Last Updated: 24/05/2018
We are committed to protecting your personal information and to being transparent about what information we hold and how we use it. Unique Party understands its obligations to you to help you understand how and why we process your personal data.
Our data protection policies and procedures are governed by Data Protection Act 2018 (“DPA”) and, from 25th May 2018, the EU General Data Protection Regulation (“GDPR”). Please be advised that the law in this area is rapidly evolving, and we anticipate this statement may be revised in the future.
What information does the Company collect about you?
- Personal data, or personal information, means any information related to an identified or identifiable natural person from which that person can be identified. This does not include your organisation’s data/information, or data/information where your identity has been removed (i.e., anonymous data).
- Where you have provided it to the Company, we will collect, store, and use the following categories of personal information about you as follows:
- Identity Data –including personal details such as your name and title
- Contact Data –including your addresses, telephone numbers, and personal e-mail addresses
- Financial Data –including bank account details, and your credit or debit card information
How is your personal information collected?
- We will occasionally solicit and collect information and data from you in order to conduct our business together, and in the process will encourage and/or require you to provide us with your organisation’s information and data. However, we may not recognise that your organisation’s information/data may also be considered by you to be your personal information. By way of example, you may use an e-mail address for both organisational/business and personal purposes. Although we endeavour to secure and protect all information and data with which you have entrusted us, where we determine that a person cannot be reasonably identified from the information/data provided, the Company reserves the right to characterise the information and data you provided to us as information/data of your organisation (as opposed to your personal information). Such information/data will not be deemed personal information unless specifically identified by you in writing as such.
- We primarily collect personal information about you through our direct interactions with you or by a representative authorized by you to make such disclosures on your behalf. For example, you may give us your Identity, Contact, and/or Financial Data when you register with us for a customer account, or when you purchase our products during the sales process.
- If you are a new customer, we may collect personal information about you from a third party source, such as a trade reference that you have provided us, for credit reference purposes. If in the future we intend to collect personal information from other third party sources, we will provide you with notice about the purpose for our doing so, and any other relevant information you may need to consider our intentions.
How will your personal information be used?
- Unique needs to keep and process the personal information provided about you for purposes that include:
- enabling us to comply with any contracts or legal requirements related to our business relationship with you;
- pursuing the legitimate business interests of the Company (including the running and administration of our business, shipping logistics, product development, recovery of debts owed to us, fraud prevention, and/or reporting potential crimes); and
- protecting our legal position in the event of legal proceedings.
We will never process your personal data where our legitimate business interests are overridden by your own individual rights and interests.
- If you fail to provide certain information when requested, we may be unable in some circumstances to comply with our obligations (e.g., updating you on product availability, timely shipping of your purchases, etc.) and we will tell you about the implications of that decision. It is important that the information we hold about you is accurate and current. Please keep us informed if the information you provided changes during your relationship with us.
- Where we do not have a legitimate interest or other lawful basis for keeping and processing your personal information, we will seek your consent prior to doing so.
- You will receive marketing communications from us if you have provided us with Identity and Contact Data when requesting information from us or when setting up a customer account with us and, in either instance, where you have expressly consented to receive those communications. You may opt-out from these marketing communications at any time, by following the “unsubscribe” instructions given in those communications, or by contacting us in writing (see contact details below).
- Other than as mentioned below, we will only disclose information about you to third parties if we are legally obliged to do so, for fraud prevention purposes, for the running and administration of our business, or where we otherwise need to comply with our contractual and legal duties to you. For one example, we may need to pass on certain information to a trade reference whose information you have provided in your new customer account application form. For another example, we may need to pass on your Identity and Contact Data to a haulier or carrier in order to process and ship your order.
- Where your personal information is transferred within the UK, or the European Economic Area (“EEA”), the third party will be required to comply with and safeguard the personal information under the terms of the GDPR and/or the DPA, as appropriate.
- We may transfer your personal information outside of the EEA, but only to our parent company in the USA and solely for purposes connected with your customer account or the management of the Company’s business, including compliance with our legal or contractual responsibilities to you. For such limited and necessary transfers of data, you can expect a similar degree of protection with respect to your personal information, as we have in place safeguards such as firewalls, password protected systems, and encrypted e-mail communications to ensure the security of your data.
- The Company will keep your personal data only as long as is necessary for the purpose(s) for which it was collected, and will be securely stored until such time as the Company deems it no longer necessary to retain.
- If in the future we intend to process your personal data for a purpose other than that which it was collected, we will provide you with notice about that purpose and any other relevant information.
What are your rights?
- Under the GDPR and DPA you have a number of rights with regard to your personal data:
|Access||Please contact us if you would like confirmation that your data is being processed and access to your personal data.|
|Rectification||Please inform us of any data which you would like rectified and we will usually respond within a month of the request.
We will pass on the changes to any third parties who need to change their records and let you know this has been done.
|Erasure||You may exercise your right to have your personal data erased in a number of circumstances (one example: if the data is no longer necessary in relation to the purpose for which it was collected). If you have provided consent for the processing of your data, you also have the right (in certain circumstances) to withdraw that consent at any time which will not affect the lawfulness of the processing before your consent was withdrawn. Where possible, we will honor such requests, though we reserve the right to judge what information we must continue to hold to be able to fulfill our legal and/or contractual obligations, as well as our legitimate business interests.|
|Restrict Processing||You can tell us that we can keep your data but must stop processing it, including preventing future communications.
If possible we will inform any third parties to whom your data has been disclosed of your desired restriction.
|Data Portability||Your data is stored across manual records and our databases. We will do our best to provide information in a portable format, if requested.|
|To Object||If we can, we will stop processing your data if you object to processing, and your objection is based on legitimate interests or the performance of a task in the public interest/exercise of official authority.
We will stop processing your data for direct marketing if you tell us to.
|Not to be subject to automated decision-making, including profiling||We do not use any automated decision-making|
- There is no charge for accessing your personal information (or to exercise any of the other rights listed above). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive, or refuse to comply with the request in such circumstances.
- If you wish to exercise any of your rights set forth above, please contact us in writing (see contact details below).
- You have the right to lodge a complaint to the Information Commissioners’ Office at https://ico.org.uk/concerns if you believe that we have not complied with the requirements of the GDPR or DPA with regard to your personal data.
Identity and contact details of controller and data protection compliance managers
- Unique Party is the controller for your personal data for the purposes of the DPA and GDPR.
- We have tasked employees with responsibility for managing and monitoring our compliance with relevant legislation in relation to the protection of your personal data. If you have any concerns as to how your data is processed you can contact us at firstname.lastname@example.org, or you can write to us using the address of Unique Party, Medford House, Scunthorpe, North Lincolnshire, DN16 1DE.