For the purposes of the GDPR Johnson Valves is a data controller in respect of the information collected on our sites www.johnsonvalves.com & www.johnsonvalves.co.uk websites.
This policy together with any other documents referred to in it sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
Any questions or comments should be addressed to The Data Protection Manager email@example.com
1. Information we may collect from you We may collect and process the following data about you:
Information about yourself including your name, title, postal and/or email address, billing and or delivery address, telephone numbers
Information that you provide when you visit our site, make an enquiry on our site or request our services
If you email or contact us, we may keep a record of the correspondence or keep your message, email address and contact information to respond to your request
We may ask you to complete surveys that we use for research purposes although you do not have to respond to them.
We do not collect any sensitive personal data about you e.g. details about your race, ethnicity, religious or philosophical beliefs or any other categories of sensitive personal data.
2. Log Data
We want to inform you that whenever you visit our Service, we collect information that your browser sends to us that is called Log Data. This Log Data may include information such as your computer’s Internet Protocol (“IP”) address, browser version, pages of our Service that you visit, the time and date of your visit, the time spent on those pages, and other statistics.
Cookies are files with small amount of data that is commonly used an anonymous unique identifier. These are sent to your browser from the website that you visit and are stored on your computer’s hard drive.
Our website uses these “cookies” to collect information and to improve our Service. You have the option to either accept or refuse these cookies and know when a cookie is being sent to your computer. If you choose to refuse our cookies, you may not be able to use some portions of our Service.
4. Where we store your personal data
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site. Any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
5. Uses made of the information
We use the information we hold about you in the following ways:
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data to provide you with goods or services.
Performance of a Contract – this means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
Legitimate Interest – this means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting The Data Protection Manager firstname.lastname@example.org.
Comply with a legal or regulatory obligation – this means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
To ensure that content from our site is presented in the most effective manner for you and your computer
6. Disclosure of information
We may disclose your information to our subsidiaries. We may also disclose your personal information to;
Business Partners, suppliers and sub-contractors for the performance of any contract we enter into with them or with you
Analytics and search engine providers that assist us in the improvement and optimisation of our site
External Third Parties Service
Providers acting as processors based in the United Kingdom acting as processors who provide IT and System Administration Services.
Professional advisers (acting as Processors) including lawyers, bankers, auditors and insurers based in the United Kingdom who provide Consultancy, Banking. Legal, Insurance and Accounting Services.
HM Revenue & Customs, regulators and other authorities (acting as Processors or Joint Controllers) based in the United Kingdom who require reporting of processing activities in certain circumstances.
Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
7. Data Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
8. Data Retention
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. The length of time we retain data depends on what type of data it is:
Customer and Supplier Data: we may keep this indefinitely as it often assists us in identifying parts previously supplied thus enabling us to provide a higher level of customer service.
Employee Data Retention: Basic dates of employment will be retained indefinitely along with records of any accidents reported to enable us to provide employment references and to defend possible claims. All other personnel file information will be destroyed 3 years following the cessation of your employment with the company.
Recruitment Data (including CVs and Application Forms) : will be kept for 6 months following the completion of the recruitment process for a particular role.
Email Data: we retain emails for up to 3 years. This enables us to maintain a high level of customer service by providing us with a detailed history of enquiries and orders that can assist with questions and queries relating to previous business transactions.
Hard Copy Accounting Records: most are retained for 7 years for statutory purposes.
9. Your legal rights
You have the following rights with respect to your personal data:
The right to ask for a copy of the personal data which we hold about you (right of access);
The right to ask us to update any out of date or incorrect personal data that we hold about you (right of rectification)
The right to ask us to delete any personal data where we no longer have any legal reason to retain it (right of erasure or to be forgotten);
The right to opt out of any marketing communications from us and to object to us using and holding your personal data if we have no legitimate reason to do so (right to object)
The right to ask us to provide you with your personal data which we hold (see below) (right to data portability)
The right to ask us to ‘restrict the processing of data’ which means that we would need to secure and retain the data for your benefit but not otherwise use it (right to restrict processing)
10. Access to Information
You may access the information we hold about you. You do not have to pay a fee to access your personal data and we will aim to respond within one month. Please contact The Data Protection Manager email@example.com.