Privacy & Cookies
It is important that you read this Website Privacy Notice as it contains information on who we are but most importantly how and why we collect, process and store your personal data. This Notice in particular includes information on how the website collects data and how to contact us in the event of a complaint or query.
As a business we are committed to protecting the privacy and security of your personal data.
This Website Privacy Notice should be read in conjunction with our Stakeholder Privacy Notice which you can request below.
2. Issue/Update Register
3. Who We Are
4. Personal Data We Collect and Use
5. How We Use your Personal Data
7. Transfer of your Data Out of the EEA
8. Data Security
9. Your Rights
10. Contacting Us
2. Issue/Update Register
Issue 1 – Original Notice – Dean Kahl – 17-05-2018
Issue 2 – Update to Hotjar – Dean Kahl – 18-05-2018
Issue 3 – Addition of 4.3 – Dean Kahl – 23-07-2018
Issue 4 – Annual Review, Change of Data Protection Representative – Dean Kahl – 20-08-2019
3. Who We Are
SEC Group (The Storage Equipment Centre Group Ltd), SEC Storage (The Storage Equipment Centre Ltd) and SEC Interiors (SEC Interiors Ltd) collects, uses and is responsible for personal data about you.
We are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal data for the purposes of those laws.
4. Personal Data We Collect and Use
4.1 Information you provide voluntarily
In the course of using this website you will voluntarily provide data that we collect, store and use. This will be either contact form submissions, via telephone or the website chat function.
This data may include:
- Personal contact details such as name, title, address, telephone numbers and email addresses.
- Enquiry details
In supplying this information, you consent to this information being collected, stored and used as described in our Stakeholder Privacy Notice.
4.2 Information we collect automatically
When you browse www.sec-group.co.uk we may collect data about your use of the website.
This data may include:
- Operating System
- IP Address
- Browser ID
- Browsing activity
- User ID (automatically generated identification numbers for systems including our visitor tracking and website chat function).
4.2.1 Lead Forensics
Contained within our website is a piece of tracking code from Lead Forensics. Lead Forensics will track activity on the website and identifies the businesses that visit our website. It does not identify the data subject, and it does not provide the personal data of website visitors within the tool.
Lead Forensics identifies business IP addresses. Any location or visitor data provided is representing a business, not a data subject. For that reason, it does not track or provide any physical, physiological, genetic, mental, economic cultural or social identity data.
More information can be found at www.leadforensics.com
4.2.2 Hotjar Ltd
We use Hotjar in order to better understand our users’ needs and to optimize this service and experience. Hotjar is a technology service that helps us better understand our users experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.) and this enables us to build and maintain our service with user feedback.
- Device’s IP address (captured and stored only in anonymized form)
- Device screen size, device type (unique device identifiers)
- Browser information
- Geographic location (country only)
- Preferred language used to display our website.
4.2.3 iContact Pro
MailChimp is our email marketing platform. Contained within our website is tracking code which will track movements around the website and enable us to provide targeted direct marketing.
The personal data that the iContact system will process would have already been provided by you, the data subject, or other third party sources.
You are able to opt-out of any marketing communication messages via the unsubscribe link in any of our emails, which will prevent MailChimp collecting your website visitor activity.
4.2.4 Zendesk Chat
As part of our website is a chat function. This enables you to interact with our marketing team. To use this function you do not need to provide any personal data, such as name, email address or telephone number. However in doing so, it will enable us to provide a greater level of customer service.
The Zendesk Chat software does collect personal data such as that identified in section 4.2 Information we collect automatically. Site visitors are assigned a unique visitor ID so that Zendesk Chat can keep track of returning visitors. It will also track which website pages you are visiting, to enable us to understand the nature of your enquiry when you use the chat system. The system only stores data for visitor that use the chat system.
More information can be found at: https://www.zendesk.co.uk/chat/
4.2.5 Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any data which you provide whilst visiting such sites and such sites are not governed by this Website Privacy Notice or our Stakeholder Privacy Notice. You should exercise caution and look at the privacy statement applicable to the website in question.
