Scobie & McIntosh Group Limited (and its subsidiaries) is a registered company incorporated and registered in England under company number 08440801 whose registered office address is Gothic House, 3 The Green, Richmond,TW9 1PL.
Why you should read this policy
We take the privacy of our customers and visitors to our Website very seriously.
For the purposes of the General Data Protection Regulation and all other relevant legislation, Scobie & McIntosh Group Limited and its subsidiaries (‘we’ or ‘us’) is the ‘data controller’ (i.e. the company who is responsible for, and controls the processing of, your personal data).
Personal data we may collect about you
Information that you provide
Personal information about you (such as your name, email address, phone number) will be obtained, whenever you complete forms, create an account or make a service request booking with us.
The processing of your personal data will only be done when it is necessary for the performance of a contract with you or where it is necessary to take steps to enter into such a contract. It will only be processed for compliance with a legal obligation either with ourselves or a third party. It can also be processed if necessary for the purposes of legitimate interests pursued by ourselves or a third party.
We will also obtain personal information you provide when you send feedback, contact us for any reason and by any medium, sign up to a service, share information via the websites and social media functions, complete a survey or report a problem with the website. Additionally, we may take payment details when you renew contracts, pay for a service call or pay via the Website.
We may ask you to provide sensitive personal data from time to time. Should such data be requested, you will be given additional information as to why the sensitive personal data is being requested and how it will be used.
We may retain a record of any contact you make with us.
Personal Information about other individuals
If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:
- give consent on his/her behalf to the processing of his/her data;
- receive on his/her behalf and data protection notices;
- give consent to any transfer of his/her data.
Information from third parties
Occasionally we may receive information about you from other sources (such as credit reference agencies), which will be added to the information already held about you in order for us to help supply our services and products to you.
How your personal data will be used
We will use your personal data for the following purposes:
- to help identify you and any accounts you hold with Scobie & McIntosh Group and its subsidiaries;
- research, statistical analysis and behavioural analysis;
- customer profiling and analysing your purchasing preferences;
- marketing—see 'Marketing and opting out', below;
- fraud prevention and detection;
- billing and order fulfilment for purchases and bookings made, through the Website;
- credit scoring and credit checking—see 'Credit checking', below;
- customising the Website and its content to your particular preferences;
- to notify you of any changes to the Website, or to our services or products that may affect you;
- improving our services and products.
What is our lawful basis or ground for using your personal data?
Under laws that are designed to protect your personal data, we are required to have a lawful basis or ground for why we use, share or otherwise process your personal data.
In most cases, our processing of your personal data is necessary for the performance of our services to you.
Certain uses of your personal data, or other processing activities, may not be strictly necessary to perform our services to you, however, they may be necessary for the purposes of our legitimate interests or the legitimate interests of a third party. They may also be in your interests.
When we say "legitimate interests", we mean our (or a third party's) interests in enabling us to provide our services to you as efficiently and securely as possible. For example, we may choose to use a third party to store your personal data; we may do this in part because our use of that service means that your personal data is more secure.
Marketing and opting out
If you have provided your consent to receive news, special offers or promotions from us, we may contact you by mail, telephone, sms, text/picture/video message, email, about products, services, promotions, and special offers that may be of interest to you.
We may share your personal data with organisations who are our business partners and they may contact you (unless you have asked us or them not to do so) by mail, telephone, sms, text/picture/video message, email, about products, services, promotions, and special offers that may be of interest to you. If you prefer not to receive any further direct marketing communications from us or our business partners, you can opt out at any time. See further 'Your rights', below.
Disclosure of your personal data
We may disclose your personal data to:
- other companies that become partners or part of a group with Scobie & McIntosh Limited;
- a third party who acquires Scobie & McIntosh Limited or acquires substantially all of its assets, in which case the personal data shall be one of the acquired assets;
- our agents and service providers;
- law enforcement and regulatory agencies in connection with any investigation to help prevent unlawful activity or as otherwise required by applicable law;
- business partners in accordance with the 'Marketing and opting out' section above
Keeping your data secure
We will use technical and organisational measures to safeguard your personal data, for example:
- where you create an account on the Website, this will be controlled by a password and username that are unique to you;
- We will store your personal data on secure servers;
- payment details are encrypted using SSL technology.
While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet.
Transfers of data out of the EEA
We will make reasonable efforts to ensure that your data is not transferred outside the European Economic Area (EEA). Where we use data servers that may transfer data out of the EEA we will take steps to ensure adequate protections are in place to ensure the security of your information and give you remedies in the unlikely event of a security breach.
All information you provide to us is stored with secure data processors for the purposes of storing your data, accounting purposes and social media purposes for example. A copy of your information is also stored securely on our internal server and computers where access is restricted.
Please note that we review all processors we utilise and ensure that there are adequate safeguards in place to protect your personal data, such as adherence to binding corporate rules or compliance with the EU-US Privacy Shield Framework, which is a mechanism that ensures compliance with EU data protection requirements when transferring personal data from the European Union to the United States. You can learn more about Privacy Shield here:
While we will use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us using our contact details at the bottom of this policy.
What you can do to keep your information safe
For information from Get Safe Online on how to protect your information, computers and devices against fraud, identity theft, viruses and other online problems, visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
We may monitor and record communications with you (such as emails) for the purpose of quality assurance, training, fraud prevention and compliance.
- You have the right of access to your personal records or other information that we hold about you. There is no administrative charge for this service.
- You have the right to rectify any errors in the data we hold about you. If any data or information we hold about you is inaccurate, or out of date, please contact us and we will correct this immediately.
- You have the right to have the data we hold about you erased.
- If you wish us to continue to store your information but wish us to keep your data separate and not process it in any way, please let us know.
- You have the right to ask us to stop processing your personal data for direct marketing purposes. You may also specify that you object to direct marketing by particular channels such as by email of telephone. If this is the case, please specify the channels you are objecting to in your communications with us.
- You have the right to data portability. If you wish to obtain your data for your own purposes across different services, we will provide this information to you in a CSV file. There is no administrative charge for this service.
- You have the right to object to any direct marketing.
To assert any of your rights set out above, you should send your request in writing to us using our email: firstname.lastname@example.org
You will need to provide proof of identity and address (e.g. a copy of your driving licence or passport, and a recent utility or credit card bill); and specify the personal data you want access to, to be amended or be removed.
How long we will store your data
We will store your data for as long as necessary for the purpose of processing. The data may be deleted in the following circumstances:
- You have withdrawn your consent to data processing
- The original purpose for processing the data is no longer relevant or cannot be performed any more
- The data is no longer up to date or accurate
Our contact details
We welcome your feedback and questions. If you wish to contact us please email us at email@example.com specifying that the communication is for the Data Protection Manager. You can also write to us at:
Scobie & McIntosh Group Limited
Smallfield RH6 9JW
We may change this Policy from time to time. Please check this policy frequently to ensure you are aware of the most recent version that will apply each time you use the Website.
Data Protection Supervisory Authority
The Data Protection Supervisory Authority in the UK is the Information Commissioners Office. Should you have any complaints about the way we handle your data, you may direct them to the ICO. More information on the ICO can be found on their website here: https://ico.org.uk