OUR PRIVACY POLICY
Definitions
​
Communication Services
East Coast Fittings Limited provisioned communications services, including East Coast Fittings Limited websites (www.ecf.co, eCommerce platforms, digital content hosting services, etc), social media sites, operational information systems, email, telephone system, mobile phone, SMS, marketing and any digital content contained in the Communication Services (e.g. photographs, videos, leaflets, brochures, price guides, etc).
“you”, “your”
Shall mean you – our lead, prospect, customer, supplier, employee or other stakeholder.
​
“we”, “us”, “ECF”, “our”
Shall mean East Coast Fittings Limited, Auster House, Rearsby Business Park, Gaddesby Lane, Rearsby. LE7 4YH is a limited company registered in England under company number 01548834
​
Background
​
ECF understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all of your data and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.
Should we ask you to provide certain information by which you can be identified when using our Communication Services, then you can be assured that it will only be used in accordance with this Privacy Policy.
​
1. Information About Us
​
East Coast Fittings Limited, Auster House, Rearsby Business Park, Gaddesby Lane, Rearsby. LE7 4YH is a limited company registered in England under company number 01548834.
​
2. What Does This Policy Cover?
​
This Privacy Policy explains how we use your personal data: how it is collected, what personal details we collect, how it is held, how we process that information, who we may share the information with and why, and your choices and rights when it comes to the personal information you have given us when you use the Communication Services. It also explains your rights under the law relating to your personal data.
​
3. What is Personal Data?
​
Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.
​
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
The personal data that we use is set out in Part 5, below.
​
4. What Are My Rights?
​
Under the GDPR, you have the following rights, which we will always work to uphold:
​
a) The right to be informed about our collection and use of your personal data. This Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the details in Part 11.
b) The right to access the personal data we hold about you. Part 10 will tell you how to do this.
c) The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in Part 11 to find out more.
d) The right to be forgotten, i.e. the right to ask us delete or otherwise dispose of any of your personal data that we have. Please contact us using the details in Part 11 to find out more.
e) The right to restrict (i.e. prevent) the processing of your personal data.
f) The right to object to us using your personal data for a particular purpose or purposes.
g) The right to data portability. This means that you can ask us for a copy of your personal data held by us to re-use with another service or business in many cases.
h) Rights relating to automated decision-making and profiling. You have the right to ask us to:
​
-
give you information about our processing of your personal information;
-
request human intervention or challenge a decision where processing is done solely by automated processes;
-
carry out regular checks to make sure that our automated decision making and profiling processes are working as they should.
For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 11.
​
Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.
​
If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
​
5. What Personal Data Do You Collect?
​
We collect information to provide better services to all our users.
​
Information you give us
​
-
Many of our Communications Services require you to enrol for an East Coast Fittings Limited account. When you do, we’ll ask for personal information like your name, address, email address, social media addresses/tags, telephone number and mobile number. Depending upon the service you request or interact with we may also ask for banking information (Bank Sort Code and Account Number) to enable digital financial transactions to be performed
Information we get from your use of our services
​
We collect information about the Communication Services that you use and how you use them, like which products you viewed, the phone calls you made or text messages you viewed. This information includes:
​
-
Login Information. When you log into one of our digital services, make a telephone call or interact with one of our digital services we automatically collect and store certain information in the services administration logs.
-
Geographic information. When you use the Communication Services, we may collect and process information about your actual location. We use various technologies to determine location, including IP address, GPS, and other sensors that may, for example, provide us with information on nearby devices, Wi-Fi access points and cell towers.
-
Device information. We collect device-specific information such as your device hardware model, operating system version, unique device identifiers (e.g. MAC Address), and network information including phone number, IP Address. These automatic identifiers are anonymous unless you provide additional information to us (such as by filling out a form on our website) that connects the automatic identifiers to you. We may associate your device with your East Coast Fittings Limited account.
-
Communication Services information. We collect information you supply in using the Communication Services and how you use them, including contact information (name, company name, physical address, email address, telephone number, mobile telephone number and social media identifiers), records of products and services browsed, purchased and requested by you, that supplied in answering surveys, requesting offers and submitting enquiries. We use cookies when you visit our websites, see section 13.
​
Information we collect when you are logged into or accessing a Communication Service, in addition to information we obtain about you, may be associated with your East Coast Fittings Limited account. When information is associated with your East Coast Fittings Limited account, we treat it as personal information.
