This privacy policy and general privacy notice applies to Care Staff Direct LTD. Wetake your privacy seriously, and this policy and notice has been drafted in accordance with the requirements of the General Data Protection Regulations(GDPR). This privacy notice explains how we look after your personal data (in all situationswhere we collect your data) and sets out your privacy rights and explains howthe law and our approach to privacy and personal data protects you.This privacy notice supplements any other privacy notices that we may provide toyou at the point that wecollect data from you and should be read in conjunction withthose notices.
Our status and details
For the purpose of the GDPR we are the data controller and any enquiry regardingthe collection or processing of your data should be addressed to our PrivacyManager using the contact details below:
Name or title: Amandeep Singh
Email address: info@carestaffdirect.com
Postal address: 156-158 Belgrave Gate, Leicester LE1 3XL
By using the Website you consent to this policy. Information we collect; we will collect, process and store personal data only if it is directly provided to us byyou. You may do this in your capacity as the user of this Website, by enquiring inrelation to our goods or services, becoming a customer or supplier, or potentialsupplier. Personal information covers any information which relates to you as an identifiableperson.
Below are examples of the type of data that this may include:
(a) Identity Data including forenames, last name, maiden name, date ofbirth, gender, marital status, and username or similar identifier.
(b) Contact Data may include invoicing; purchase order; home or workaddress, email address and telephone numbers, personal or job titleand position.
(c) Financial Data may include bank account and payment card details.
(d) Special Category Data for example health or medical data, detailsabout your race, religion, sex and political opinions.
(e) Transaction Data may include payments made for products andservices you have purchased from us, or in relation to payments thatwe have made to you.
(f) Technical Data may include internet protocol (IP) address, browsertype and version, time zone setting and location, browser plug-intypes and versions, operating system and platform and other technology on the devices used to access this Website.
(g) Profile and Usage Data may include enquiries submitted by you,purchases information, feedback and survey responses, and how youuse our website, products and services.
(h) Marketing Data may include details of any preference that you haveadvised us of in relation to marketing communications from us.
We may also collect non-personal data such as Aggregated Data which isdata that may be obtained from your personal data, but which does notdirectly or indirectly identify you. This may include Usage Data detailinghow you use our Website and the features and areas that you have interacted with.
How do we collect your personal data?
A range of different methods may be used to collect data which may include
the following methods:
(a) Direct interactions with us in person, by post, phone, email orotherwise. You may give us your Identity, Contact and FinancialInformation.
(b) Automated technologies or interactions with our website, by usingthe web enquiry form. You may give us Identity, Contact andFinancial Information.
(c) Third parties or publicly available sources (third parties may be usedin processing Identity, Contact and Financial categories of personal data).
Data accuracy
It is important that the data that we hold about you is accurate and up to date. In theevent that your data changes please notify us so that we can update our records.
Use of your information
We may hold and process personal data that you provide to us in accordance withthe GDPR.
The information that we collect and store relating to you is primarily used:
(a) To enable us to provide our services to you, to communicate with you and tomeet our contractual commitments to you. This may include Identity, Contact,Financial and Transactional data.
(b) To notify you about any changes to our business, such as improvements toour Website or service/product changes, that may affect our service orrelationship with you. This may include Identity and Contact data.
(c) If you are an existing customer, we may contact you with information aboutgoods and services similar to those that were the subject of a previous sale toyou. This may include Identity and Contact data.
(d) Where you have consented to receive such information, to provideinformation on other parties’ products or services that we feel may be ofinterest to you. This may include Identity, Contact and Marketing data.
(e) Where you have consented to receive our e-newsletters to provide that toyou. This may include Identity and Contact data.
(f) Where we need to comply with a legal obligation. This may include Identity,Contact and Transactional data.
(g) Where it is necessary for our legitimate interests (or those of a third party)and your interests and fundamental rights do not override those interests.
This may include all types of data.
Where we collect your data for marketing purposes we will always request yourconsent, at the point the data is collected, to use your data for that purpose.
We will always obtain your prior consent to sharing your personal data with any thirdparty for their marketing purposes. This may be to enable relevant third parties toadvise you of products or services that may be of interest to you.
