Our website uses cookies to place bookings and help us provide a better service. Continue to use the site as normal if you're happy with this, or click here to change your settings.
×

Privacy Notice – Stapleton’s (Tyre Services) Ltd (“Stapleton’s”)

Personal Data Definition
The law defines “personal data” as any information that can be used to identify an individual.

Personal Data Held
The personal data Stapleton’s holds about your business employees could include but not exhaustive to: title, first initial, surname, physical location, contact telephone numbers, vehicle registration, appointments, where vehicle was seen and by whom, when and why vehicle was seen, value spent, type of payment method used and relevant related comments.

Personal Data Storage
Stapleton’s holds personal data in a secure cloud environment within approved data centres that are mindful of EU and UK General Data Protection Regulations. Information collated from all sectors of the organisation is stored in a protected repository and processed in line with company policies.

Personal Data Usage
Stapleton’s uses personal and anonymised data to applying searches and algorithms to predict future business, identify business opportunities, marketing, assess risk factors etc., and under certain circumstances links that data to other Organisational data.

Personal Data Reporting
Personal and business data is used to report on the performance of the Organisation including statistical information, customer satisfaction and audits. Other data reported on includes but not exhaustive to: associated tyre brands and other related consumables. Where appropriate and lawful we share bespoke business data with approved third parties.

Personal Data Legal Compliance
Personal data is collected, processed and stored in accordance with current Data Regulations.

Where possible and practical, personal data is processed with the consent of the person concerned, however, there are times when there is a legal obligation, public interest or legitimate business interest in collating and processing personal data which overrides an individual’s wishes. Examples include for tax and law enforcement requirements.

1 Data Controller contact details Stapleton’s (Tyre Services ) Ltd
Fourth Avenue, Letchworth Garden City, Hertfordshire, SG6 2TT
2 Data Protection Officer contact details Group-Data-Protection@etelimited.co.uk
3 Purpose of the processing Computerised searches of some or all of our records to identify product (and safety) recalls, business interests and associated brands. This is known as “risk stratification” and sometimes carried out by linking our records with other records. The results of these searches are produced using approved and contracted services to provide the most appropriate advice, investigation opportunities and marketing communications.
4 Lawful basis for processing The legal basis for this processing is:

Article 6: “necessary …. In the exercise of official authority vested in the Controller”

The Organisation recognises your rights established under UK case law collectively known as the “Common Law Duty of Confidentiality”
5 Recipient or categories of recipients of the shared data Appropriate data will be shared for processing only with those who have a legitimate and contracted business reason.
6 Rights to object You have the right to object to the processing where it might result in a decision being made about you. That right is based on implied consent under the Common Law of Confidentiality, Article 22 of GDPR (automated individual decision-making, including profiling)

You have the right to object to some or all of the personal information being shared under certain circumstances but the organisation has the overriding responsibility to comply with the law.

You should be aware that this is a right to raise an objection, which is not the same as having an absolute right to have your wishes granted in every circumstance.
7 Right to access and correct You have the right to access the personal data that is being shared (via a subject access request) and have any inaccuracies corrected. The subject access request should ideally be in writing (i.e. written word or email) and once the appropriate due diligence identification checks have been verified with the Data Protection Officer, collation of the information requested will be performed, redacted where appropriate and forwarded in a format agreed with the requestor in accordance with data law requirements.
8 Retention period The data will be retained for active use during the processing and thereafter according to the organisations retention policy and mindful of data regulations.
9 Opting Out If you wish to "Opt Out" of receiving communications including marketing you can:

Email:
marketing@stapletons-tyres.co.uk

Post to:
Marketing Department, Fourth Avenue, Letchworth Garden City, Hertfordshire, SG6 2HU
10 Right to Complain Should you have a complaint relating to the handling of your personal identifiable data, in the first instance please forward your concerns to any of the following:

Via Post:
Group Data Protection Officer, Stapleton’s Tyres, Fourth Avenue, Letchworth Garden City, Hertfordshire, SG6 2HU

Via Email:
Group-Data-Protection@etelimited.co.uk

Via Internet:
Via the contact forms on our website at: www.stapletons-tyres.co.uk

Thereafter if you believe the Organisation has not addressed your complaint related to the management of your personal data you have the right to complain to the Information Commissioner’s Office, you can use this link https://ico.org.uk/global/contact-us/

or calling their helpline Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate)

There are National Offices for Scotland, Northern Ireland and Wales, (see ICO website)

Responsible Owner: GDPO Responsible Author: V. Penn Version: 10 Date: May 2021