Security and performance
We are Exmoor Printers, company registration number 10397687
, located at Exmoor Printers, Tregonwell Road, Minehead Somerset, TA24 5DU
We maintain the security and performance of our data handling systems and website through controls which are part of our Information Security Management System (ISMS) complying with the requirements of ISO 27001.
We have carried out assessments of the legal basis for processing personal data and have concluded that this is necessary on the grounds of contractual and legal obligations together with our legitimate interests for the use of client and employee data for our commercial interests and employment respectively.
How we use your information
Visitors to our websites
When someone visits our website we collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our website.In order to provide you with our products and services, or to reply to any enquiries, we collect professional information (e.g. business related data) about you and your company submitted to our websites, passed on during telephone conversations, included in emails and mobile messaging and any other form of written or verbal communication. For example, we might keep a record of your name, work address and associated delivery addresses, work email address and work telephone number/s.We also hold the IP addresses of visitors to the website.
The retention of this data is subject to periodic review every 2 years.
We have detailed below the 3rd parties we share your data with
Where we want to collect personal data we will make this clear and will explain what we intend to do with it.By continued use of our website, you consent to the Company collecting analytical and professional information about you and your organisation in accordance with the terms set out in this Policy.You also consent to the Company using the analytical and professional information for market research, marketing, sales, customer relationship management (CRM), operational, financial and legal purposes in accordance with the terms set out in this Policy.
We offer various services to the public and professionals. We have to hold the details of the people who have requested the service in order to provide it. However, we only use these details to provide the service the person has requested and for other closely related purposes. For example, we might use information about people who have requested a service to carry out a survey to find out if they are happy with the level of service they received. The retention for this data is periodically reviewed every 6 months.
Persistent Cookies for Site Analytics and Performance
Cookie name:Google (Analytics)
Search queries and results are logged anonymously to help us improve our website and search functionality. No user-specific data is collected by us or any third party.
Where The Trade Buys send out a E newsletter/ marketing material to keep our customer up to date with products and offers. This may be done via email or telephone . We use a third party service Mailchimp for some of these services, for more information please visit https://mailchimp.com/legal/privacy/. We use MediaWorks for SEO, PPC and UI improvement to see more information please visit https://www.mediaworks.co.uk/privacy-policy/. We also use Trust Pilot to rate our service. We only send/contact existing customers that have purchased from Where The Trade Buys services or customers who have previously signed up to our Print Inspiration Journal. Customers can cancel their subscription at any time and are given an easy way of doing this.
We use a third party service, Atlas, to publish our blog and our website is run by Climb Creative. For more information about Climb Creative
Any email sent to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
We use a third-party provider Stripe to provide a secure payment method for all purchases from exmoorprinters.co.uk. For more information please visit https://stripe.com/gb/privacy
We use Third Party providers to deliver goods purchased form Exmoor Printers. We only use the required details to provide the service the person has requested.
When we receive a complaint from a person we make up a file containing the details of the complaint. This normally contains the identity of the complainant and any staff members involved in the complaint.
We will only use the personal information we collect to process the complaint and to check on the level of service we provide. We do compile and publish statistics showing information like the number of complaints we receive, but not in a form which identifies anyone.
We usually have to disclose the complainant’s identity to whoever the complaint is about. If a complainant doesn’t want information identifying him or her to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.
We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained for three years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.
Similarly, where enquiries are submitted to us we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.
Under the Data Protection Act and EU GDPR, you have rights as an individual which you can exercise in relation to the information we hold about you, namely;
• The right to be informed; why we process the personal data, who we share the data with and how long we will store the data for (see above)
• The right of access
• The right to rectification
• The right to erasure
• The right to restrict processing
• The right to data portability
• The right to object
• The right not to be subject to an automated decisionYou can read more about these rights at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
Access to personal information and the excising of rights
We try to be as open as we can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘Subject Access Request’. If we do hold information about you we will:• give you confirmation as to whether or not we are holding any personal data about you and if yes, a description of it;
• tell you why we are holding it and how long for
• tell you your rights in respect of personal data held by us
• tell you who it could be disclosed to;
• let you have a copy of the information in an intelligible form.However the right to obtain a copy must not adversely affect the rights and freedoms of othersTo make an enquiry about any personal information we may hold, you need to put the request in writing addressing it to our Data Protection Officer, at the address provided below.If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.If we do hold information about you, you can ask us to correct any mistakes or exercise any of your other rights by, once again, contacting the Data Protection Officer.
Disclosure of personal information
Generally we will not disclose personal data to third parties not listed in this Policy without your consent. However there may be circumstances where we can pass on personal data without consent for example, to prevent and detect crime and to produce anonymised statistics
Complaints or queries
Links to other websites
How to contact us
You can write to:
The Data Protection Officer
Somerset TA24 5DU
Or email – firstname.lastname@example.org