Our Privacy Notice explains the way in which we collect, use, maintain, protect and disclose the personal information of our customers, end users, suppliers and professional contacts, and the users of our website (www.adanderefrigeration.com)
1.1 Who we are
Adande is made up of a number of group companies, as follows:
Applied Design and Engineering Limited (company no. 01812041)
References to “we” “us” “our” and “Adande” in this privacy notice will be references to any or all of our group companies set out above.
Where required, our group companies are registered as a Data Controller with the Information Commissioner’s Office and have appointed a data protection controller (DPC) who is responsible for overseeing questions in relation to this privacy notice.
If you have any questions about this privacy notice, including any requests to exercise your rights, please contact the DPC using the details set out below.
Postal Address: 45 Pinbush Road, South Lowestoft Industrial Estate, Lowestoft, NR33 7NL.
Changes to the privacy notice and your duty to inform us of changes
This version was last updated on 17th April 2019. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements.
2.1 Which data do we collect?
Personal data is any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). We may collect, use, store, share and transfer different kinds of personal data about you which we have grouped together follows:
Identity Data includes first name, last name, username or similar identifier, title, date of birth and social media account identifiers.
Contact Data includes billing address, delivery address, email address and telephone numbers.
Technical Data includes internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Usage Data includes information about how you use our website.
Marketing and Communications Data includes your preferences in receiving marketing from us and your communication preferences.
We also collect, use and share aggregated data, which includes statistical or demographic data for any purpose. This may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
3.1 How do we collect your personal data?
We use different methods to collect data from and about you including:
Direct interactions. You may give us your Identity and Contact Data by filling in forms (including web forms) or by corresponding with us by post, phone, email or otherwise.
Third parties or publicly available sources. We may receive personal data about you from various third parties and public sources as set out below:
Technical Data from the following parties: (a) analytics providers such as Google based outside the EU; (b) search information providers such as Google, Yahoo or Firefox based inside or outside the EU.
Contact, Financial and Transaction Data from providers of technical, payment and delivery services based inside the UK.
Identity and Contact Data from publicly availably sources such as Companies House and the Electoral Register based inside the EU.
Dealers and distributors, who pass on details of end users.
4.1 How we use your personal data
We will only use your personal data when the law allows us to. Most commonly, we will use your personal data in the following circumstances:
Where we need to perform the contract we are about to enter into or have entered into with you.
Setting you up as a customer to allow delivery by ourselves or a third party, servicing of equipment by ourselves or third parties, invoicing by ourselves or a third party, debt collection by ourselves or a third party
Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. This means the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
To allow delivery by ourselves or a third party, servicing by ourselves or third parties, invoicing by ourselves or a third party, debt collection by ourselves or a third party
To carry out administration in connection with the provision of services to you, including managing payments and charges and collection of money owed to us.
To use data analytics to improve our website, products, services, marketing customer relationships and experiences
To deliver relevant website content and advertisements to you and measure and understand the effectiveness of the advertising we deliver to you
Where we need to comply with a legal or regulatory obligation.
Where you have given your consent to us to process your personal data.
Information you provide on our site may be transferred to our CRM platform. In this case your information may be processed outside of the European Economic Area (EEA).
We may use your personal data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and events may be relevant for you.
You may receive marketing communications from us in respect of our business and our products and services if you have requested information from us or previously been a client of Adande and, in each case, you have not opted out of receiving that marketing.
We do not share your contact details with any third party for the purpose of that third party sending marketing.
You can ask to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us using the details above at any time.
5.1 Grounds for Processing
We are processing the information you provide under the legal grounds of legitimate interest, we will use the information provided for legitimate business purposes such as contacting you in response to an enquiry submitted through our website and other examples shown in 4.1. We have carried out a legitimate interest assessment on the data we collect to support this decision.
6.1 When we share your personal information
We may have to share your personal data with the parties set out below for the purposes set out in the table in paragraph 3 above:
Service providers based within the UK, wider EEA or outside the EEA who provide IT and system administration services, or who store documents on our behalf. This includes the provider of our CRM platform.
Dealers, distributors and those carrying out, or organising, warranty repairs.
Our professional advisers including lawyers, bankers, auditors and insurers based in the UK or EEA who provide consultancy, banking, legal, insurance and accounting services.
HM Revenue & Customs, crime prevention agencies, and other authorities based in the UK who require reporting of our processing activities in certain circumstances.
Customs officials in the UK and other countries (both inside and outside of the EEA)
Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
7.1 International Transfers
We may transfer your personal data to third parties providing services to us who are based outside of the European Economic Area (EEA). This includes parties providing IT administration services and hosting services, and parties who supply and host our CRM.
Whenever we transfer your personal data outside of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
Transferring data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
using specific contracts approved by the European Commission which give personal data the same protection it has in Europe; or
for providers based in the US, we may transfer data to them if they are part of the Privacy Shield.
8.1 Your rights
You have rights over the information that Adande holds, these include the following:
Right to be informed
We provide ‘fair processing information’ through our privacy notice.
Right of access
We will confirm that we process your data, and where appropriate provide access to any personal information we hold about you.
Right of rectification
If any data we hold about you is incomplete or inaccurate we will correct the information we hold on request.
Right to be forgotten
Where there is no compelling reason for the continued processing of your information we will erase the data we hold about you on request.
Right to restrict processing
We will stop processing or block your data on request in certain circumstances. We may hold enough information to ensure that we can respect this restriction in the future. e.g. We may hold your email address on a list to prevent it being processed in the future.
Right to data portability
In certain circumstances you may request your data in a commonly used and machine-readable form.
Right to object
You may object to us processing your data, unless the processing is for the establishment, exercise or defence of legal claims
Right to withdraw consent
Where we are relying on consent to process your personal data, you may withdraw that consent.
9.1 Data retention – how long will you use my personal data for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. In some circumstances you can ask us to delete your data: see Right to be Forgotten above for further information.
10.1 Contact Us
Complaints or queries
Adande strives to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive about this very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures.
You may also complain to the supervisory authority in the UK, the ICO. You can read more about your individual rights on the Information Commissioner’s Office website (www.ico.org.uk).