We collect information from visitors to this website through the use of online forms / email hyperlinks, and every time you email us your details. We collect additional information automatically about your visit to our website. Please see our cookies policy below for more details.
Use of personal information
We process personal information collected via this website for the purposes of:
Providing and personalising our services.
Dealing with your inquiries and requests.
Administering orders and accounts relating to our suppliers or customers.
Maintaining information as a reference tool or general resource.
Providing reservation or booking services.
Providing you with information about products and services.
If using a data capture form
We will send you information according to the preferences you submitted via our data capture form. If you would like to change these preferences at any point, please email us via the secure contact form, or call us (01323 844519). Alternatively you can also write to us (5 Summerfields Avenue, Hailsham, East Sussex, BN27 3BP).
Please note that we will never use the information you have provided us with for marketing purposes, nor will it be passed to any third parties for marketing purposes.
If no sharing of data with 3rd parties:
We will not share your data with third parties except as required to do so by government bodies and law enforcement agents.
Subject access requests
You have the right to see what personal data we hold about you. To obtain a copy of the personal information we hold about you, please write to us. (5 Summerfields Avenue, Hailsham, East Sussex, BN27 3BP).
Given that the Internet is a global environment, using it to collect and process personal data necessarily involves the transmission of data on an international basis. This means for instance that data you pass to us may be processed outside the European Economic Area, although the data will always be held securely and in line with the requirements of UK data protection legislation. By communicating electronically with us, you acknowledge and agree to our processing of personal data in this way.
A cookie is a small piece of information sent by a web server to a web browser, which enables the server to collect information from the browser. Find out more about cookies on www.allaboutcookies.org
Most browsers will allow you to turn off cookies. If you want to know how to do this please look at the menu on your browser, or look at the instruction on www.allaboutcookies.org. Please note however that turning off cookies will restrict your use of our website.
GDPR – in essence all data we collect must be traceable, stored securely, not shared, have a good reason for collecting it, deleted after a period of time and provide proof it was collected legally.
Managing your data is complicated as it’s not always stored in a human friendly fashion, therefore retrieval is time consuming and compliance with the entire GDPR proposition will take time to implement fully and accurately.
However, we have always respected your data and have never shared it with any other party, we have only ever asked for data we actually needed (eg to complete a form for a competition entry etc), data we may have collected will have been via a contact form so that we can answer your questions, help with a service or similar and as such is of no further use to us, our marketing exercises consist of sending you email notifications of blog subscriptions or adding you to our newsletter lists, in this case you will have been asked to opt-in via email after submission of your email address and you will have always had the option to withdraw at any time via a button on each and every email.
We undertake to the best of our ability to conform to the following criteria:
We must have and store the lawful basis of processing for each contact.
- Consent (opt-in)
- You must be told (notified) of what you are opting into.
- You need to affirmatively opt-in with an unchecked box. (only opts in for what you were notified you are opting into.)
- Consent must be granular, covering the various ways we use your data (e.g. email, calls).
- We must log auditable evidence of what you consented to: the notice and when you consented.
- Performance of a contract (customer we need to send bills to)
- Legitimate interest (customer we want to send products related to what you have)
Withdrawal of consent
- We must give you the ability to see what you have consented to and the ability to withdraw consent at any time. It needs to be just as easy as giving consent.
- You must be able to request that we delete all data stored about you permanently, including email tracking history, call records, form submissions and more.
- We must respond to the request within 30 days.
- The right to deletion depends on the context of the request, so it does not always apply.
- You must be notified that we are using cookies in laymans terms and must consent before a cooking can be set.
- ePrivacy regulation is coming soon regarding this for extra fun.
Access / Portability
- You must be able to request access to the personal data we have stored about you.
- Personal data is anything identifiable, like name, email, ip address(es).
- We need to provide a copy of the data in CSV format.
- You can also request to see and verify the lawfulness of processing (via the auditable log of consent mentioned above).
- You must be able to request modification of personal data.
- We must fulfil your received request.
- Data must be encrypted at rest
- Data must be encrypted in transit (SSL)
- Access controls to data pseudonymization and anonymization.
Notification of Changes
Please note that this GDPR Policy is subject to change from time to time. It was last reviewed 17 Apr 2018.
Applying for your data, data to be deleted or changes to your data.
This is fun because in order for us to retrieve your data you have to provide some more to us so we can A) trace your data B) verify who you are and provide only you with your own data. This also takes time and costs us money so we also ask you to help cover part of this cost (£10).