The purpose of this policy is to explain to you how we control, process, handle and protect your personal information while browsing or using this website, including your rights under current laws and regulations. If you do not agree to the following policy, you may wish to cease viewing / using this website.
Policy key definitions
“I”, “our”, “us”, or “we” refer to the business, [Business name & other trading names].
“you”, “the user” refer to the person(s) using this website.
GDPR means General Data Protection Act.
PECR means Privacy & Electronic Communications Regulation.
ICO means Information Commissioner’s Office.
Cookies mean small files stored on a user’s computer or device.
The Data Protection Policy employed by Grenadier Militaria International has been developed as an extension of our commitment to combine the finest quality services with the highest level of integrity in dealing with our clients, suppliers, associates and staff. This policy has been updated to be in line with GDPR standards in our on-going commitment to protecting the privacy and security of your personal information. This policy guides you through how we collect store and use information about individuals and organisations. It will be continuously assessed against new technologies, business practices and the changing needs of everyone we deal with.
Grenadier Militaria International is a “controller” of your personal information. Our Data Protection Policy recognises two kinds of personal data that deserve different levels of protection:
Personally, Identifiable Information includes, for example, e-mail addresses, billing information, employment status and ‘click stream’ data that tracks visitor activity on a Web site or online service.
A subset of that category, Special Data, deserves additional safeguards. Special Data includes, by way of example, Clients’ confidential data, Sexual Orientation, Bank Account, Income Tax and National Insurance numbers, Biometrics, Race, Religion etc. If your relationship with us includes providing Grenadier Militaria International with Special Data, we will protect that information with extra care. We will not distribute data to external parties.
Grenadier Militaria collects personally-Identifiable Information and special data only when there is a legitimate business need to do so.
Notice: We will inform you about why we are collecting Personally-Identifiable Information and how we intend to use it. We need to collect and store your name, address, and other basic Personally-Identifiable Information, for example, to provide you with the service you requested, as well as for billing purposes.
Our legal basis to use your personal information
We need your information primarily to allow us to perform our contract with you and to enable us to comply with legal obligations. In some cases, we may use your personal information to pursue legitimate interests of our own (the efficient and effective operation of the business) or those of third parties, provided your interests and fundamental rights do not override those interests.
Purposes we use your information for
To correspond with you with a view to providing a service; to arrange to attend at your property to quote or undertake works, to take monies for payment from you; to arrange invoices for accounting purposes of an after sales service.
The provision of information by you is a contractual requirement. If you fail to provide certain information when requested, we may not be able to perform the contract for services for you.
We may share your information with HMRC for accounting purposes, third party suppliers where required to fulfil a contract with you; for example, supplying passport details to an airline for your guests if they are travelling internationally.
We will typically retain your personal information for seven years following conclusion of the works in line with HMRC guidelines.
Your rights in connection with personal information
Under certain circumstances, by law you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
Right to withdraw consent (Opt Out)
In any circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact us at firstname.lastname@example.org or at the above address. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
International Data Transfers
Any personal data will only be transferred to other countries that are part of the EEA and therefore have adequate levels of security in place to protect your data. Any country outside of the EEA / EU we share data with will be compliant with the level of security required for companies within https://ico.org.uk/registration/new it; this includes ensuring companies in the US are members of the Privacy Shield scheme and other companies outside the US have contractual obligations in place to provide the same security.
Some cookies are required to enjoy and use the full functionality of this website.
Cookies that we use are;
- Google Analytics
- Google Adsense (DoubleClick)
- Facebook Custom Audience
- Email marketing messages & subscription
Under the GDPR we use the consent lawful basis for anyone subscribing to our newsletter or marketing mailing list. We only collect certain data about you, as detailed in the “Processing of your personal date” above. Any email marketing messages we send are done so through an EMS, email marketing service provider. An EMS is a third-party service provider of software / applications that allows marketers to send out email marketing campaigns to a list of users.
Email marketing messages that we send may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages. Where used, such marketing messages may record a range of data such as; times, dates, I.P addresses, opens, clicks, forwards, geographic and demographic data. Such data, within its limitations will show the activity each subscriber made for that email campaign.
Any email marketing messages we send are in accordance with the GDPR and the PECR. We provide you with an easy method to withdraw your consent (unsubscribe) or manage your preferences / the information we hold about you at any time. See any marketing messages for instructions on how to unsubscribe or manage your preferences, you can also unsubscribe from all MailChimp lists, by following this link, otherwise contact the EMS provider.
Our EMS provider is; Mail Chimp. We hold the following information about you within our EMS system;
- Email address
- Company Name
- P address
- Subscription time & date
Grenadier Militaria International will not sell personal data in any form, including mailing lists. All its data are for internal use only:
We will continue to oversee implementation of and compliance with our Policy and will adapt the Policy to reflect changes in technology and the expectations of everyone we deal with. To ensure that we are following our stated Policy, we also conduct periodic and random audits of our Web sites and other systems.
Our Data Protection Policy has been developed out of respect for the privacy preferences and choices of our candidates, suppliers’ customers, associates and staff. We have established procedures to ensure that every reasonable effort is made to address your concerns.
If you have any concerns or questions about our use of your information you have the right to complain to the Information Commissioners Office but please inform us first, preferably by e-mail to email@example.com, so that we may have the opportunity to address any issues directly with you. The ICO can be contacted at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF. www.ico.org.uk