Privacy Policy

Introduction:

 Our policy is to respect the privacy of individuals and to maintain compliance with the General Data Protection Regulations (GDPR).

We are dedicated to ensuring that all information about individuals who visit our website and social media platforms is kept as secure as possible.

This policy outlines the information we collect and how we use it. This policy applies to information collected through our website and other sources, including social media, email and over the phone.

We only collect personal information on a voluntary basis. We do not require this information to obtain access to our website or our social media sites.

The General Data Protection Regulations (GDPR) (2018) requires the us to be open about the information that it holds on you and uses.

You have the right to withdraw your consent to processing of data. Please contact the Data Protection Officer in writing.

This policy complies with the General Data Protection Regulations May 2018.

The GDPR regulates the processing of personal data, and protects the rights and privacy of all living individuals, for example by giving all individuals who are the subject of personal data a general right of access to the personal data which relates to them. Individuals can exercise the right to gain access to their information by means of a ‘subject access request’. Personal data is information relating to an individual and may be in hard or soft copy (paper/manual files; electronic records; photographs; CCTV images), and may include facts or opinions about a person.

We have obligations imposed on it by the General Data Protection Regulation (GDPR) to ensure that all information about individuals is collected and used fairly, stored safely and securely, and not disclosed to any third party unlawfully. We must ensure that our policies are written in a clear, plain way that everyone will understand.

Individuals have various rights under the legislation including a right to:

  • be told the nature of the information we hold and any parties to whom this may be disclosed.
  • prevent processing likely to cause damage or distress.
  • prevent processing for purposes of direct marketing.
  • be informed about the mechanics of any automated decision taking process that will significantly affect them.
  • not have significant decisions that will affect them taken solely by automated process.
  • take action to rectify, block, erase or destroy inaccurate data.
  • sue for compensation if they suffer damage by any contravention of the legislation.
  • request that the Office of the Information Commissioner assess whether any provision of the Act has been contravened.
  • We will only process personal data in accordance with individuals’ rights.

This policy outlines the information we collect and how we use it.

GDPR Principals:

In order to comply with our obligations, we undertake to adhere to the GDPR principles:

1) Process personal data fairly, lawfully and transparently

We will make all reasonable efforts to ensure that individuals who are the focus of the personal data (data subjects) are informed of the purposes of the processing, any disclosures to third parties that are envisaged; given an indication of the period for which the data will be kept, and any other information which may be relevant.

2) Data collected for a specified and legitimate purpose

We will ensure that the reason for which it collected the data originally is the only reason for which it processes those data, unless the individual is informed of any additional processing before it takes place.

3) Ensure that the data is adequate, relevant and not excessive in relation to the purpose for which it is processed

We will not seek to collect any personal data which is not strictly necessary for the purpose for which it was obtained. Forms for collecting data will always be drafted with this mind. If any irrelevant data are given by individuals, they will be destroyed immediately.

4) Keep personal data accurate and, where necessary, up to date.

We will review and update all data on a regular basis. It is the responsibility of the individuals giving their personal data to ensure that this is accurate, and each individual should notify us if, for example, a change in circumstances mean that the data needs to be updated. It is the responsibility of the company to ensure that any notification regarding the change is noted and acted on.

 

 

 

5) Only keep personal data for as long as is necessary

We undertake not to retain personal data for longer than is necessary to ensure compliance with the legislation, and any other statutory requirements. This means we will undertake a regular review of the information held and implement a weeding process.

6) Put appropriate technical and organisational measures in place against unauthorised or unlawful processing of personal data, and against accidental loss or destruction of data.

The Data Protection Officer is responsible for ensuring that any personal data which is held is kept securely and not disclosed to any unauthorised third parties.

We will ensure that all personal data is accessible only to those who have a valid reason for using it.

We will have in place appropriate security measures, which are reviewed annually.

In addition, we will put in place appropriate measures for the deletion of personal data.

Data Protection Officer:

 

Our Data Protection Officer is the Clive Wheatley. Any queries or complaints should be addressed to sales@mgv8parts.com

 

Data collected via our website:

 

If you visit our website, you have the option of contacting us via the contact form. You will be asked to provide your name, email address and contact telephone number. You will then be contacted by our team to discuss your enquiry.

If you choose not to purchase anything this time, your details will be securely deleted and not retained by the business.

Data collected when purchasing our products:

When you choose to purchase our products, you will be asked to provide your name, address, email address and contact telephone number. These details are used for invoicing purposes and kept for 6 years in line with HRMC requirements.

When taking payment by credit card or debit card, we securely delete the details as soon as a payment has been successfully processed. We do not store this data.

Third party:

We have various delivery partners who require customers name and address in order to arrange delivery of your purchase. By placing an order with us, you agree to your personal details being issued to our delivery partners. We ensure that our partners are GDPR compliant.

We will only pass information to other third parties, if we have a legal obligation to do so. We may pass data on to HMRC, should we be required.

The company do not pass your data onto any other third party, without your explicit consent.

Transparency and Choice:

You may at any time contact the company and ask what information we hold on you. You may ask us to update this information if it is incorrect, which we will strive to do as quickly as possible.

What do do if you would like your data erased:

Please write to the Data Protection Officer if you wish for data to be erased. However, there may be circumstances where we are unable to do this (to fulfil our legal responsibilities).

Information Security:

All data is password protected and only accessible by authorised staff. We take appropriate cyber precautions and review our security regularly.

Changes:

Our Privacy Policy may change from time to time. We will not reduce your rights under this policy without your explicit consent. We will inform you of any Policy changes at the earliest opportunity.

Clubs & Associations