Who we are
Data Protection Officer
We have appointed Natasha Bloom as Data Protection Officer who will endeavour to ensure that all personal data is processed in compliance with this policy and other principles set out in the GDPR.
*Personal data means any information that may be used to identify a living individual, including, but not limited to Company name, a first and last name, a home or other physical address and an email address or other contact information, whether at work or at home.
How we obtain your personal data
We may collect your personal information directly from you, or from another source, including: –
Information provided by you
You may provide us with personal data either via email, via an online application or over the telephone, as well on show enquiry forms and business card exchange. This includes name, trading details, contact numbers, email address and may include bank details. We use this information in order to manage and administer your financial transactions with us and for quotation purposes and marketing.
We may also keep information contained in any correspondence you may have with us by post or by email.
The lawful basis for us holding and processing your personal data may be based on one or more of the following:-
- You have given us consent to send you information about products and services offered by us and our group companies;
- It is necessary to provide the quote or product or service you have requested, e.g. if you wish to purchase goods from us, we will need to take details of some personal information (for example details of your name, address, date of birth, bank details);
- If we have a legal or regulatory obligation to process your personal data for example, if we updated our Terms and Conditions we would be obliged to send you information regarding this change;
- If we have legitimate interests for holding your personal data.
What is a legitimate interest?
A legitimate interest is established when we have a business or commercial reason to use your information and your rights and interests do not outweigh this.
What do we use your information for?
- To ensure compliance with business policies such as, security or internet use.
- Operational reasons, such as improving efficiency, training and the standard of our products/services;
- To ensure commercially sensitive information is kept confidential;
- To collate statistical information in relation to our business e.g – number of customers;
- To update our customer records and; internal record keeping;
- To ensure safe working practices, staff administration and assessments;
- To market our services.
Our reasons for using your personal information
- To perform a contract or to provide a product or service to you;
- To ensure we are following our own internal procedures to ensure we deliver the best service to you;
- To ensure we deliver services to you in the most efficient way;
- To protect your commercially valuable information;
- To comply with our legal and regulatory obligations;
- To ensure we can keep in touch with our customers;
- To comply with our legal and regulatory obligations to manage our employees;
- To promote our business to past, existing and future customers;
We will only ever process special categories of your personal data with your explicit consent and if we feel it is necessary to do so.
If you do not wish us to collect and use your personal information in these ways, it could mean that we are unable to deliver the products and services to you.
Information we collect from other sources
We only obtain information from third parties if this is permitted by law. We may also access other sources of information relating to you from public sources, for example, to verify your identity. This information (including your name, address, email address etc.), as relevant to us, will only be obtained from reputable third-party companies that operate in accordance with the GDPR. You will already have submitted your personal data to these companies and specifically given permission to allow them to pass this information to other companies that provide similar or complementary products and services to those we offer.
How we use your personal data
We will only use your personal data to the extent that it is necessary, fair and lawful to do so. We will only use that information to the extent it is required. We will take reasonable steps to protect your personal data, including any financial details, in a way which meets the requirements of the GDPR. concerning data protection.
Keeping your data secure
We take your privacy seriously and have put steps in place to keep your data secure. We use the following measures to safeguard your personal data:
- Storing all forms of your personal data in a secure environment;
- Providing staff training on the importance of keeping your data safe;
These steps help minimise the risk of your personal information being accidentally lost or used or accessed in an unauthorised way.
Furthermore, we and all of our staff are required to respect the personal data and privacy of others. We therefore have a policies and procedures in place to deal with any suspected data breach so that we can quickly act to minimise any potential damage caused.
We will keep information about you confidential and we will from time to time share your personal data (to the extent required only) for the purposes of audit and compliance monitoring. We will only disclose your information with third parties with your express consent when it is required to fulfil your requirements. We may also disclose information to law enforcement agencies or regulatory bodies for the purposes of crime prevention and detection.
Transfer of your personal data outside of the European Economic Area (EEA)
We do not currently transfer your personal data outside of the EEA. If in the future we propose to do so, we will write to you to tell you and make sure that the receiver agrees to provide the same or similar protection as we do and that they only use your personal data in accordance with our instructions.
How long do we keep this information about you?
We will only retain your personal data for as long as reasonably necessary taking into account the length of time we need to perform our services or meet your requirements. We will also retain your data for as long as we may be required for us to meet any legal, statutory and regulatory obligations.
We will not retain your data for longer than reasonably necessary. These reasons can vary from one piece of information to the next. In all cases our need to use your personal information will be reassessed on a regular basis and information which is no longer required will be disposed of securely.