4.3 Other data we collect
We collect personal information directly from you, either automatically or that which you give voluntarily. Please see 4.1 and 4.2
Incoming telephone calls are recorded for record-keeping, training and quality assurance purposes. We may make tele-marketing calls to you which are also recorded for the same purposes.
5. How We Use your Personal Data
We will only use your personal data in accordance with the legal bases for processing personal data. At present, we have identified that we will process your personal data under the following legal basis:
- Article 6(1)(b) – Contract
- Where we need to perform a contract we have entered into with you
- Article 6(1)(c) – Legal Obligation
- Where we need to comply with legal obligations
- Article 6(1)(f) – Legitimate Interests
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and the fundamental rights do not override those interest. One form of legitimate interest is Direct Marketing.
Where additional processing of your data is required, we will identify a specific legal basis for processing the data and update all relevant documentation accordingly.
5.1 How long we hold the data for
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including the purpose of satisfying any legal, accounting or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk or harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances, we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you. Once you are no longer a customer of the company, we will retain and securely destroy your personal information in accordance with our privacy standard.
We do not need your consent if we use special categories of your personal information in accordance with our written policy to carry out our legal obligations. In limited circumstances, we may approach you for your written consent to allow us to process certain particularly sensitive data. If we do so, we will provide you with full details of the information that we would like and the reason we need it, so that you can carefully consider whether you wish to consent. You should be aware that it is not a condition of your contract with us that you agree to any request for consent from us.
Furthermore, to carry out our Direct Marketing activities, we do not need your consent.
The ePrivacy Directive was transposed into UK law as the Privacy and Electronic Communications (EC Directive) Regulations 2003 or PECR (Privacy and Electronics Communications Regulations). Currently, the PECR, provides a defined exclusion from opt-in requirements for B2B Communications. The SEC Group communications fall under this category.
The EU are intending to replace the ePrivacy Directive with the Regulation on Privacy and Electronic Communications. Until such time as The Regulation on Privacy and Electronic Communications is enacted, the UK’s PECR remains the de facto legislation that governs consent requirements for marketing communications. Within the UK, B2B telemarketing, direct mail and email marketing need to offer an opt-out, and do not require an opt-in.
7. Transfer of your Data out of the EEA
Your personal data may be stored and processed in any country where we have service providers, and by using this website or by providing consent to us, you agree to the transfer of information to countries outside of your country of residence, including to the United States.
We take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Website Privacy Notice and our Stakeholder Privacy Notice.
One example of data transfer is to our email marketing platform (ESP) which may, for example, be hosted in the United States. The data transferred will be limited to the intended purpose, for example name and email address.
8. Data Security
We have put in place measures to protect the security of your data. Details of these measures are available upon request.
Third parties will only process your personal data on our instructions and where they have agreed to treat the information confidentially and to keep it secure.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, suppliers and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
9. Your Rights
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your working relationship with us.
Under certain circumstances, by law you have the right to:
- The right to be informed
- The right of access
- You are entitled to know what data is held about you and how it is being processed.
- The right to rectification
- You are entitled to have your personal data corrected if it is inaccurate or incomplete.
- The right to erasure – also known as “the right to be forgotten”:
- You have the right to request the removal of personal data where there is no compelling reason for its continued processing.
- The right to restrict processing:
- You have the right to block or suppress processing of their personal data.
- The right to data portability:
- This allows you to transfer or copy your personal data from one IT environment to another, safely and securely.
- The right to object:
- You have the right to object to the use of your personal information in certain circumstances.
- Rights in relation to automated decision making and profiling:In specific circumstances, you have the right not be the subject of a decision which:
- Has a legal bearing or significant on you; and
- Which is based on automated processing
If you want to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact the Data Protection Representatives in writing.
You are free to opt-out at any time by using the unsubscribe hyperlink found in our email marketing messages, or contacting the Data Protection Representative.
10. Contacting Us
Please contact our Data Protection Representative, Vanessa Beck, if you have any questions about this Website Privacy Notice, our Stakeholder Privacy Notice or the data we hold about you.
Please use the contact form below or write to us at: Data Protection Representative, SEC Group, Unit 11 The iO Centre, Whittle Way, Arlington Business Park, Stevenage, Hertfordshire, SG1 2BD or call 01438 731990.
