Privacy Policy

Data controller: Parmley Graham Limited,

South Shore Road, Gateshead, Tyne and Wear, NE8 3AE

Parmley Graham Limited collects and processes your personal data when you interact with us.  For the purposes of this Privacy Policy, references to “we”, “us” or “the organisation” shall refer to Parmley Graham Limited.  The organisation is the data controller of your personal data and is responsible for complying with data protection laws.  The organisation is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.

This notice applies to all suppliers, customers and other parties who utilise the services of Parmley Graham Limited.

By providing your personal data, you acknowledge that we may use it only in the ways set out in this Privacy Policy.

From time to time we may need to make changes to this Privacy Policy, for example as the result of government regulation, new technologies, or other developments in data protection laws or privacy generally and will provide you with a new privacy notice when we make substantial updates.

 

Our privacy principles

When we collect and use your personal data, we ensure we look after it properly and use it in accordance with our privacy principles below whereby the personal information we hold about you must be:

 

·        processed fairly and lawfully and in a transparent way;

·        obtained only for specific, lawful purposes;

·        adequate, relevant and not excessive;

·        accurate and kept up to date;

·        not held for any longer than necessary;

·        processed in accordance with the rights of data subjects;

·        protected in appropriate ways;

·        not be transferred outside the European Economic Area (EEA), unless where necessary and that country or territory also ensures an adequate level of protection.

 

What personal data do we collect?

We collect and process a range of data about you. This may include:

 

·        contact details such as name, email address, postal address and telephone number;

·        financial information and information about the nature of your business, such as bank details, credit card details and information obtained as a result of our credit checks;

·        details of your interactions with us through our branches or online;

·        information about the nature of your business and commercial assets;

·        your image may be recorded on CCTV when you visit a Parmley Graham site;

·        information obtained through our use of cookies.  You can find out more about this in our cookies policy; and

·        your marketing preferences.

 

How do we collect your personal data?

We collect, store and process personal data directly from you:

 

·        via enquiry;

·        when you create an account with us;

·        when you purchase any of our products or services;  

·        through quotes;  

·        via our telephone calls with you;

·        via emails; 

·        when you provide your details to us either online or offline;

·        when you engage with us on social media;

 

How do we use your personal data?

We mainly use your personal data to provide you with goods and services.  There are a number of other reasons we use your personal data, as explained in the list below.

In specific situations we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business, whilst ensuring that such business needs do not interfere with your rights and freedoms and do not cause you any harm.  Where we list legitimate interests as a reason, we also describe below what we believe these legitimate interests are.

In specific situations, we can collect and process your data with your consent.  We will usually only ask for your consent when providing marketing information to you, including information about other products and services.  This will be made clear when you provide your personal information.  If we ask for your consent we will explain why it is necessary.

 

What we use your personal data for

Our reasons (legal basis)

Explanation of our legitimate interests

Set up your customer account

Legitimate interest

Process efficiency in dealing with such activity

Provide you with quotes

Legitimate interest

Process efficiency in dealing with such activity

Process your order, to supply you with goods and services

Contractual obligation

Fulfil the contract

Notify you of your order status

Legitimate interest

Process efficiency in dealing with such activity

Manage your account

Legitimate interest

Maintaining our business records

Detect, investigate and report financial crime (eg Fraud)

Legal compliance

NA

Undertake marketing communication, to inform you about other products and services

Consent

NA

The use of CCTV to record images for security.

Legitimate interest

To protect our customers, premises, assets and employees from crime

 

Who has access to the data?

Your information may be shared internally within the organisation, including with the Directors, members of the HQ finance team, IT staff and branch employees if access to the data is necessary for performance of their roles.

Also, we may sometimes share your data with trusted third parties that process the data on our behalf.  We share only the personal information they need to perform their specific services and they may only use your data for the reasons we’ve described.

We work closely with the third party data processors to ensure your privacy is respected and protected at all times.

 

How do we protect the data?

The organisation takes the security of your data seriously. We have internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties.

We secure access to our systems and access to your personal data is password protected.

We regularly monitor our system for possible vulnerabilities and attacks, and we carry out penetration testing to identify ways to further strengthen security.

We work closely with the third party data processors to ensure your privacy is respected and protected at all times.

 

For how long do we keep the data?

We will only retain your personal data for as long as is necessary to fulfil the purposes for which it is collected.

When assessing what retention period is appropriate for your personal data, we take into consideration:

·        the requirements of our business and the services provided;

·        any statutory or legal obligations;

·        the purposes for which we originally collected the personal data;

·        the lawful grounds on which we based our processing;

·        the types of personal data we have collected;

·        the amount and categories of your personal data; and

·        whether the purpose of the processing could reasonably be fulfilled by other means.

 

Your duty to inform us of changes

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with us.

 

Your rights / contacting the regulator

As a data subject, you have the following rights in relation to our use of your personal data:

 

-         The right to access your personal data

You are entitled to a copy of the personal data we hold about you and certain details of how we use it

 

-         The right to rectification

We take reasonable steps to ensure that the personal information we hold about you is accurate and complete. However, if you do not believe this is the case, please contact us by using the details shown in your documentation and you can ask us to update or amend it.

 

-         The right to erasure

In certain circumstances, you have the right to ask us to erase your personal information, for example where the personal information we collected is no longer necessary for the original purpose or where you withdraw your consent. However, this will need to be balanced against other factors, for example according to the type of personal information we hold about you and why we have collected it, there may be some legal and regulatory obligations which mean we cannot comply with your request.

 

-         The right to restriction of processing

In certain circumstances, you are entitled to ask us to stop using your personal information, for example where you think that the personal information we hold about you may be inaccurate or where you think that we no longer need to process your personal information.

 

-         The right to data portability

In certain circumstances, you have the right to ask that we transfer any personal information that you have provided to us to another third party of your choice. Once transferred, the other party will be responsible for looking after your personal information.

 

-         The right to object to direct marketing

You can ask us to stop sending you marketing messages at any time. Please see the Marketing section at the end of this page for more information.

 

-         The right not to be subject to automated decision-making

We do not use automated decision-making

 

-         The right to withdraw consent

For certain uses of your personal information, we will ask for your consent. Where we do this, you have the right to withdraw your consent to further use of your personal information.

 

If you would like to exercise any of these rights, please contact email: privacy@parmley-graham.co.uk, address: Parmley Graham Ltd, South Shore Road, Gateshead, Tyne and Wear, NE8 3AE.

 

If we choose not to action your request we will explain to you the reasons for our refusal.

 

If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.

You can contact them by calling 0303 123 1113.
Or go online to https://ico.org.uk/make-a-complaint/ (opens in a new window; please note we can't be responsible for the content of external websites)

If you are based outside the UK, you have the right to lodge your complaint with the relevant data protection regulator in your country of residence.

 

Marketing

We are committed to only sending you marketing communications that you have clearly expressed an interest in receiving. If you wish to unsubscribe from emails sent by us, you may do so at any time by following the unsubscribe instructions that appear in all emails or by sending an email, from the email address you wish to have unsubscribed, to unsubscribe@parmley-graham.co.uk.