When data held in accordance with this policy is destroyed, it must be destroyed securely in accordance with best practice at the time of destruction.
Information about third parties
Information we process may also include information about third parties such as your employees whose details you supply to us. If you provide us with information on behalf of someone else, you confirm that the other person has agreed that you can:
- give consent on his or her behalf to the processing of his or her personal data;
- receive on his or her behalf data protection notices and;
- give consent to the processing of his or her potentially sensitive data.
Reasons for processing data
We process information about you for the following reasons:
To provide services to you; to undertake analysis of purchasing preferences; marketing purposes; to improve our customer service; to provide you with feedback; analysing customer feedback; to deal with complaints; tracking website activity; to contact customers if products or services become unavailable; to improve your experience on our website; to personalise communication with you; compliance with legal, regulatory and corporate governance obligations and good practice and; gathering information as part of investigations by regulatory bodies or in connection with legal proceedings or requests.
Systems used to process data
We gather information from you, from our website and from other systems such as, our computer networks and connections; our email; internet facilities; our telephones and voicemail.
Data subject rights
Right of access
GDPR grants you (hereinafter referred to as the “data Subject”) the right to access particular personal data that we hold on you. This is referred to as a subject access request. We shall respond promptly and no later than one month after receiving your request unless we notify you otherwise explaining why we cannot meet your request within that timescale.
We will process the access request in line with the GDPR.
Right to rectification
You, the data subject, shall have the right to obtain from us, without undue delay, the rectification of inaccurate personal data we hold relating to you. Taking into account the purpose of the processing, you shall have the right to have incomplete personal data completed, including replacing that information. You should let us know what information it should be replaced with.
Right to ask us to stop contacting you with direct marketing
You can request for us to stop contacting you for direct marketing purposes at any time. If you wish to do so, you should contact us and notify us of the method (or all methods) you are unhappy with.
Right to erasure
You, shall have the right to obtain from us the erasure of personal data concerning you (except where we are legally obliged to retain such information) without undue delay.
Right to restriction of processing
Subject to exemptions you shall have the right to obtain from us restriction of processing where one of the following applies:
- You do not agree that the data held relating to you is accurate and your data will be restricted until the accuracy of the data has been verified;
- The processing is unlawful and you oppose the erasure of the personal data and instead request the restriction in its use
- We no longer need the personal data for the purpose of processing, but it is required by you for the establishment, exercise or defence of legal claims
- You have objected to the processing of your personal data pending the verification of whether there are legitimate grounds for us to override theses objections.
Notification obligation regarding rectification of erasure of personal data or restriction of processing
We shall communicate any rectification or erasure of personal data or restriction of processing as described above to each recipient to whom the personal data has been disclosed, unless this proves impossible or causes excessive cost. We shall provide you with information about those recipients if you request it (subject to any data protection restrictions concerning such disclosure)
Right to data portability
You shall have the right to receive your personal data, which you have provided to us, in a structured commonly used and machine-readable format and have the right to transmit this data to another controller, without hinderance from us.
Right to object
You shall have the right to object at any time to the processing of personal data concerning you; unless this relates to processing that is necessary for the purpose of a task carried out in the public interest or an exercise of official authority vested in us. We shall no longer process the personal data unless we can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of you, the data subject, or for the establishment, exercise or defence of legal claims.
Should you wish to exercise any of these rights, please write to us at the address below and provide us with sufficient information so that we can clearly identify you. We may also require some proof of identity such as, a driving licence, passport together with a recent utility bill or bank statement. This is to ensure we do not release any of your personal data to anyone other than you.
Accuracy of information
In order to provide the highest level of customer service possible, we need to keep accurate personal data about you. We take reasonable steps to ensure the accuracy of any personal data or sensitive information we obtain. We ensure that the source of any personal data or sensitive information is clear, and we carefully consider any challenges and you can help us by informing us of these changes when they occur.
We operate a CCTV network for the purposes of crime prevention and detection, safeguarding and training. We record CCTV images of you when you are on our premises or within their vicinity for your safety and security. Where a data subject can be identified, we will process such images as personal data.
How to contact us
You can also write to us using the following address:
If you are unsatisfied with the response, you can contact Warrendale Wagyu Data Protection Officer at 01759 361254 However, you also have the right to lodge a complaint with the Information Commissioners Office who may be contacted online at: https://ico.org.uk/concerns or by using their helpline: 0303 123 1113.