Privacy Notice – Stapleton’s (Tyre Services) Ltd (“Stapleton’s”)
Personal Data Definition
The law defines “personal data” as any information that can be used to identify a living individual.
Personal Data Held
The personal data Stapleton’s holds about your business employees include but not exhaustive to: title, first initial, surname, physical location, business address, contact telephone numbers, email address, vehicle registration, appointments, where identified vehicle was seen and by whom, why the vehicle was seen, value spent, type of payment used, and other related data such as private addresses for associated mobile businesses and tyre fittings.
Personal Data Storage
Stapleton’s holds personal data in a secure cloud environment within approved data centres that are mindful of EU and UK General Data Protection Regulations. Information collated from all sectors of the organisation is stored in a protected repository and processed in line with company policies.
Personal Data Usage
Stapleton’s uses personal and anonymised data, applying searches and algorithms to predict future business, identify business opportunities, marketing, assess risk factors etc., and under certain circumstances links that data to other Organisational data.
Personal Data Reporting
Personal and business data is used to report on the performance of the Organisation including statistical information, customer satisfaction and audits. Other data reported on includes but not exhaustive to tyre brands and related consumables. Where appropriate and lawful, we share bespoke business data with approved third parties.
Personal Data Legal Compliance
Personal data is collected, processed and stored in accordance with current Data Regulations.
Where possible and practical, personal data is processed with the consent of the person concerned, however, there are times when there is a legal obligation, public interest or legitimate business interest in collating and processing personal data which overrides an individual’s wishes, such as for tax and law enforcement requirements.
| 1 | Data Controller contact details | Stapleton’s (Tyre Services ) Ltd Fourth Avenue, Letchworth Garden City, Hertfordshire, SG6 2TT |
| 2 | Data Protection Officer contact details | Group-Data-Protection@etelimited.co.uk |
| 3 | Purpose of the processing | Computerised searches of some or all of our records to identify product (and safety) recalls, business interests and associated brands This is known as “risk stratification” and sometimes carried out by linking our records with other records. The results of these searches are produced using approved and contracted services to provide the most appropriate advice, investigation opportunities and marketing communications. |
| 4 | Lawful basis for processing | The legal basis for this processing is: Article 6: “necessary …. In the exercise of official authority vested in the Controller” The Organisation recognises your rights established under UK case law collectively known as the “Common Law Duty of Confidentiality” |
| 5 | Recipient or categories of recipients of the shared data | Appropriate data will be shared for processing only with those who have a legitimate and contracted business reason. |
| 6 | Rights to object | You have the right to object to the processing where it might result in a decision being made about you. That right is based on implied consent under the Common Law of Confidentiality, Article 22 of GDPR (automated individual decision-making, including profiling) You have the right to object to some or all the personal information being shared under certain circumstances, but the organisation has the overriding responsibility to comply with the law. This is a right to raise an objection, which is not the same as having an absolute right to have your wishes granted in every circumstance. |
| 7 | Right to access and correct | You have the right to access a copy of the personal data that the company hold about you (via a subject access request (SAR)) and have any inaccuracies corrected. A SAR can be made via verbally or in writing. Once the appropriate identification checks have been verified with the Data Protection Officer, collation of the information requested will be performed, redacted where appropriate and forwarded in a standard format agreed with the requestor in accordance with data legislation. |
| 8 | Retention period | Data is retained for active use during the processing and thereafter according to the organisations retention policy and mindful of data regulations. |
| 9 | Opting Out | If you wish to "Opt Out" of receiving communications including marketing you can: Email: marketing@stapletons-tyres.co.uk Post to: Marketing Department, Fourth Avenue, Letchworth Garden City, Hertfordshire, SG6 2HU |
| 10 | Right to Complain | Should you have a complaint relating to the handling of your personal identifiable data, in the first instance please forward your concerns to any of the following: Via Post: Group Data Protection Officer, Stapleton’s Tyres, Fourth Avenue, Letchworth Garden City, Hertfordshire, SG6 2HU Via Email: info@Stapletons-tyres.co.uk Via Internet: Via the contact forms on our website at: www.stapletons-tyres.co.uk Thereafter if you believe the Organisation has not addressed your complaint related to the management of your personal data you have the right to complain to the Information Commissioner’s Office, you can use this link https://ico.org.uk/global/contact-us/ or calling their helpline Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate) There are National Offices for Scotland, Northern Ireland and Wales, (see ICO website) |
| Responsible Owner: GDPO | Responsible Author: V. Penn | Version: 11 | Date: Oct 2024 |