Design Window And Door Systems Ltd, is committed to protecting the privacy and security of your personal information. This privacy notice describes how we collect and use information about individuals and companies during and after your contractual relationship with us, in accordance with the General Data Protection Regulation (GDPR).  It is important that you read this notice, together with any other privacy notice we may provide on specific  occasions , so that you are aware of how and why we are using such information. The following paragraphs outline our commitment to you and how we intend to comply with GDPR, effective from 25th May 2018. This new regulation is a flexible one, and likely to change as the regulation is tested in law or amended due to advances in technology. We will make every effort to keep you updated with any changes to GDPR or our Data Privacy Policy.

The kind of information we hold about you

We hold contact information, such as first name, surname, company name, work   email address and telephone numbers. This information may identify you as an individual, but will only be the contact information in relation to your business activity and will not include any private information. We will store and use only the information that you have supplied to us for use in your professional capacity.

Why do we require the information we hold about you and how will we use it?

YOUR ORDER/ENQUIRY – we require a main point of contact so that we can stay in touch with you regarding your order/enquiry with us  . It is very important that you let us know if your main contact changes so that we can keep our data up-to-date for gurantee purposes for instance.

FINANCE CONTACTS – we require an invoicing contact (which maybe the same as the details held for your order/enquiry) so that we can administer the financial part of the order.

MARKETING CONTACTS – from time to time we may inform you of our product updates via various methods.  Having your marketing contacts (which maybe the same as the details held for your order/enquiry)  allows  us to  inform you of any information we feel is useful .

How do we collect this information?

At the time that you send us an order or enquiry, we store all relevant information digitally and/or paper form hardcopy.

Who will we share your information with?

We may have to share your data with third parties, including third party service providers for purposes of  guarantee , direct delivery or similar. We require third parties to respect the security of your data and to treat it in accordance with the GDPR regulations. We may transfer your personal information outside the EU. If we do, we would expect a similar degree of protection in respect of your personal information.

How secure is my information with third party service providers and other entities in our group?

All our third party service providers  are required to take appropriate security measures to protect your personal information in line with GDRP regulations. We do not expect our third-party service providers to use your personal data for their own purposes under GDRP regulations. We only permit them to process your personal data for specified purposes and in accordance with our instructions.

Data security

We have put in place to the best of our ability appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed, in accordance with GDPR guidelines. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Data retention

We keep all required information  for a period of 10 years due to the longest gurantee period. We endeavour to keep this information  stored in a secure manner. When the contract ends, we will remove any contact information that we will not require in the future, but we may need to keep some contact details for financial and legal purposes. This information will be kept only as long as is required.

Change of purpose

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

Your duty to inform us of changes

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your information changes during your working relationship with us.

Your rights in connection with personal information

Under certain circumstances, by law you have the right to:

• Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
• Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
• Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us to continue to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
• Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
• Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
• Request the transfer of your personal information to another part

Changes to this privacy notice

We reserve the right to update this privacy notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.

Data protection officer

We have appointed a Data Protection Officer to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, please contact the Data Protection Officer either by phone or email. You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.