This Policy describes how we collect and process your Personal Data through your use of this website, including any data you may provide to us or that we receive from third parties as described in Section 3 of this Notice.
Who we are
We are Symington’s Limited (“Symington’s”) a company registered in England and Wales. Our company registration number is No. 02528254 and our registered office is at SYMINGTON’S LIMITED, Thornes Farm Business Park, Pontefract Lane, Leeds, LSP 0DN. Our registered VAT number is GB758415702.
You can contact us by using the details contained within this Policy.
There are important terms used within these Terms and Conditions:
- “we” “our” and “us” means Symingtons Limited;
- “you” and “your” means the consumer using this website;
- “Controller”, “Processor”, “Data Subject”, “Personal Data”, “Personal Data Breach”, “processing” and “appropriate technical and organisational measures” have the meanings attributed to them within the Data Protection Legislation;
- “Data Protection Legislation” means the UK Data Protection Legislation and any other European Union legislation relating to personal data and all other legislation and regulatory requirements in force from time to time which apply to a party relating to the use of Personal Data (including, without limitation, the privacy of electronic communications).
- “UK Data Protection Legislation” means all applicable data protection and privacy legislation in force from time to time in the UK including the General Data Protection Regulation ((EU) 2016/679); the Data Protection Act 2018; the Privacy and Electronic Communications Directive 2002/58/EC (as updated by Directive 2009/136/EC) and the Privacy and Electronic Communications Regulations 2003 (SI 2003/2426) as amended.
It is important that you read this Policy together with any other privacy notices we may provide to you when we are collecting or processing Personal Data about you so that you are fully aware of how and why we are using your data. This Policy supplements other privacy policies and is not intended to override them.
For more information regarding your privacy, you can contact our privacy team by emailing firstname.lastname@example.org
INFORMATION ABOUT US
We are the Data Controller and our Data Protection Officer is Lisa Rowlinson Brown
Data Privacy Team
We have appointed a Data Privacy team who are responsible for overseeing questions in relation to this Policy.
If you have any questions about this Policy, including any requests to exercise your legal rights, please contact the Data Privacy team using the details below.
Email address: email@example.com
Postal address: Far Lane, Leeds, West Yorkshire, LS90DN
You have the right to make a complaint at any time to your local regulatory authority whose detail can be found https://ico.org.uk/. However, we would appreciate the chance to deal with your concerns before you approach the authority so please contact us in the first instance.
Helping Us Keep Your Personal Data Up To Date
It is important that the Personal Data we hold about you is accurate and current. Please keep us informed if your Personal Data changes.
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you.
We do not control these third-party websites and are not responsible for their privacy policies or data handling. You should read the privacy terms for all third-party websites you visit to find out how they handle your Personal Data.
Children and This Website
This website is not aimed at or intended for children under the age of 18.
PERSONAL DATA WE COLLECT
‘Personal Data’ is any information about an identifiable living individual but does not include information which you cannot link to a specific person, such as Aggregated Data, as described below. Your Personal Data is therefore information about and linked to you.
We may collect, use, store and transfer different kinds of your personal data, which may include:
- (a) Identity Data such as first name, last name, title, marital status, date of birth and gender.
- (b) Contact Data such as home address, billing address, email address and telephone numbers.
- (c) Financial Data such as bank account and payment card details if you order goods from us.
- (d) Transaction Data such as details of purchases you have made from us.
- (e) Technical Data such as internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- (f) Profile Data such as your website username and password, purchases or orders made by you and information about your interests, preferences, feedback and survey responses.
- (g) Usage Data such as information about how you use our website, products and services.
- (h) Marketing and Communications Data such as your preferences in relation to receiving marketing from us and third parties and for the ways we communicate with you.
We also collect, use and share Aggregated Data such as statistical or demographic data. Aggregated Data may be derived from your Personal Data but is not Personal Data because it does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to find out how many users access a specific website feature.
If we combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data and will process it as set out in this Notice.
We may collect some items of Special Category Personal Data (which includes information about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data) but will only do so where we believe it is necessary in connection with issues relating to our products or for some other reason that we will advise to you when we request your consent to collect the data.
