BarnsChapel Limited takes your privacy extremely seriously. This policy sets out how we collect and process any personal data you may provide to us when you use our website, sign up for any of our services or sign up to our digital marketing.
This policy applies where BarnsChapel Limited (referred to as “we”, “us” or “our” in this privacy notice) is identified as the data controller and where we are responsible for your personal data. We are committed to ensuring that we meet all our obligations under the Data Protection Act 2018 and the General Protection Regulations 2016/679 and as amended from time to time.
If you have any questions about the way we handle and store your, please contact us.
- BarnsChapel Ltd
- Egerton House
- 55 Hoole Road
- CH2 3NJ
- Email: firstname.lastname@example.org
BarnsChapel Limited is a company registered in England and Wales Number: 12980000.
You have the right to lodge a complaint with the supervisory authority. The Information Commissioner can be contacted at; Information Commissioner’s Office, Wycliffe house, Water Lane, Wilmslow, Cheshire, SK9 5AF https://ico.org.uk/.
However, we kindly ask that before any complaints are lodged with the ICO, that you contact us first to try and resolve any issues you may have.
What data do we collect?
Personal information we may collect and process from you includes:
- Contact information – such as your name, company, address, telephone number and email address.
- Financial information – such as your bank account details or payment-related data.
- Technical information – this may include your IP address, browser details, location analytics, login details and any other technology information related with you using our site.
- Information provided to us by our clients which enable us to provide our services to their staff – this could include email addresses, account details or device identifiers.
- Any other personal information you may provide to us in the process of us providing you with our services.
Under the General Data Protection Regulation/Data Protection Act 2018, sensitive personal data is data which includes information about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data.
We may, from time to time, process sensitive information in relation to a cases being processed for costings, this may include, personal injury, medical treatment and medicines, this is not an exhaustive list as processing will be complete on a case by case basis.
How do we use your personal data?
We will only use your personal data for the following reasons:
- To provide you with the services we offer as a business
- To provide you with information you have requested from us
- To keep you updated on our business, offers and news we may have
- To manage our relationship with you as an existing or potential client
- To fulfil any legal or contractual obligations we may have which require the processing of personal data
How do we obtain your data?
We can collect data about you via a variety of methods:
- From direct actions we may have with you by communicating via phone, email or post
- When you submit an enquiry via our website
- From automated technologies or interactions as you use our website from analytics engines and cookies.
- When you provide information to us as part of our sign-up process with you as a client
- From third parties and/or publicly available sources such as your employer Companies House
Our lawful purposes for collecting and processing your information.
We have identified that we will use your information for the following reasons:
- Where we need to perform the contract between us
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
- Where we need to comply with a legal or regulatory obligation
- With your explicit consent
Where we rely on consent as a lawful purpose for processing your personal data (when you sign up to our marketing or sign up as a client), you have the right to withdraw consent (where applicable) at any time by emailing us at email@example.com
Who do we share your information with?
We may need to share your information with third parties in order to provide you with our services or to market to you, these third parties include:
- Her Majesty’s Revenue and Customs (HMRC)
- Companies House
- Our cloud providers, or any cloud-based software we may use
- Credit, reference and tenancy check agencies
- Anti-money laundering service providers
- Third-party marketing systems
Where we do share your information with third parties, we ensure that the highest levels of data protection are in place in accordance with the law. Third parties with whom we share data are only permitted to process this data for the specified purposes we stipulate with them.
We do not sell your information onto third parties.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. We may need to transfer your information outside the United Kingdom to other service providers and business partners. We will only transfer your personal information in this way where there is an adequate level of protection that is the same as the level of protection required under United Kingdom data protection legislation.
Please email us at firstname.lastname@example.org if you would like further information on the specific mechanism used by us when transferring your personal data out of the EEA.
Your personal information will be retained in accordance with our data retention policy which categorises all the data assets held by us and specifies the appropriate retention period for each data asset.
These periods are based on the requirements to keep the data for as long as necessary to fulfil the purpose for which it was collected, to meet any legal requirements or to satisfy any reporting, accounting or contractual needs.
Please contact our Data Protection Manager if you would like further information on our retention periods.
Under the General Data Protection Regulation/Data Protection Act (2018), you have certain rights regarding your personal data, these include the right to:
- Request access to your personal data
- Request correction of your personal data
- Request erasure of your personal data
- Object to processing of your personal data
- Request restriction of processing your personal data
- Request transfer of your personal data
- Right to withdraw consent
You may exercise any of these rights by raising a subject access request with us. You can do this by contacting our Data Protection Manager.
We will not charge you for making a request and we will make all reasonable efforts to respond to you within 30 days. Sometimes it may take longer than 30 days to gather all the information we may hold on you; in this situation we will always keep you updated.
You can instruct us at any time to stop processing your personal data for the purposes of marketing.
We may refuse your request or withhold any personal information that you request if there is an overriding legal reason for us to do so.
BarnsChapel Ltd takes the security of your information extremely seriously. In order to protect your data, we implement a risk-based approach to adopt the strongest organisational and technical controls in order to protect the confidentiality, integrity and availability of your data.
We keep this policy under regular review. This policy was last reviewed on 1st December 2020. Any questions about this policy should be directed to us using the following email address: email@example.com .