1. Who we are
We are Dalesman Direct Ltd and we use, collect and are responsible for certain personal information about you.
When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
Data Controller: Dalesman Direct Ltd, Dalesman House, Chase Way, Bradford, West Yorkshire, BD5 8HW.
ICO Registration Number: ZA424462
We ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.
2. The personal information we collect and use
2.1 Information collected by us
We collect and retain personal information about you (and your personnel) through various means, including: -
- Carrying out work for you (or your business).
- Via our website (for example via our ‘Contact Us’ page or our newsletter subscription page).
- Via email or other electronic correspondence.
- Via telephone (including through our routine recordings of phone conversations).
- Via networking (i.e. at business fairs, client events, exhibitions, and/or other meetings or events either hosted by or attended by us, or both).
- By our operating security policies and procedures in our offices (i.e. by virtue of CCTV kept by our buildings landlords to which we have access or to our own CCTV and record keeping within our offices).
- Through operating our business and liaising with other professionals and other referrers.
This personal information that you provide to us may include:
- Your name and title.
- Contact information such as addresses, phone numbers and email addresses.
- Information relating to your preferences and interests.
- In certain situations, your bank account details through the Sage Pay payment gateway.
- Any other personal data we collect in the context of our work for our clients or in the course of operating our business.
2.2 Information collected from other sources
We also obtain personal information from other sources as follows:
- Your names, addresses and contact details from other referrers of potential work and/or clients with whom we have relationships;
3. How we use your personal information
We may use your personal information to:
- Respond to any query that you send us.
- Manage our relationship with you (and/or your business), including by maintaining a database of clients and third parties for administration and accounting and relationship management purposes.
- To carry out our contractual obligations to you (or your business) and/or taking such steps as we have set out in our terms of engagement and retainer that we have agreed with you.
- To carry out any relevant credit or financial viability checks.
- Fulfilling our obligations in respect of the Criminal Finances Act 2017.
- To send you any relevant information on our services and events that may be of interest to you using the email and/or postal addresses which you have provided, but only if you have given us your consent to do so, and until that consent is withdrawn.
- To ensure our websites content is presented in the most effective manner for you and your device and/or to customise our website according to your interests and preferences.
- To administer our website and for internal operations including troubleshooting, data analysis, testing research, statistical and survey purposes.
- To allow you to participate in interactive features on our website when you choose to do so.
- To measure or understand the effectiveness of advertising that we send you and others and to deliver relevant advertising to you.
- To comply with the professional, legal and regulatory obligations that apply to us or to policies that we have in place.
- protect our company interests and/or to prevent illegal activity.
4. Who we share your personal information with
In the course of acting for you we routinely share your name, contact details and other information when:
- you specifically request us to, or this is necessary to provide the services to you (for example when we need to instruct (including but not limited to) packaging companies, butcher sundries and IT service providers).
- In the event that we act for you in any sale or purchase transaction in which case we must disclose your details to the prospective buyer or seller or their representative.
- If we are under a duty to disclose or share your personal data in order to comply with a legal obligation or to protect the rights and interests of our website, our customers, or this firm, or of other third parties.
- We seek to comply with external agencies when providing information with other companies, or institutions for the purposes for verifying your identity and in connection with protection from fraud, money laundering, tax evasion, terrorist financing, or other criminality.
- For administrative purposes, for example when:
- we send your file to our archiving and file destruction contractors for the file to be held,
- we send your name and bank details to our bank to enable funds to be paid by you.
Only where it is relevant to your specific case will such sensitive information be retained on your file. Your file will then require storage and ultimately shredding by our archiving and document destruction contractors in accordance with our data retention guidelines.
For a list of our third party suppliers contact us at [email protected]
In rare circumstances some of those third party recipients may be based outside the European Economic Area — for further information including on how we safeguard your personal data when this occurs, see Section 9. “Transfer of your information out of the EEA”.
We will share personal information with law enforcement or other authorities if required by applicable law.
