About this Policy
We at Affinitus Group take your privacy seriously and this policy and notice has been drafted in accordance with the requirements of the General Data Protection Regulations (“GDPR”), with the support of the legal team.
This privacy notice explains how we look after your personal data (in all situations where we collect your data) and sets out your privacy rights and also explains how the law and our approach to privacy and personal data protects you.
This privacy notice supplements any other privacy notices that we may provide to you at the point that we collect data from you and should be read in conjunction with those notices.
Our status and details
For the purpose of the GDPR we are the data controller and any enquiry regarding the collection or processing of your data should be addressed to our Data Protection Officer using the contact details below:
Name or title: Lana Korzhuk
Email address: privacy@Affinitus.co.uk
Postal address: Affinitus Group, Unit
4-5 Grove Dairy Farm
By using the Website, you consent to this policy. We are registered with the Information Commissioner’s Office for this purpose.
Information we collect
We will collect, process and store personal data only if it is directly provided to us by you. You may do this in your capacity as the user of this Website, by enquiring in relation to our goods or services, becoming a customer or supplier, or potential supplier.
Personal information covers any information which relates to you as an identifiable person. Below are examples of the type of data that this may include:
- Identity Data including forenames, last name, maiden name, date of birth, gender, marital status, and username or similar identifier.
- Contact Data may include invoicing; purchase order; home or work address, email address and telephone numbers, personal or job title and position.
- Financial Data may include bank account and payment card details.
- Special Category Data for example health or medical data, details about your race, religion, sex and political opinions.
- Transaction Data may include payments made for products and services you have purchased from us, or in relation to payments that we have made to you.
- Technical Data may include internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices used to access this Website.
- Profile and Usage Data may include enquiries submitted by you, purchases information, feedback and survey responses, and how you use our website, products and services.
- Marketing Data may include details of any preference that you have advised us of in relation to marketing communications from us.
We may also collect non-personal data such as Aggregated Data which is data that may be obtained from your personal data, but which does not directly or indirectly identify you. This may include Usage Data detailing how you use our Website and the features and areas that you have interacted with.
How do we collect your personal data?
A range of different methods may be used to collect data which may include the following methods:
- Direct interactions with us in person, by post, phone, email or otherwise. You may give us your Identity, Contact and Financial Information.
- Automated technologies or interactions with our website, by using the web enquiry form, Live chat, Newsletter signups. You may give us Identity, Contact and Financial Information.
- Third parties or publicly available sources (third parties may be used in processing Identity, Contact and Financial categories of personal data).
- Media – If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
It is important that the data that we hold about you is accurate and up to date. In the event that your data changes please notify us so that we can update our records.
Use of your information
We may hold and process personal data that you provide to us in accordance with the GDPR.
The information that we collect and store relating to you is primarily used:
- To enable us to provide our services to you, to communicate with you and to meet our contractual commitments to you. This may include Identity and Contact data.
- To notify you about any changes to our business, such as improvements to our Website or service/product changes, that may affect our service or relationship with you. This may include Identity and Contact data.
- If you are an existing customer, we may contact you with information about services similar to those that were the subject of a previous sale to you. This may include Identity and Contact data.
- Where you have consented to receive such information, to provide information on other parties’ products or services that we feel may be of interest to you. This may include Identity, Contact and Marketing data.
- Where you have consented to receive our e-newsletters to provide that to you. This may include Identity and Contact data.
- Where we need to comply with a legal obligation. This may include Identity, Contact and Transactional data.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. This may include all types of data.
Where we collect your data for marketing purposes, we will always request your consent, at the point the data is collected, to use your data for that purpose.
We will always obtain your prior consent to sharing your personal data with any third party for their marketing purposes. This may be to enable relevant third parties to advise you of products or services that may be of interest to you.
We will only use your personal data for a reason other than the purpose for which it was originally obtained if we consider that we need to use it for that other purpose and have a legitimate interest in doing so.
Disclosure of your information
There are a range of circumstances where we may disclose your data to third parties. These include:
- Regulatory bodies. We may disclose your data to regulatory bodies to enable us to comply with the law and to assist fraud protection and minimise credit risk. This may include Identity, Contact and Transactional data.
- Our Suppliers. We may disclose your data to third parties that are involved in the fulfilment of our services to you. This may include Identity, Contact and Transactional data.
- Third party marketing. Where you have consented for us to do so, we may provide your data to selected third parties who may contact you about their goods or services that you may be interested in. This may include Identity, Contact and Marketing data.
Please be advised that we do not reveal information about identifiable individuals to our advertisers, but we may, on occasion, provide them with Aggregated Data about our Website visitors and customers.
If you require more information or do not want us to share your data with third parties you will have the opportunity to withhold your consent to this when you provide your details to us on the form on which we collect your data, or you can do so by writing to us at the address detailed above or sending us an email to firstname.lastname@example.org at any time.