USER GENERATED CONTRIBUTIONS
The Site may invite you to chat, contribute to, or participate in blogs, message boards, online forums, and other functionality, and may provide you with the opportunity to create, submit, post, display, transmit, perform, publish, distribute, or broadcast content and materials to us or on the Site, including but not limited to text, writings, video, audio, photographs, graphics, comments, suggestions, or personal information or other material (collectively, “Contributions”).
Contributions may be viewable by other users of the Site and through third-party websites. As such, any Contributions you transmit may be treated as non-confidential and non-proprietary. When you create or make available any Contributions, you thereby represent and warrant that:
- the creation, distribution, transmission, public display, or performance, and the accessing, downloading, or copying of your Contributions do not and will not infringe the proprietary rights, including but not limited to the copyright, patent, trademark, trade secret, or moral rights of any third party.
- you are the creator and owner of or have the necessary licenses, rights, consents, releases, and permissions to use and to authorize us, the Site, and other users of the Site to use your Contributions in any manner contemplated by the Site and these Terms and Conditions.
- you have the written consent, release, and/or permission of each and every identifiable individual person in your Contributions to use the name or likeness of each and every such identifiable individual person to enable inclusion and use of your Contributions in any manner contemplated by the Site and these Terms and Conditions.
- your Contributions are not false, inaccurate, or misleading.
- your Contributions are not unsolicited or unauthorized advertising, promotional materials, pyramid schemes, chain letters, spam, mass mailings, or other forms of solicitation.
- your Contributions are not obscene, lewd, lascivious, filthy, violent, harassing, libelous, slanderous, or otherwise objectionable (as determined by us).
- your Contributions do not ridicule, mock, disparage, intimidate, or abuse anyone.
- your Contributions do not advocate the violent overthrow of any government or incite, encourage, or threaten physical harm against another.
- your Contributions do not violate any applicable law, regulation, or rule.
- your Contributions do not violate the privacy or publicity rights of any third party.
- your Contributions do not contain any material that solicits personal information from anyone under the age of 18 or exploits people under the age of 18 in a sexual or violent manner.
- your Contributions do not violate any federal or state law concerning child pornography, or otherwise intended to protect the health or well-being of minors;
- your Contributions do not include any offensive comments that are connected to race, national origin, gender, sexual preference, or physical handicap.
- your Contributions do not otherwise violate, or link to material that violates, any provision of these Terms and Conditions, or any applicable law or regulation.
Any use of the Site in violation of the foregoing violates these Terms and Conditions and may result in, among other things, termination or suspension of your rights to use the Site.
THIRD-PARTY WEBSITES AND CONTENT
The Site may contain (or you may be sent via the Site) links to other websites (“Third-Party Websites”) as well as articles, photographs, text, graphics, pictures, designs, music, sound, video, information, applications, software, and other content or items belonging to or originating from third parties (“Third-Party Content”).
Such Third-Party Websites and Third-Party Content are not investigated, monitored, or checked for accuracy, appropriateness, or completeness by us, and we are not responsible for any Third-Party Websites accessed through the Site or any Third-Party Content posted on, available through, or installed from the Site, including the content, accuracy, offensiveness, opinions, reliability, privacy practices, or other policies of or contained in the Third-Party Websites or the Third-Party Content.
Inclusion of, linking to, or permitting the use or installation of any Third-Party Websites or any Third-Party Content does not imply approval or endorsement thereof by us. If you decide to leave the Site and access the Third-Party Websites or to use or install any Third-Party Content, you do so at your own risk, and you should be aware these Terms and Conditions no longer govern.
You should review the applicable terms and policies, including privacy and data gathering practices, of any website to which you navigate from the Site or relating to any applications you use or install from the Site. Any purchases you make through Third-Party Websites will be through other websites and from other companies, and we take no responsibility whatsoever in relation to such purchases which are exclusively between you and the applicable third party.
You agree and acknowledge that we do not endorse the products or services offered on Third-Party Websites and you shall hold us harmless from any harm caused by your purchase of such products or services. Additionally, you shall hold us harmless from any losses sustained by you or harm caused to you relating to or resulting in any way from any Third-Party Content or any contact with Third-Party Websites.