Failure to Provide Personal Data Where Requested
Where we need to collect Personal Data by law or under the terms of a contract we have with you and you do not provide that data when requested, we may not be able to perform the contract we either have or are trying to enter into with you (for example, to provide you with goods or services) and so we may have to cancel the contract we may not be able to provide you with the products or services for which that Personal Data is required. Similarly, where we need to collect Personal Data under the terms of a contract we have with you, and you do not provide that data when requested, we may not be able to perform the contract we either have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel the contract you have with us.
HOW YOUR PERSONAL DATA IS COLLECTED
We use various methods to collect your personal data, including:
a. Directly from you - where you give us Personal Data such as your Identity, Contact, and Marketing Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes Personal Data you provide when you:
- apply to receive our products or services;
- create an account on our website;
- subscribe to our service or publications;
- request marketing to be sent to you;
- enter a competition, promotion or survey;
- contact us on social media (such as Instagram, Facebook, or Twitter);
- give us some feedback or raise a concern or complaint.
In addition, if you contact us by phone, email or otherwise, we may keep a record of that correspondence.
b. By automated means – when you interact with our website, we may automatically collect Technical Data about your equipment and browsing actions and patterns. We collect this Personal Data by using cookies and other similar technologies, which use small pieces of computer code to help us understand how consumers interact with our website and communications. We may also receive Technical Data about you if you visit other websites employing our cookies.
Please see our COOKIE NOTICE for further details.
c. From third parties and publicly available sources. We may receive Personal Data about you from various third parties and publicly available sources as set out below:
- Technical Data from analytics providers such as Google;
- contact, financial and transaction data from providers of technical, payment and delivery services;
- identity and contact data from data brokers or aggregators such as Nielsen and Starcom, which have operations inside the European Union; and
- identity and contact data from publicly availably sources such as Companies House and the Electoral Register based inside the EU.
HOW WE USE YOUR PERSONAL DATA
We will only use your Personal Data when the law allows us to. Most commonly, we will use your Personal Data in the following circumstances:
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
Generally, we do not rely on consent as a legal basis for processing your Personal Data although we will get your consent before sending third party direct marketing communications to you via email or text message.
You have the right to withdraw consent to marketing at any time by contacting us at firstname.lastname@example.org
We may use your Personal Data for or in connection with the following purposes:
a. Where necessary to establish and perform your contract with us, such as where you buy products directly from us;
b. Where necessary to comply with a legal obligation:
- in connection with any potential or actual corporate transaction or transfer of employment arising in relation to a business transfer or change of service provider in which case Personal Data may only be processed to the extent permitted by applicable law
- in compliance with applicable procedures, laws or regulations including in relation to retaining records of business activities and payment of taxes;
- to make disclosures to law enforcement agencies or in connection with legal claims, health & safety compliance, regulatory, investigative and disciplinary purposes (including disclosure of such information in connection with legal process or litigation)
c. Where necessary for our legitimate interests in connection with the purposes listed below, and where our interests are not overridden by your data protection rights:
- the proper conduct and development of our businesses and operations;
- research including consumer and market preferences to assist with the operation and development of our business;
- assisting with the development of existing and creation of new products and services;
- the manufacture of our products and supply of those products to our customers;
- promotional and marketing activities (including running competitions and prize draws) in relation to our business and products;
- other disclosures required in the connection with promoting or marketing of us and our products and/or services;
- financial and other forecasting and modelling;
- operation, maintenance and development of our systems, networks and the equipment associated with or connecting to those systems and networks;
- development of our business through mergers, acquisitions, disposal and other corporate actions;
- dealing with actual and potential shareholders, investors and other stakeholders in our business;
- maintenance and protection of our physical and intellectual property and assets;
- protecting corporate and personal security (which may include use of CCTV and other visual or audio monitoring);
- recording, responding to, dealing with and resolving matters arising in respect of our products or staff;
- recording, responding to, dealing with and resolving actual or potential complaints from customers and consumers;
- investigations to ensure compliance with or identify/confirm any potential breaches of any applicable procedures, laws or regulations;
- establishing, exercising or defending legal rights;
- working with suppliers to whom we have outsourced business or other services;
- in connection with business acquisition, disposal or reorganisations other than where information is exchanged in connection with a legal obligation as set out above; and
- processing necessary for the purposes of other legitimate interests pursued by us.