We will only use your personal data for a reason other than the purpose for which itwas originally obtained if we consider that we need to use it for that other purposeand have a legitimate interest in doing so.
Disclosure of your information
There are a range of circumstances where we may disclose your data to third parties.
These include:
(a) Regulatory bodies. We may disclose your data to regulatory bodies to enableus to comply with the law and to assist fraud protection and minimise creditrisk. This may include Identity, Contact and Transactional data.
(b) Our Suppliers. We may disclose your data to third parties that are involved inthe fulfilment of our services to you. This may include Identity, Contact andTransactional data.
(c) Third party marketing. Where you have consented for us to do so, we mayprovide your data to selected third parties who may contact you about theirgoods or services that you may be interested in. This may include Identity,Contact and Marketing data.
(d) Business sale. We may disclose your personal data outside of ourorganisation: (a) in the event that we sell or buy any business or assets, inwhich case we may disclose your personal data to the prospective seller orbuyer of such business or assets; and (b) if GS Electrical services’ business is bought by a third party, in whichcase personal data held by it about its customers will be one of the assets totransfer to the buyer. However, any such transfer will only be on terms thatthe confidentiality of your personal data is protected and that the terms of thisprivacy policy will continue to be complied with by the recipient.Please be advised that we do not reveal information about identifiable individuals toour advertisers, but we may, on occasion, provide them with Aggregated Data aboutour Website visitors and customers.
Controlling the use of your data
Where we rely on consent as the lawful basis for processing your data you canrevoke or vary that consent at any time.If you do not want us to use your data or want to vary the consent that you have provided you can write to us at the address detailed in clause 2 or email us at info@carestaffdirect.com at any time.
Data storage and the transfer your data
As part of the services offered to you, for example through our Website, theinformation you provide to us may be transferred to and stored in countries outside ofthe European Economic Area (EEA) as we use remote website server hosts toprovide the website and some aspects of our service, which may be based outside ofthe EEA, or use servers based outside of the EEA – this is generally the nature ofdata stored in “the Cloud”. It may also be processed by staff operating outside theEEA who work for one of our suppliers, e.g. our website server host, payment processing provider, or work for us when temporarily outside of the EEA.A transfer of your personal data may happen if any of our servers are located in acountry outside of the EEA or one of our service providers is located in a countryoutside of the EEA.If you use our service while you are outside the EEA, your personal data may betransferred outside the EEA in order to provide you with these services.If we transfer or store your personal data outside the EEA in this way, we will takesteps with the aim of ensuring that your privacy rights continue to be protected, asoutlined in this privacy policy. Where we use suppliers based in the US, we maytransfer data to them if they are part of the Privacy Shield which requires them toprovide similar protection to personal data shared between the Europe and the US.
Security
The transmission of information via the Internet or email is not completely secure.Although we will do our best to protect your personal data, we cannot guarantee thesecurity of data while you are transmitting it to our site; any such transmission is atyour own risk.We have put in place security measures to prevent your data from accidental, loss ordisclosure. Once we have received your personal data, we will use strict proceduresand security features to try to prevent unauthorised access.
The length of time that we retain, and store data depends on the purpose for which itwas collected. We will only store data for as long as is required to fulfil that purpose,or for the purpose of satisfying legal requirements.It is a legal requirement that we keep certain data about our customers and suppliersfor at least six years. The type of data includes Contact, Identity, Financial andTransaction Data.Where you have requested that we provide you with marketing materials we willretain your data until such time as consent is withdrawn by you.
Use of cookies
Our Website uses cookies. We use cookies to gather information about yourcomputer for our services and to provide statistical information regarding the use ofour Website. Such information will not identify you personally – it is statistical dataabout our visitors and their use of our Website. This statistical data does not identifyany personal details whatsoever.We may also gather information about your general Internet use by using a cookiefile. Where used, these cookies are downloaded to your computer automatically. Thiscookie file is stored on the hard drive of your computer, as cookies containinformation that is transferred to your computer’s hard drive. They help us to improveour Website and the service that we provide to you.All computers have the ability to decline cookies. This can be done by activating thesetting on your browser which enables you to decline the cookies. Please note thatshould you choose to decline cookies, you may be unable to access particular partsof our Website. Where we work with advertisers on our Website, our advertisers mayalso use cookies, over which we have no control. Such cookies (if used) would bedownloaded once you click on advertisements on our Website.]
