At CRP, we take YOUR privacy seriously.
Like all UK and EU companies, we are complying with The General Data Protection Regulation (GDPR) to make sure your data is as safe as possible.
The General Data Protection Regulation (GDPR) and your rights
As technology develops and our private data is being used and shared in countless new ways, people are understandably becoming increasingly worried about security.
There are two key reasons why the GDPR is being introduced:
– to bring all EU member states under one common regulation;
– and to update regulations to reflect our new digital age.
You have the right to object to how we process your personal information. You also have the right to access, correct, sometimes delete and restrict the personal information we use.
In addition, you have a right to complain to us and to the UK data protection regulator, The Information Commissioner’s Office at: www.ico.org.uk.
You can contact us via our website at: www.crp.co.uk
by email to: email@example.com
or by telephone on 01706 756400.
CRP Privacy Notice
We are committed to collecting and using such data fairly and in accordance with the requirements of the GDPR.
1.1 We take your privacy seriously and you can find out more here about your privacy rights and how we gather, use and share your personal information – that includes the personal information we already hold about you now and the further personal information we might collect about you, either from you or from a third party. How we use your personal information will depend on the products and services we provide to you.
1.2 We are committed to applying the highest standards to protect your personal information and are continually evaluating and improving our processes on your behalf.
1.3 This Privacy Notice provides up to date information about how we use your personal information and will update any previous information we have given you about using your personal information (also referred to as personal data). We will update this Privacy Notice if we make any significant changes affecting how we use your personal information, and if so we will contact you to let you know about the change.
2. About us
2.1 We are what is known as the ‘controller’ and ‘processor’ of personal information we gather and use. When we say ‘we’ or ‘us’ in this Privacy Notice, we mean CRP.
3. Your privacy rights
3.1 You have the right to object to how we use your personal information. You also have the right to see what personal information we hold about you. In addition, you can ask us to correct inaccuracies, delete or restrict personal information or to ask for some of your personal information to be provided to someone else.
If necessary you can make a complaint to us regarding your data by emailing: firstname.lastname@example.org
You can also make a complaint to the UK data protection supervisory authority, the Information Commissioner’s Office, at: https://ico.org.uk.
3.2 Right to object
You can object to our processing of your personal information. If necessary, contact us as noted above, providing details of your objection.
3.3 Right to access of your personal information
You can request access to a copy of your personal information that we hold, along with information on what personal information we use, why we use it, who we share it with, how long we keep it for and whether it has been used for any automated decision making.
You can make a request for a copy of the data we hold about you free of charge by contacting our GDPR Representative at CRP Ltd, Todmorden Road, Littleborough, OL15 9EG. Please make all requests for access in writing and provide us with evidence of your identity.
3.4 Right to withdraw consent
If you have given us your consent to use personal information, you can withdraw your consent at any time by emailing: email@example.com.
3.5 Right to Rectification
You can ask us to amend or complete any inaccurate or incomplete personal information held about you by emailing: firstname.lastname@example.org.
3.6 Right to Erasure
You can ask us to delete your personal information where it is no longer necessary for us to use it, you have withdrawn consent, or where we have no lawful basis for keeping it by emailing: email@example.com.
3.7 Right to Portability
You can ask us to provide you or a third party with some of the personal information that we hold about you in a structured, commonly used, electronic form, so it can be easily transferred.
3.8 Right to Restriction
You can ask us to restrict the personal information we use about you where you have asked for it to be erased or where you have objected to our use of it.
3.9 Right to Make a complaint:
If you feel it necessary, you can make a complaint about how we have used your personal information to us by emailing firstname.lastname@example.org or by contacting the UK GDPR supervisory authority, the Information Commissioner’s Office at www.ico.org.uk
We will not make any charge for responding to any request from you to exercise your privacy rights and we will respond to your requests in accordance with our obligations under GDPR.
4. What kinds of personal information we use
4.1 We use a variety of personal information depending on the products and services we provide you with. For all products and services, we need to use your name, address and contact details.
4.2 Sometimes where we ask for your personal information needed to enter into a contract with you or to meet a legal obligation (such as a credit check), we will not be able to provide some products or services without that personal information.
5. How we gather your personal information
We obtain personal information directly from you, for example, when you enter into a contract with us, make an enquiry or place an order etc.
- How we use your personal information
To provide you with any products and services we need to know your contact details. We sometimes need to gather, use and share additional personal information for specific purposes.For business customers, we will use personal information about key individuals in the business, so we can operate and administer the products and services which we provide to the business. To do this we will use:(a) personal information about key individuals who are either a sole trader of the business or are a proprietor, director, company secretary, shareholder, partner, member, committee member, trustee, controller, beneficial owner or authorised signatory to the account of the business.(b) We may hold personal information on key individuals for the purposes of operating and administering products and services which we provide to the business. Personal information on key individuals is obtained directly from the key individual; from the business to which the key individual is linked; or from the key individual’s dealings with any member of CRP.
- Our legal basis for using your personal information
7.1 We only use your personal information where that is permitted by the laws that protect your privacy rights. We only use personal information where:
– we have your consent (if consent is needed);
– we need to use the information to comply with our legal obligations;
– we need to use the information to perform a contract with you;
– and/or it is fair to use the personal information either in our interests or someone else’s interests, where there is no disadvantage to you – this can include where it is in our interests to contact you about products or services, market to you, or collaborate with others to improve our services.8. Sharing your personal information with, or getting your personal information from, others
8.1 We will share personal information with others outside CRP where we need to do that to make products and services available to you, market products and services to you, meet or enforce a legal obligation or where it is fair and reasonable for us to do so. We will only share your personal information to the extent needed for those purposes.8.2 Who we share your personal information with depends on the products and services we provide to you and the purposes we use your personal information for. For most products and services we will share your personal information with our own service providers.8.3 Most of the time the personal information we have about you is information you have given to us, or has been gathered by us in the course of providing products and services to you.9. How long we keep your personal information for
9.1 How long we keep your personal information for depends on the products and services we provide to you. We will never retain your personal information for any longer than is necessary for the purposes we need to use it for.
10. Keeping you up to date
10.1 We will communicate with you about products and services we are delivering using any contact details you have given us e.g. by post, email, text message, social media, and notifications or via our website.
10.2 Where you have given us consent to receive marketing, you can withdraw consent by emailing email@example.com
11. How we use your personal information.
11.1 We use your personal information to provide you with products and services, to comply with the law and enforce our legal rights (including debt recovery) and to improve and market our products and services.
11.2 Sharing and transferring personal information – we share personal information with our suppliers and other third parties where needed to provide you with the best service.
11.3 Keeping personal information – we keep your personal information securely for as long as we need to, for the purposes described in section 10.
11.4 Sometimes we need your consent to use your personal information (for example for marketing). We won’t always need consent to use personal information, for example, if we need it to meet regulatory requirements or to perform a contract with you. Where you have given us consent, you have the right to withdraw it at any time.