Terms used in this policy:
Personal Data means any information relating to an identified or identifiable natural per-son, including, but not limited to, a first and last name, a home or other physical address and an email address or other contact information.
Data Controller means the person or organisation who determines the purposes for which and the manner in which any personal data is processed.
The Data Controller is Hayley Group Limited of Shelah Road, Halesowen, B63 3XL.
Our Data Protection Officer is Garth Brinton. Any queries about this Policy should be di-rected to Garth who can be contacted at firstname.lastname@example.org.
In the event of a serious data protection issue, there is a Group DPO who can be reached at the following email: email@example.com
Data Processor means a person or organisation which processes personal data for the Data Controller.
Data Processing is any activity that involves the use of Personal Data.
What information do we collect about you and how?
We may process the following types of personal information: your name, email address, mobile phone number, other contact details and your preferences for types of market-ing events or materials. We may also process your image through the CCTV equipment we use at our sites, as we explain further below.
We collect information about you when you register with us, place an order for products or services or fill in any of the forms on our website i.e. by sending an enquiry to us, sign-ing up for an event or our newsletter, filling in a survey, giving feedback or taking part in any competitions or promotions we may run. We may also keep information contained in any correspondence you may have with us by telephone, post, email or other com-munication.
We may collect personal information from you directly or automatically when you use our website. We may also collect and use small pieces of personal information from our suppliers (for example bank details) so that we can be in touch with you and also pay you.
We operate CCTV at our locations and we may therefore collect your image when you visit any one of our locations. Our CCTV policy can be viewed at www.hayley-group.co.uk
Our legal bases for handling this data are therefore to enable us to perform a contract with you and in addition, processing the data is necessary for the purposes of what we refer to as our "legitimate interests”. In other words, processing personal information about you is necessary for the purposes of our legitimate interests in ensuring we pro-vide to you the business services you want to receive from us. If we do not collect and handle the personal data you provide to us, we will not be able to provide to you those services.
Website usage information is collected using cookies.
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is then used to track visitor use of the website and to create statistical reports on website activity.
You can set your browser not to accept cookies but this may cause problems with the functionality of our on-line ordering system as a result.
A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser, and stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
Cookies can be used by web servers to identity and track users as they navigate different pages on a website and to identify users returning to a website.
Cookies may be either "persistent" cookies or "session" cookies. A persistent cookie consists of a text file sent by a web server to a web browser, which will be stored by the browser and will remain valid until its set expiry date (unless deleted by the user before the expiry date). A session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
You are not obliged to accept cookies and may modify your browser so that it will not accept cookies. The browser you use allows you to see cookies and control their use.
You can control them by allowing them, deleting them individually or deleting all of them. You can also set your browser to not accept cookies altogether. If this option is selected, you should be aware that many websites will not function properly or at all. It may be possible to set your browser to not accept cookies and ask for your consent before each cookie is set on your device. This gives you control over what is set on your device, however has the drawback of slowing down your browsing experience.
There are different levels of control too. You are able to prevent just third party cookies being deployed, effectively opting out of behavioural advertising, and some even allow you to block specific companies you do not wish to deploy a cookie, instead of selecting all companies.
In order to manage your cookies, please select your browser from the list below and follow the instructions:
How will we use the information about you and why?
We will only use your personal information to:
Our work for you may require your information to be passed between the companies within the Hayley Group, as we explained earlier.
In addition, and as we describe below, in the course of providing our goods and ser-vices to you, we may also need to pass your information to various, specific third parties. In these instances, we will only provide the personal information necessary to deliver our services and we require those third parties to keep secure your Personal Data so that they may not use it for their own direct marketing purposes.
The categories of third parties to whom we may need to forward your Personal Data are:
We will only use this information subject to your instructions, data protection law and our duty of confidentiality. We will not share your information for marketing purposes with companies outside of our group.
We would like to send you information about services and products of ours and other companies in our group which may be of interest to you. You have a right at any time to stop us from contacting you for marketing purposes or giving your information to oth-er members of our group.
If you no longer wish to be contacted for marketing purposes, you can stop us contacting you by sending an email to: firstname.lastname@example.org.
Access to your information, correction and deletion- your rights
The GDPR gives you certain rights in relation to the data we hold about you.
You have the right to access particular Personal Data that we hold about you. You therefore have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please email us at email@example.com or write to us at the following address: Shelah Road, Hales-owen, B63 3XL.
We shall respond promptly to any such request and in any event, within one month from the point of receiving the request and all necessary information from you. In certain (very limited) circumstances, we may make a small charge for this service. Our formal response will include details of the Personal Data we hold about you, including the following:
You also have the right to receive your Personal Data in a structured, commonly used and machine-readable format and have the right to ask us to transmit it to another con-troller if technically possible.
We want to make sure that your Personal Data is accurate and up to date. You may ask us to correct or remove without delay any information about you that you think is inac-curate by emailing us at firstname.lastname@example.org or writing to us at the above ad-dress.
You have the right to seek a restriction of the Processing of your Personal Data in certain circumstances. Further, you have the right to lodge an objection if you feel that one of the grounds relating to your particular situation apply. When you exercise your right to object, we must stop any Processing unless we can show compelling legitimate grounds for the Processing, which override your interest, rights and freedoms, or the Processing is for the establishment, exercise or defence of legal claims.
Should you wish for us to completely delete all information that we hold about you, you should please contact the Data Protection Officer, who can be contacted at email@example.com.
How long will we hold your data for?
We operate data retention provisions that set out the length of time certain types of records will be maintained by us. Where those records contain Personal Data, we will ensure that the records are destroyed securely and are only kept for as long as neces-sary to deliver your goods or services, administer your account and therefore fulfil our professional obligations to you, also taking into account our need to meet any legal, statutory and regulatory obligations with which we are bound to comply.
Further, our need to use your personal information will be reassessed on a regular basis and we will dispose securely and safely of Personal Data which we no longer require.
You will have the opportunity to opt out or update or delete data at any point should you need to do so and details are set out in this policy as to how to achieve this.
Transferring your information outside of the EEA
As part of the services offered to you through this website, the information which you give to us may be transferred to countries outside the European Economic Area. For example, some or our third-party providers may be located outside of the EEA. Where this is the case we will take steps to make sure the right security measures are taken so that your privacy rights continue to be protected as outlined in this policy. By submitting your Personal Data, you are agreeing to this transfer, storing or processing.
If you use our services while you are outside the EEA, your information may be trans-ferred outside the EU to give you with those services.
If you feel that your personal data has been processed in a way that does not comply with the GDPR, you have a specific right to lodge a complaint with the relevant supervi-sory authority. The supervisory authority will then inform you of the progress and out-come of your complaint. The supervisory authority in the UK is the Information Commis-sioner’s Office.
How to contact us
By continuing to use the site you agree to our privacy & cookies policy