Privacy Policy – James Ashton & Son Ltd

GDPR COMPLIANCE
Following the GDPR regulations that are being implemented in May 2018, James Ashton & Ltd have reviewed its privacy policy and how the company handles your personal data.

AIM
The aim of this policy is to provide you with information about the following:
• What information we collect from you and why;
• How we use this information; and
• How you can access and manage your information.
We are committed to protecting and preserving your information, being transparent about what data we hold and how we use it. We’ve tried to make this Privacy Policy easy to understand.

SCOPE
This policy applies to anyone who uses the websites of, or who buys or uses any of the services provided by, James Ashton & Son Ltd. When we refer to “we” or “our” or “Ashton” we are referring to James Ashton & Son Ltd.

OVERVIEW
We collect information about you when you buy from us or use any of our services. We may share this information between us so we can provide the services you order and manage your account.

When purchasing items, using any of our services or visiting our websites you agree to our use of your information as set out in this privacy policy. This privacy policy forms part of and should be read in conjunction with the terms and conditions on our website and any additional terms you are provided with in relation to our services.

INFORMATION WE COLLECT

1.) Information you give us
When you place an order with us for anything your purchase from us we will need certain information to process your order. This may be information such as your name, private/business  postal address, telephone or mobile number, email address, information to help us identify you and to provide a service to you. We may ask for other information that relates to the service you are using or items you are ordering.
When you contact us to discuss your services, we may ask for certain information to be able to confirm your identity, check our records and answer your questions quickly and accurately.
If you complete any survey we may ask for information about you, which we will make clear to you at the time and for the purpose we will be using this information.

2.) Information we automatically collect
We will automatically collect information:
• when you visit our websites, we may collect and process information about your usage of these by using “cookies” and other similar technologies (see Cookies section below) to help us make improvements to the websites and to the services we make available. We may use this information to provide you with location-based services, such as search results, and other personalised content. Most browsers and devices allow you to turn off location services. Our website does not collect precise information about the location of your device you are using.

3.) Information we receive from other sources.
We may receive personal information about you from third parties, such as companies contracted by us to provide services to you, other telecommunications operators, marketing organisations, and credit reference agencies (CRAs) or fraud prevention agencies (FPAs)

HOW WE USE INFORMATION
The information we collect helps us to better understand what you need from us and to improve the provision of our services to you.
We use the information collected for example to:
• verify your identity when you use our services or contact us;
• process your enquiries or orders, for example when assessing a part you require, we may use internal systems to check historical orders and provide you with the correct information.
• monitor, record, store conversations, e-mail or other electronic communications with you for training purposes, so that we can check any instructions given to us and to improve the quality of our customer service, and in order to meet our legal and regulatory obligations;
• where you have agreed, provide you with information about other Ashton’s Services offers or products which you may be interested in – see Marketing Preferences section below;
• tell you about changes to our website, services or terms and conditions;
• carry out any marketing analysis, or profiling to create statistical or testing information to help us personalise the services we offer you and to understand what our customers want;
• recover any monies you may owe to us for using our services;
• analyse our services with the aim of improving them;

SHARING INFORMATION
We will only share your information with organisations outside James Ashton & Son Ltd:
• with your consent if we are using information for a purpose other than as set out in this Privacy Policy;
• involved in the running or managing of your accounts or providing services to you for us (e.g. customer support, or a courier company if you have asked us to send something to you);
• to help us improve the services we are providing and well as supporting that service;
• as part of current or future legal proceedings;
• in response to properly made requests from law enforcement agencies for the prevention and detection of a crime, for the purpose of safeguarding national security or when the law requires us to, such as in response to a court order or other lawful demand or powers contained in legislation; or
• in response to properly made requests from regulatory bodies such as the Information Commissioners Office and Ofcom, for example where you contact Ofcom asking them to investigate a complaint in respect of the provision of our services to you, they may request information from us to enable them to investigate and make a decision in respect of this matter. We will need to provide them with the relevant information we hold relating to your account.
Where we share your information with third parties who help us provide the services they are required to follow our express instructions in respect of the use of your personal information and they must comply with the requirements of the Data Protection Act 1998 or any other relevant legislation to protect your information and keep it secure.
From time to time these other people and organisations may be outside the European Economic Area in countries that do not always have the same standard of data protection laws as the UK. However, we will have a contract in place to ensure that your information is adequately protected and we will remain bound by our obligations under the Data Protection Act 1998 even when your personal information is processed outside the European Economic Area.