Third-Party Data Processors
We use a number of Third-Party Data Processors to process personal data on ourbehalf. Listed below are the Third-Party Data Processors currently operating on thiswebsite. Each of these Third-Party Data Processors has been carefully chosen andis responsible for achieving their own GDPR compliance. An external link to eachProcessor’s Privacy Policy / Statement has been included for reference.
Google Analytics
(a) Like most websites, this website uses Google Analytics tracking to monitoruser interaction. We may use this data to assess the number of peoplevisiting our site and their engagement with our content to better understandtheir behaviour and to ultimately provide a better user experience.
(b) To view the types of data collected by Google Analytics, see:
https://www.google.com/analytics/analytics/features/
(c) The data collected is held for a retention period of 26 months.
(d) To view Google’s Data Protection Statement, see:
https://privacy.google.com/businesses/compliance
(e) Though Google Analytics records data such as your device, Internet browser,operating system and geographical location, none of this information ispersonally identifiable to us. Google Analytics also records your computer’s IPaddress, which could be used to personally identify you, but Google Analyticsdoes not grant us access to this information. Subsequently, any requests forthe retrieval of personally identifiable data that is recorded and stored byGoogle Analytics should be submitted directly to Google.
AddThis Share Buttons
(a) This website may include the integration of the AddThis Share Buttonssoftware application, allowing our visitors to share the web page they arecurrently viewing via email and/or their social networks.
(b) To discover what AddThis share bars do, see:
https://www.addthis.com/academy/guide-addthis-share-buttons
(c) Although AddThis tracks generalised analytical data by default, anyfunctionality regarding data collection and processing has subsequently beenproactively disabled.
(d) For your reference however, we have included a link below to AddThis’Privacy Policy: https://www.addthis.com/privacy/privacy-policy.
Your rights
The GDPR gives you a range of rights in relation to the personal data thatwe collect from.
You have the right to:
(a) Access your personal data. This right is commonly known as the‘data subject access request’ and enables you to receive a copy ofthe personal data we hold about you. You will not need to pay a fee to access your personal data unless we can justifiably demonstratethat the request is repetitive or excessive. We will respond to alllegitimate data access requests within one month, but we may needto obtain further information from you in order to confirm your identityand the legitimacy of the request.
(b) Request update of the personal data. This enables you to have anyincomplete or inaccurate data corrected.
(c) Erasure of your personal data. This enables you to ask us to deletepersonal data where there is no justifiable reason for us continuing toretain and process it. We may not always be able to delete the datasuch as if there is an ongoing contractual relationship between us orif we are legally required to retain the data.
(d) Object to processing of your personal data where we are relyingonconsent or our legitimate interests (or those of a third party) as thejustification for processing the data.
(e) Restrict the processing of your personal data. This enables you toask us to change the processing of your personal data. For example,you may wish to vary the basis on which we contact you.
(f) Request the transfer of your personal data to you or to a third party.We will provide to you, or a third party you have chosen, yourpersonal data in a structured, machine-readable format.
(g) Withdraw consent. Where we are relying on consent to process yourpersonal data you may withdraw that consent. If you withdraw yourconsent, we may not be able to provide certain products or servicesto you. We will advise you if this is the case at the time you withdrawyourconsent.You can exercise these rights at any time by writing to us at the address detailedabove, or by email to info@carestaffdirect.com
Third party links
You might find links to third party websites on our website. If you click a link to a third-party website and visit that site, you may be allowing that site to collect andshare certain data about you. These websites should have their own privacy policies,which you should check. We do not accept any responsibility or liability for theirpolicies whatsoever as we have no control over them.
Changes to this policy
We may update these policies to reflect changes to the website and customerfeedback. Please regularly review these policies to be informed of how we areprotecting your personal data.
We welcome any queries, comments or requests you may have regarding thisPrivacy Policy. Please do not hesitate to contact us.