ask us to delete any / all of the data we hold about you. We must comply with this request, and notify you that we have done so, unless we have a legitimate reason to refuse. Legitimate reasons for refusal are limited, for example, suspected fraud, pending legal dispute, ongoing complaint
9. ACCESS TO INFORMATION
GDPR gives you the right to access information held about you. Your right of access can be exercised in accordance with GDPR.
10. RETENTION OF INFORMATION
We will retain your data in accordance with the times shown below
- Where you have provided data to us via one of our sites we will not keep your data for more then 24 months from the date you supplied it unless we have asked for your permission or one of the other conditions below applies
- Where we are providing a service to you / your business / a business in which you are employed and we need your personal details to perform that contract, we will retain your data for a period of 24 months after the completion of that contract
- Where we have downloaded data from a bought in list or database we will keep the data until the earlier of the end of our licence agreement with the list or database provider or 24 months after the most recent download except that
- Where, as a result of using that data we have engaged in a conversation with you about a product or service, we will retain the data for no more than 24 months after the final contact from you, i.e. a conversation or an inbound letter, e-mail or other written communication.
- Where we have obtained data from a client in order to provide a direct marketing service on their behalf, we will keep the data until the end of the end of our service contract with the client at which point data will be returned to our client.
- Where, as a result of using that data we have engaged in a conversation with you about a product or service from said client, we may retain the data for up to 24 months after the final contact from you, i.e. a conversation or an inbound letter, e-mail or other written communication. Such period of retention may be reduced, but not lengthened, depending on the agreement with our client.