Xpediator Plc are committed to ensuring that your privacy is protected.
Xpediator is aware of its obligations under the General Data Protection Regulation (GDPR) and is committed to processing your data securely and transparently. This privacy notice sets out, in line with GDPR, the types of data that we hold on you as a visitor of the Company. It also sets out how we use that information, how long we keep it for and other relevant information about your data.
- access or change the personal information we maintain about you.
- withdraw consent you previously provided to us.
- refrain from sending you certain communications.
- answer any questions you might have about our privacy practices.
Information we may collect from you
We may collect the following information:
- Name and job title Contact information, including email address
- Demographic information such as postcode, preferences and interests
- Requirements of your general or service enquiry
- Other information relevant to customer surveys and/or offers
Who will we share your data with?
Firstly, we will never share personal information with any other organisation for third-party marketing purposes.
Your data will be shared with colleagues within the Company where it is necessary for them to undertake their duties to fulfil your requests.
We might also share your data with third parties where they are providing a legitimate service to us.
We may also share your data with third parties as part of a Company sale or restructure, or for other reasons to comply with a legal obligation upon us.
We might share your data with bodies outside of the European Economic Area, to countries where the Company operates. Processing may include, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing. We have put the following measures in place to ensure that your data is transferred and held securely and that the bodies who receive the data that we have transferred process it in a way required by EU and UK data protection laws:
- The data must only be transferred in a manner that complies with the Company’s Data Transfer and Storage Policy;
- Thedata held by any bodies outside of the European Economic Area must be held in a way that complies with GDPR.
How do we use your data?
We use the personal data which you have provided us with to carry out your requests and requirements for the basis of completion of a transaction and/or contract.
The law on data protection also allows us to process your data for certain reasons only:
- In order to carry out legally required duties;
- In order for us to carry out our legitimate interests;
- To protect your interests and,
- Where something is done in the public interest.
All of the processing carried out by us falls into one of the permitted reasons. Generally, we will rely on the first three reasons set out above to process your data.
We also collect data so that we can carry out activities which are in the legitimate interests of the Company.
We will send you marketing information if you have consented or if we have a legitimate interest to do so.
Xpediator does not sell, transfer or share or disclose your data and will not do so in future, as we are committed to protecting your data.
How does Xpediator protect your data?
Xpediator takes the security of your data very seriously. We have internal policies and controls in place to try to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by its employees in the performance of their duties.
The data that the Group collects from you may be transferred to, or stored or processed at a destination within or outside the European Economic Area (“EEA”) by ourselves or one of our suppliers in accordance with applicable laws on data protection. It may be necessary as a business to do conduct the transfer of data. Processing may include, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing.
Please note that it may be necessary to share information when required by law.
What is a cookie?
A cookie is a small text file containing letters and numbers that we store in your browser or on the hard drive of your computer
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
How to control and delete cookies
If you want to restrict or block cookies on our websites, or other websites you visit, you can do this through your browser settings. The Help function within your browser should tell you how.
Alternatively, you can visit www.allaboutcookies.org which contains comprehensive information on how to delete cookies from your computer as well as more general information about cookies.
Your rights to access your data:
We are committed to upholding your rights in respect of your personal data.
Through the provision of this and other privacy notices on the website, we will be open and transparent about how and why we use your personal information.
You have a right to ask us what personal information we hold about you and to request a copy of your information. This is known as a ‘subject access request’ (SAR).
The law on data protection gives you certain rights in relation to the data we hold on you. These are:
- The right to be informed. This means that we must tell you how we use your data, and this is the purpose of this privacy notice;
- The right of access. You have the right to access the data that we hold on you. To do so, you should make a subject access request. You can read more about this in our Subject Access Request Procedure which is available from email@example.com
- The right for any inaccuracies to be corrected. If any data that we hold about you is incomplete or inaccurate, you are able to require us to correct it;
- The right to have information deleted. If you would like us to stop processing your data, you have the right to ask us to delete it from our systems where you believe there is no reason for us to continue processing it;
- The right to restrict the processing of the data. For example, if you believe the data we hold is incorrect, we will stop processing the data (whilst still holding it) until we have ensured that the data is correct;
- The right to portability. You may transfer the data that we hold on you for your own purposes;
- The right to object to the inclusion of any information. You have the right to object to the way we use your data where we are using it for our legitimate interests;
- The right to regulate any automated decision-making and profiling of personal data.You have a right not to be subject to automated decision making in way that adversely affects your legal rights.
Where you have provided consent to our use of your data, you also have the unrestricted right to withdraw that consent at any time. Withdrawing your consent means that we will stop processing the data that you had previously given us consent to use. There will be no consequences for withdrawing your consent, however, in some cases, we may have to continue to use your data to meet our statutory and legal obligations. We endeavour to handle your request within 30 business days, and will always agree with you a revised timeline, if required.
If you wish to exercise any of the rights explained above, please contact firstname.lastname@example.org
Data Controller and Data Processor details
The Company is a Data Controller, meaning that it determines the processes to be used when using your personal data. The Company is also a Data Processor for its customers, meaning that it handles the processing of data. Our contact details are as follows: Xpediator plc, 710 Avenue West, Skyline 120, Braintree, Essex, CM77 7AA, UK
Data Protection Officer
The Company’s Data Protection Officer is Dan Harris. He can be contacted at email@example.com.
Data protection principles
In relation to your personal data, we will:
- Process it fairly, lawfully and in a clear, transparent way;
- Collect your data only for reasons that we find proper for the course of your visit in ways that have been explained to you;
- Only use it in the way that we have told you about;
- Ensure it is correct and up to date;
- Keep your data for only as long as we need it;
- Process it in a way that ensures it will not be used for anything that you are not aware of or have consented to (as appropriate), lost or destroyed.
Making a complaint
The supervisory authority in the UK for data protection matters is the Information Commissioner (ICO). If you think your data protection rights have been breached in any way by us, you are able to make a complaint to the ICO.