HOW LONG DO WE HOLD YOUR INFORMATION
The time period for which we keep information varies according to what the information is used for. Unless there is a specific legal requirement for us to keep information, we will keep your information for as long as it is relevant and useful for the purpose for which it was collected (and which you agreed to).
For example, when you contact us we may monitor and record your communications with us to use this information for training and quality purposes, and to meet our legal and regulatory requirements.
We will continue to hold information about you if you do not become our customer, or after you have closed your account or terminated your services with us. We will only hold such information for such periods as is necessary for the purpose of dealing with enquiries, offering Barrell’s other services you may be interested in, complying with any legal obligation and for crime and fraud prevention and detection.
The law requires us to keep certain information about how you use our services for a period of 12 months. This information may be used by certain law enforcement agencies to prevent and detect crime and to protect national security. We will only disclose this information to them when we are legally required to.

ACCESSING YOUR INFORMATION
The Data Protection Act 1998 entitles you find out what information we hold about you. If you want to find out what information we hold you will need to submit a request in writing to c/o The Data Controller, James Ashton & Son Ltd 1a Cardean Street Dundee DD4 6PS with a cheque for £10 (to cover our costs of processing the information) made payable to James Ashton & Son Ltd. We may ask you to provide us with proof of your identity to make sure we are giving your information to the right person.
To help us process your request you will need to provide the following information:
• account number(s);
• telephone number(s);
• address; and
• date and time (if requesting a call recording).
If any of your information is incorrect or your personal details have changed you can either:
• notify us in writing, and we will update your details; or
• update your details within your online account.

SENSITIVE PERSONAL DATA
You may want to make us aware of certain special information about you, such as information relating to your health or medical circumstances, such as the fact that you are registered as a blind person, so that we can use this information to improve your services. We need your consent to hold this data about you and to use it for your services with us. You can give your consent to us whenever you speak to.
We use this information to help us tailor our service to your needs. You can withdraw your consent for us to hold and use these special types of information at any time, but if you do this may impact your service.

MARKETING PREFERENCES
Where you have agreed to us contacting you, we will contact you with details of products and services that we believe you may be interested in. If you change your mind and do not want to us to send you marketing messages you can do this in a number of ways:
• writing to us at the contact details set out in the Contact Us section below;
• calling our Enquiries phone number set out in the Contact Us section below; or
• changing your cookie settings –see Cookies section below.
If you notify us in any of the above ways we will stop sending you the marketing messages that you don’t want, but we will still need to send you service related messages including changes to services or terms and conditions.

COOKIES
Our websites use cookies. Cookies collect information about your use of our website, including things like your connection speed, details of your operating system, the time and duration of your visit and your IP address. The information collected by cookies enables us to understand the use of our site, including the number of visitors we have, the pages viewed per session, time exposed to particular pages etc. This in turn helps us to provide you with a better experience, since we can evaluate the level of interest in the content of our website and tailor it accordingly. We will not attempt to personally identify you from your IP address unless required to as a matter of law or regulation or in order to protect our, or our other customers’, rights.

Most browsers automatically accept cookies. You can set your browser options so that you will not receive cookies and you can also delete existing cookies from your browser. However, you may find that some parts of the site will not function properly if you disable cookies.

PROTECTING YOUR INFORMATION
We take protecting your data seriously, and will do our utmost to employ appropriate organisational and technical security measures to protect your against unauthorised disclosure or processing. Unfortunately we cannot guarantee the security of transmitting information via the internet. We have tried to create a secure and reliable website, however, we have no responsibility or liability for the security of personal information transmitted via the internet.

CHANGES TO PRIVACY POLICY
Please note that this policy will be reviewed and may change from time to time. The revised policy will be posted to this page so that you are always aware of the information we collect, how we use it and under what circumstances we disclose it.