Privacy Policy

Website Privacy Policy

A) INTRODUCTION

This website is operated by Yorkshire Profiles Ltd. We take our privacy very seriously and urge you to read this policy because it contains important information about who we are, how and why we collect, store and use your data, your rights in relation to your data, and how to contact us in the event that you have a complaint or with you exert your right to be forgotten by us.

B) DEFINITIONS

“Personal data” is information that relates to an identifiable person who can be directly or indirectly identified from that information, for example, a person’s name, identification number, location, online identifier. It can also include pseudonymised data.

“Data processing” is any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

C) DATA PROTECTION PRINCIPLES

Under GDPR, all personal data obtained and held by us must be processed according to a set of core principles. In accordance with these principles, we will ensure that:

a) processing will be fair, lawful and transparent
b) data be collected for specific, explicit, and legitimate purposes
c) data collected will be adequate, relevant and limited to what is necessary for the purposes of processing
d) data will be kept accurate and up to date. Data which is found to be inaccurate will be rectified or erased without delay
e) data is not kept for longer than is necessary for its given purpose
f) data will be processed in a manner that ensures appropriate security of personal data including protection against unauthorised or unlawful processing, accidental loss, destruction or damage by using appropriate technical or organisation measures
g) we will comply with the relevant GDPR procedures for international transferring of personal data

If you would like to exercise your rights to be forgotten following the completion of your order, please contact us on the below email address.

D) TYPES OF DATA HELD

Yorkshire Profiles Ltd (‘we’ or ‘us’) collect and use certain information about you and/or your business. When we do so we do so under the principles of the General Data Protection regulations which apply across the European Union (including the United Kingdom) and we are responsible as the “controller” of that information for the purposes of these regulations.

Specifically, we collect and hold the following types of data:

a) name, business name, address, phone number, email address, order history and password.

a.  You provide this information to us upon registration of our online system.
b. The information is initially held on a consent basis (by way of registration) and can be deleted at any time on your right to be forgotten.
c. If an order is placed, this information is held contractually. Upon billing, the information is held legally for a period of 6 years for tax purposes.

b) We do not store payment details, but they may be processed and stored by a third-party payment processor. Their details will be shown to you when payment is requested.

a. You provide this information if you choose to pay via Credit/Debit Card.
b. The information is processed on a contractual basis to complete an order.
c. The information will be stored securely by Global Payments on a legal basis (Tax purposes and Fraud prevention).

c) Cookies are used for visitor tracking. Where possible we anonymise IP data to prevent you from being identified, but where the website contains embedded content (e.g. videos or snippets from other suppliers) additional cookies may exist.

a. All non-essential cookies are consented to via a pop-up window.
b. Cookies can be deleted at any time by clearing your internet history or running cleaning applications.
c. Visitor tracking information stored via Google Analytics is deleted after 14 months.

d) If you register for our newsletter, we will store your name and email address.

a. You provide us with this information upon registration for the newsletter.
b. The process is double opt-in. This means you will also have to click inside a confirmation email to say you would like to receive the newsletter.
c. You can unsubscribe at any time by clicking unsubscribe in any received newsletter.

E) INFORMATION YOU PROVIDE ABOUT THIRD PARTIES

If you provide us with information relating to another person or business, you confirm that the other person, or the business owner/director have appointed you to act on their behalf and agreed that you:

a) Can consent on their behalf to the processing of the data required to place the order with us
b) Shall receive any data protection notices on their behalf
c) Can consent on their behalf to the transfer of their personal/business data abroad

F) MONITORING AND RECORDING COMMUNICATIONS

We may monitor communications such as emails and telephone calls for the following purposes:

a) Quality Assurance and Policy Compliance
b) Completion of enquiry/Order

G) COOKIES AND SIMILAR TECHNOLOGIES

A cookie is a small text file placed on to your computer or electronic device when you access our website. These can be used to track users’ actions and activities and to store information about them. We use cookies on this website to monitor and collect information on:

a) Traffic data for the website
b) Embedded videos may contain cookies which will track your location if you allow it.
c) User login tracking for moderators of the website.
d) Where we use a “Content Delivery Network” to speed up performance of the website.

This information helps us to analyse the use of our website and boost its performance for you, the end user.

Cookies can be deleted at any time by clearing your internet history or by clicking here. There are several cookie blocking options available for your browser but may affect the loading performance of the site.

CookieTypeDurationDescription
Content DeliverysessionThis cookie is used to track which servers are delivering you various parts of the website when we are using a Content Delivery Network to speed up the performance of the website.
Cookie Policypersistent1 YearA beast of all irony. This cookie lets the website know if you have already seen and accepted the cookie policy.
Google Analyticspersistent24 hours

Used to count the number of visitors and pages visited.