5. Whether information has to be provided by you, and if so why
If the provision of personal data is required from you to enable us to provide services we will inform you at the point of collecting information from you, whether you are required to provide the information to us.
6. How long your personal information will be kept
We will hold your personal information on your file only when necessary or relevant to your matter and/or to our obligations. The period that we are required to retain financial information by applicable UK tax law is currently 6 years.
7. Reasons we can collect and use your personal information
We rely on contract as the lawful basis on which we collect and use your personal data such as name, address, and contact details.
In addition, in respect of information collected to comply with Anti Money laundering legislation, such as photo ID, dates of birth and former addresses, we rely on legal obligations.
Our review of the risk of potential harm to you of retaining that personal information is that the risk is small and is outweighed by the benefit to you and to us of being able to recreate the history and documents of the transaction.
In addition, in respect of Special Category data we rely on (i) express consent received from you and/or (ii) our assessment that special category personal information held within the matter file is necessary for the establishment, exercise and or defence of legal rights.
8. Consequences of our use of your personal information
We acknowledge that storage arrangements must be configured and designed to comply with good practice as to the accessibility, security and cyber security of any personal information shared by you.
9. Transfer of your information out of the EEA
We may on rare occasions need to share personal information with a recipient located outside the European Economic Area (EEA) (e.g. an advisor or third party engaged by us or you as part of our work).
Countries outside the EEA do not have the same data protection laws as the United Kingdom and EEA. In that situation any transfer of your personal information will be subject to your express consent and we will ensure that we will do so in accordance with European Data Protection Legislation.
If such transfers affect you, then you may contact us to obtain more precise information about those terms, and to obtain copies of relevant documentation.
Our people may occasionally remotely access their email accounts when working abroad (including from jurisdictions outside the EEA). Where they do so they are required to use our systems and access any personal data in accordance with all the usual policies and procedures.
We will not otherwise transfer your personal data outside of the EEA or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.
10. Your rights
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
- fair processing of information and transparency over how we use your use personal information;
- access to your personal information and to certain other supplementary information that this Privacy Notice is already designed to address;
- You are entitled to be told by us whether we or someone else on our behalf is processing your personal information;
- require us to correct any mistakes in your information which we hold;
- in certain circumstances, to require the erasure of personal information concerning you;
- receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and in certain situations have the right to transmit those data to a third party;
- object at any time to processing of personal information concerning you for direct marketing;
- object in certain other situations to our continued processing of your personal information; and
- otherwise restrict our processing of your personal information in certain circumstances.
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
- email, call or write to us at [email protected] for all data protection matters at Dalesman Direct Ltd;
- let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); or
- let us know the information to which your request relates, including any account or reference numbers, if you have them.
If you would like to unsubscribe from any marketing emails or Newsletters you can also click on the ‘unsubscribe’ button at the bottom of the email/newsletter. It may take up to 5 working days for this to take place.
11. Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
12. How to complain
We hope that we or our responsible officer who can be contacted at [email protected] can resolve any query or concern that you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or EEA) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
13. Changes to this privacy notice
This privacy notice was published on 01/09/2018 and was last updated on 31/08/2018.
We may change this privacy notice from time to time. You should check this policy occasionally on our website (http://www.dalesmandirect.com) to ensure you are aware of the most recent version.
14. How to contact us
Please contact us or our responsible officer if you have any questions about this privacy notice or the information we hold about you.
If you wish to contact us please:
- send an email in connection with data protection matters to [email protected];
- send an email in connection with general matters to [email protected];
- Write to Dalesman Direct Ltd, Dalesman House, Chase Way, Bradford, West Yorkshire, BD5 8HW;
- call 01274 758 000 ; or
- contact us through the Contact Us section of our website (http://www.dalesmandirect.com/help-and-support/contact-us).
15. Do you need extra help?
If you would like this notice in another format (for example: large print) please contact us (see ‘How to contact us’ above).