This policy applies to all the personal data we process regardless of how it was captured by electronic means, paper records, in person or via social media and how that data is stored or whether it relates to past or present customers, supplier contacts, shareholders, website users or any other Data Subject.
We are 100% committed to protecting your personal information and we shall always be transparent with you about how we are using your details. This document outlines how we do this, and regardless of the personal data we hold we shall process your personal data in full accordance the EU General Data Protection Regulation GDPR and the UK Data Protection Act 2018. We will be open about what information we collect, why we need it, and how we intend to use it. This document explains how we obtain, collect, process and store information about you, if we share with any third parties and details of your rights.
Carlton Forest Group Holdings Limited, is a registered company in England & Wales with company number OC387052 and registered with the UK Information Commissioners Office under the reference ZA414654.
Full business contact information is at the end of this policy.
Carlton Forest Group Holdings Limited have core beliefs regarding your data:
• We will never sell, rent, distribute or make public your personal data
• Data should only be collected and processed when absolutely necessary
• We have duty of care to hold this data safe
• The rights of the data subject remain lawful, fair and transparent
Who is responsible for managing my information?
This website is owned and maintained by Carlton Forest Group Holdings Limited. It is hosted within the UK. All traffic (transferral of files) between this website and your browser is encrypted and delivered over HTTPS.
We do utilise cloud computing applications which may result in data being stored outside of the UK.
On what basis do we process your information?
We collect your personal data directly from our website and via email and telephone. We maintain records of customer contact, which falls under the lawful basis of legitimate interest (GDPR Article 6(f)) and under the lawful basis of being necessary for the performance of a contract (GDPR Article 6(b)).
Personal data is processed entirely for the legitimate interest of maintaining contact between us and you (our customer, or potential customer) in order to deliver our service and fulfil any contracts, which exist between us. We do not process any special category data within the meaning of GDPR.
What information do we collect?
Personal and sensitive data is required to allow us to provide our services to our clients. We will obtain your name, company and contact details and details of any colleagues with whom we may need to communicate.
Cookies are small text files that are placed on your computer when you access a website. These allow websites to do several important things, including remember what’s in your shopping basket and which pages you have visited.
Our website is exclusively an informational site and collects no personal data, nor is it used as an online store. We have selected the option in our website builder to prevent the placing of tracking cookies on your browser.
We do not serve up advertisements or knowingly take part in any scheme that would allow your online behaviour to be tracked for the purposes of identity discovery.
For detailed information on the cookies we use and the purposes for which we use them see our cookies policy
How do we use and store your information?
The information you provide may be used in a number of ways, for example:
• To personalise visits to our website, through Google Analytics we are able to understand how our clients found our website and are able to track their journey through the website which enables us to provide a better service. Google Analytics does not identify our clients.
• To have the opportunity to comment on Our News and Blog posts you will have entered your name, email address which will be saved together with the comment, your computers IP address and the date and time the comment was submitted. Your comment and associated data will remain on the site until the blog post or your comment is removed. If you’d like to have your comment removed please email us at firstname.lastname@example.org. We recommend that you avoid entering any personal identifiable data in the comment blog post.
• To tell you about other products and services we think may be of interest to you via an Email NewsLetter, which is sent directly from our CRM system. You may unsubscribe at any time by clicking the link at the bottom of the newsletter or by emailing us and asking us to remove you from this service.
• By using the Contact Forms and Email links, the data you input will be not be stored but will be collected and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by SSL meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the Internet.
Do we ever share personal data ?
We would only do so under a legitimate request from a law enforcement agency.
Do you have any third-party processors?
As previously mentioned we interact with third parties who also comply with the relevant regulations and legislation.
When can we contact you in the future?
We would like to send you information about our own products and services. We may do this by post, telephone, email or SMS, unless you have told us that you do not wish to be contacted in this way.
If you would like to change any of your preferences relating to the way in which we may use your information for direct marketing, then please update your user preferences or send an email to email@example.com You may unsubscribe at any time by clicking the link at the bottom of the newsletter and emails or by emailing us and asking us to remove you from this service.
How long will we hold your information for?
Data will not be retained where it is no longer needed for a legitimate purpose.
• review the length of time we keep personal data; consider the purpose we hold the information for in deciding whether (and for how long) to retain it.
• securely delete information that is no longer needed
• update, archive or securely delete information if it goes out of date.
• comply with our legal requirements and professional guidelines on retention of records
How can you access and update your information?
You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please email or write to us at the address noted at the bottom of this policy.
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.
Does this policy apply to linked websites?
What happens if there is a data breach?
As per the GDPR regulations all data breaches will be reported to the ICO within 72 hours. This includes those of any 3rd parties where it’s apparent that personal data stored has been compromised.
Who can we contact if we have any queries about this policy or how our data is processed ?
By email: firstname.lastname@example.org
Or write to us at Carlton Forest Group, Carlton Forest, Worksop, Nottinghamshire, S81 0TP
Or call us on 44 (0)1909 540000
The Data Protection Officer’s email address is email@example.com
How can we make a complaint?
You can contact us at the above address, alternatively the supervisory authority in the UK for data protection matters is the Information Commissioner (ICO) www.ico.org.uk . If you think your data protection rights have been breached in any way by us, you are able to make a complaint to the ICO. The ICO Helpline number is 0303 123 1113.