This privacy notice is a public declaration of how AS Built Ltd applies the Data Protection Principles and Rights afforded to individuals by the General Data Protection Regulation (GDPR), to the personal data that we process. AS Built Ltd is committed to complying with the principles relating to the processing of personal data under GDPR.
Who We Are
At AS Built Ltd, we are committed to keeping your information private and secure. This notice sets out the personal data we collect and what we will do with it.
If you have any questions about this policy, you can email us at firstname.lastname@example.org or call us on 01773 823431. You can also write to us at 30 Market Place, Belper, Derbyshire, DE56 1FZ.
We take care to protect the privacy of our employees, clients, suppliers, subcontractors and their associates.
The Data That We Collect
We may collect and process the following personal data about you:
- Name and/or Company name
- Date of birth
- Business and/or residential address
- Email address
- Phone number
- Demographic information, such as postcode, preferences and interests
- Financial data
- Website usage data
- Other information relevant to customer enquiries
- Other information pertaining to special offers and surveys
- Analytics from Google Analytics
- Contact data from the Contact form on our website
- Documentary evidence confirming your identity and address (such as a passport, driving licence or council tax bill)
- Records of communications (e.g. call recordings, emails and chat transcripts)
- Information about your personal finances (including bank statements)
- Other information that you provide to us voluntarily
How We Use Your Data
- To provide a quote to potential Customers, at the request of the Customer or their Representative
- To provide purchase orders for the requirement of services of our customers to our Suppliers and/or Subcontractors
- To fulfil our contract contractual obligations as part of the services we provide
- For employee payroll and customer/supplier/subcontractor payment purposes
- For our own internal records
- To improve the products and services we provide
- To contact you in response to a specific enquiry
- To send you promotional emails about products, services, offers and other things we think may be relevant to you
How We Share Your Data
We may share your personal information with third parties in the following circumstances:
- Suppliers and sub-contractors for the performance of any agreement we enter with them or you.
- We may report to credit reference and fraud agencies as described below in accordance with our legal obligations, we may permit law enforcement agencies to access and use your personal data to detect, investigate and prevent crime
- To providers of software platforms which enable us to provide services to you and your business (such services will include email, data analytics, hosting and data storage)
- To providers of telecommunications and postal mail services
- Social media sites, for the purposes of conducting market research and running marketing campaigns (it is important to note that when sharing data with these sites, we ensure that your data is only used in accordance with our instructions)
- We may instruct third parties to act on our behalf in order to collect an outstanding debt.
Protecting Your Data
We take appropriate and reasonable technical and organisational measures to protect Personal Information from loss, misuse, unauthorised access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the Personal Information. We keep the majority of data in electronic format on our servers that are encrypted, backed-up and secured externally by our nominated service provider.
The period for which we may retain data about you will depend on the purposes for which the data was collected, whether you have requested deletion of the data, and whether we have any legal obligation to retain the data (for example, for regulatory compliance). We will not retain data about you for longer than is necessary to fulfil the purposes for which the data was collected. For example, we will typically keep your data for up to 10 years following our final communication as part of our legal requirement to keep both contractual and financial records for periods of between 6 and 10 years depending on the type of contract undertaken at the time.
Your personal data is protected by legal rights, which include your right to:
- Object to, or request a restriction of, our processing of your personal data (for example, you can request that we don’t use your personal data for purposes of direct marketing)
- Request that your personal data is erased “Right to be forgotten”
- Rectification -If any information held is inaccurate or incomplete, you have the right to have that information corrected or completed
- Request access to your personal data – we will provide this within one month of the request
- Data portability – you can obtain and reuse certain personal data for your own purposes
- Automated decision making and profiling – Where we use automated decision making that produces a legal effect, or similarly significant effect on you we will inform you how and when this will happen.
For more information or to exercise your data protection rights, please contact us using the contact details above.
You also have a right to complain to the Information Commissioner’s Office, which is the UK regulator which upholds rights in relation to individual’s personal data.