Google Analyticspersistent2 YearsUsed to count the number of visitors and pages visited. IP anonymised so cannot identify you from stored data.
Google Analyticspersistent24 HoursUsed to count the number of visitors and pages visited. IP anonymised so cannot identify you from stored data.
Google Analyticspersistent6 hoursUsed to count the number of visitors and pages visited. IP anonymised so cannot identify you from stored data.
Google Website Call Conversionpersistent3 MonthsGoogle Website Call Conversion
Online QuotingsessionThis cookie keeps you logged in if you are using our online quoting tools.
Online QuotingsessionUsed by our online quoting tool to maintain your position in the system.

H) HOW AND WHY WE USE YOUR INFORMATION

We collect information about users of the online ordering system on our website for the purpose of:

a) Order processing and completion

We may share your information with the following third parties as part of the contractual obligation of completing your order:

b) The company responsible for our online ordering system, for the purpose of transferring your order to us digitally.
c) Payment Processing company; if paying by Credit/Debit card.
d) Couriers for the purpose of delivering your order
e) Our accounting company for the purpose of sending an invoice and/or receipt for payment
f) Our banking institution for the purpose of invoice financing.

We will hold your personal information for the purpose of completion of the order placed with us through our online system. In order to complete the order, this information is transferred to our customer database.

Information provided by you for the purpose of order completion is required under the lawful basis of contractual obligations, as without this information we cannot complete the requested order for you.

I) DATA SECURITY

We have appropriate security measures in place to prevent personal information being lost or used or accessed in an unauthorised way.  We limit access to your personal/business information to those who have a genuine business need to know it – our data processors. Those data processors will process your information in an authorised manner and are subject to a duty of confidentiality.

Data provided through our online ordering system is stored on a secure server for the purpose of order completion. Data transfers take place with HTTPS connections.

We have procedures in place to deal with any suspected data security breach – our Data Breach Notification Policy – and we would notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

While we take every reasonable effort to secure your personal/business data, in using any website, including ours, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal/business data that is transferred from you or to you via the internet. If you have any particular concerns, please contact us on the below email/postal address.

J) THIRD PARTY PROCESSING OUTSIDE OF THE EEA

Through the use of our online ordering system, your personal/business data is transferred outside of the European Economic Area to the following country:

a) Australia

This transfer is undertaken for the purpose of:

b) Personal/business information is required for the contractual purpose of order completion when this information is sent to us through our online ordering system, the servers for which are geographically located in Australia

Australia is not currently on the list of countries with the same data protection laws as the EEA. Whilst the European Commission has not given a formal decision that such countries provide adequate levels of data protection similar to those that apply to us, any transfer of your personal/business information will be subject to this, and our other, data protection, storage and transference policies, that will safeguard your privacy rights and give you remedies in the unlikely event of a security breach in accordance with the GDPR Articles.

K) REQUIREMENT TO NOTIFY BREACHES

All data breaches will be recorded on our Data Breach Register. Where legally required, we will report a breach to the Information Commissioner within 72 hours of discovery. In addition, where legally required, we will inform the individual whose data was subject to breach.

More information on breach notification is available in our Breach Notification policy.

L) RECORDS

The Company keeps a Customer Database for the purpose of order completion. It is your right, should you so choose, to be erased from this list at any time.

Orders, including .dxfs, on our system are retained for the purpose of reference in ensuring that repeated orders are priced and processed correctly. These records are retained for 6 years from the data of completion in order to comply with the Tax Management Act 1970, relating to VAT records. Should you exercise your right to be erased from our records, records of your orders will be included in this erasure, with the exception of information required under the Tax Management Act for the purpose of VAT records.

The company also keeps a record of any errors made in processing orders, through a Problems and Improvements Log as part of our ISO9001 certification. This Log contains information relating to a customer’s name/company name and the details of the order. This record does not include information relating to customer contact information. We require this information for the purpose of maintaining our ISO9001 certification, and for the purpose of Quality Assurance and Error Correction.

M) DATA PROTECTION COMPLIANCE

Our appointed compliance officer in respect of our data protection activities is:

Amy-Juliet Reeves Rowley Halliwell
Quality Assurance Coordinator, Yorkshire Profiles

This privacy policy was published on 31/05/2018 and last updated on 31/05/2018

We may change this privacy policy from time to time. You should check this policy occasionally to ensure you are aware of the most recent version that will apply each time you access this website. We will notify users of the website of any changes to the privacy policy by a notice in the form of a blog post on the website, with links on the home page.

CONTACTING US

If you have any questions about this policy, any other of our data policies, or the information we hold about you, please contact us by:

Email:  quality@yorkshireprofiles.co.uk

Post:   Yorkshire Profiles Ltd
Quality Department – Data Protection
Unit 6A
Hessay Industrial Estate
York
YO26 8LE

Telephone: (01904) 737095

CREATE AN
INSTANT QUOTE

Register for an online account and you can create your own quotes instantly, 24/7! If it's just flat profiles you require, you can use this service to place orders today.

SIGN IN / REGISTER

Need Help?
Call us today on:

01904 737095

or email the team directly at:
sales@yorkshireprofiles.co.uk

Keep up to date
With our latest news

View our blog

Menu