PROMOTIONAL OFFERS FROM US
We may use your identity, contact, technical, usage and profile data to form a view on what we think you may want or need, or what kinds of products and services may be of interest to you. This is how we decide which products, services and offers to include in marketing messages we send.
You can ask us to stop sending you email marketing messages at any time by clicking on the “unsubscribe” link within the message or by contacting us at email@example.com
You can obtain further information on the legitimate interests balancing exercises which we have carried out by contacting us at firstname.lastname@example.org
SHARING YOUR DATA WITH THIRD PARTIES
We may share your data with third parties, including other companies within the Symington’s Limited group and with third-party service providers who provide services to us as further explained below.
Where we provide Personal Data to contractors and suppliers who provide services to us, including assistance with the processing activities set out in this notice, we will enter into a data processing agreement (including provisions required by GDPR) with those contractors and suppliers.
In order to fulfil our legal and other obligations and in connection with our rights including protection of our legitimate interest, we reserve the right to disclose Personal Data (or Special Category Data as appropriate) to law enforcement agencies, regulatory bodies, government agencies and other third parties as required by law or for administrative purposes (for example, HM Revenue and Customs in the UK) and to the extent that local law allows and/or requires this.
We may transfer your Personal Data to our group companies (if applicable), partners, suppliers, law enforcement agencies and to other organisations that are located outside the EEA for the purposes of establishing and performing your contract with us, fulfilling legal obligations, and where necessary to fulfil our legitimate interests described above, where our interests are not overridden by your data protection rights.
The laws of some jurisdictions outside the EEA may not be as protective as Data Protection Laws in the EEA. We will ensure that, for such jurisdictions, appropriate measures are in place for compliance with Data Protection Law in relation to transfer of Personal Data to those jurisdictions.
We have legal duties to keep various records and records need to be held for different periods of time, depending on their contents.
We will therefore keep Personal Data for as long as we reasonably consider we may need to in connection with those obligations.
Where we do not have to keep Personal Data for a period specified by law we will not keep Personal Data for longer than Data Protection Law allows us to.
For further information about our approach to data retention, please contact us at email@example.com
YOUR LEGAL RIGHTS
Under Data Protection Laws you are entitled to ask us for a copy of your Personal Data and to ask for it to be corrected, edited or have its processing restricted. In certain situations, you may also be entitled to ask us to delete your Personal Data or transfer some of your Personal Data to other organisations.
You may also have rights to object to some processing of your Personal Data although we may be required to continue that processing if it is required in connection with legal obligations.
Your Personal Data rights may be limited or subject to exceptions in some situations; for example, where we demonstrate that hawse have a legal requirement to process your data, such as where tax authorities require us to retain it or where it is needed for proper performance of a contract.
Where hawse have asked for your consent to process Personal Data and that consent is withdrawn, we will not process that Personal Data further but may not be able to continue providing the goods or services for which the Personal Data was sought.
Where hawse have a legal right or obligation to retain Personal Data or wishes to do so in connection with its legitimate interests, it may do so even if you have withdrawn consent for us to hold your Personal Data.
Where we require Personal Data to comply with legal or contractual obligations, the provision of such data is mandatory. If such data is not provided we will not be able to continue our relationship with you, or meet legal obligations placed on us. In all other cases, provision of requested Personal Data is optional.
IF YOU HAVE CONCERNS ABOUT YOUR PERSONAL DATA
For any concerns or questions about how we processes your Personal Data or have any questions in relation to your rights in respect of your personal data, please contact us at firstname.lastname@example.org
In the first instance you should raise all data concerns with us at but you also have the right to complain directly to data protection authorities at any time. The relevant data protection authority for the UK is the Information Commissioner’s Office (“ICO”) https://ico.org.uk/.
CHANGES TO THIS NOTICE
We may change this Policy at our discretion and in the event we do so we will make the revised Policy available via our websites.
Previous versions of this Notice are archived HERE
Publication Date: 17th August 2020
© Symington’s Limited 2020