​
Other information we collect
​
-
External web services
We may use external web services within Communications Services mostly to display content within our web pages. For example, to show videos we may use YouTube.
This is not an exhaustive or complete list of the services we use, or might use in the future, when embedding content. We cannot prevent these sites, or external domains, from collecting information on your usage of this embedded content. If you are not logged in to these external services then they will not know who you are but are likely to gather anonymous usage information e.g. number of views, plays, loads etc.
​
-
Email tracking
Some emails that we send you have no tracking in at all, for example personal correspondence or emails with invoices attached. Other emails we send we put in tracking so that we can tell how much traffic those emails send to our websites and we can track, at an individual level, whether the user has opened and clicked on the email. We rarely use the latter information at a personal level, rather we use it to understand open and click rates on our emails to try and improve them. Sometimes we do use the personal information e.g. to re-email people who didn’t click the first time.
If you want to be sure that none of your email activity is tracked then you should unsubscribe from our newsletter and marketing communications.
​
We use Mailchimp and CampaignMonitor for email marketing. To read more about their respective privacy policy click here for Mailchimp and click here for CampaignMonitor.
​
-
SMS tracking
Some SMS messages that we send you have no tracking in at all, for example notification of delivery dates. Other SMS messages we send we put in tracking so that we can tell how much traffic those SMS messages send to our websites and we can track, at an individual level, whether the user has opened and clicked on the SMS message. We rarely use the latter information at a personal level, rather we use it to understand open and click rates on our emails to try and improve them. Sometimes we do use the personal information e.g. to re-SMS message people who didn’t click the first time.
If you want to be sure that none of your SMS message activity is tracked then you should unsubscribe from our newsletter and marketing communications.
​
SMS messages use TextLocal for SMS marketing. To read more about their privacy policy, click here.
​
-
Your contact with us e.g. meetings, phone calls (including call recordings), emails / letters
-
Your visits to our locations e.g. visual images collected via closed circuit television (CCTV)
​​
6. How Do You Use My Personal Data?
​
Under the GDPR, we must always have a lawful basis for using personal data. We process your data and information because it is necessary for our performance of a contract with you, because you have consented to our use of your personal data, or because it is in our legitimate business interests to use it including:
​
-
Providing and managing your account to enable commercial trading and for us to enter into a contract with you;
-
Supplying our products and services to you;
-
Personalising and tailoring our products and services for you;
-
Communicating with you in response to your emails or telephone calls, requests for product or services promotional materials, requests for information or sales quotations, requests for alternative delivery addresses to orders and requests for meetings;
-
Contacting you by email, telephone, SMS text messaging and post with promotional communications about latest news, new services, events or other information which we think you may find interesting using the contact addresses and preferred methods of communication which you have “opt in” into;
-
Using automatic identifiers and tracking identifiers to administer, improve, analyse and personalise websites and to provide targeted advertisements;
-
Improving our services by using data to assess the effectiveness of various marketing initiatives and track the levels of sales and other engagement that result from marketing initiatives;
-
From time to time, using your information to contact you for market research and customer service purposes;
We process data based on the consent given by individuals who opt in, where required, to the Communication Services.
​
You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will always have the opportunity to opt-out.
​
We use the following automated systems for carrying out certain kinds of decision-making and profiling. If at any point you wish to query any action that we take on the basis of this or wish to request ‘human intervention’ (i.e. have someone review the action themselves, rather than relying only on the automated method), the GDPR gives you the right to do so. Please contact us to find out more using the details in Part 11.
​
-
The following automated decision-making method(s) may be used as of the published date of this Privacy Policy:
-
Intact iQ Software, to determine email addresses for communications including invoice delivery, to determine Delivery Addresses and associated contact details.
-
Mailchimp and CampaignMonitor for email marketing. If the original email/contact is not accessed/responded to, the systems will decide or otherwise to issue further automated communications. To read more about their respective privacy policy click here for Mailchimp and click here for CampaignMonitor
-
SMS messages use TextLocal for SMS marketing. If the original SMS text is not accessed/responded to, the systems will decide or otherwise to issue further automated SMS messages. To read more about their privacy policy, click here.
-
-
The following automated profiling may take place:
-
None. No automated profiling is performed as of the published date of this Privacy Policy.
-
​​
7. How Long Will You Keep My Personal Data?
​
We retain information for as long as is reasonable for the original purpose for which it was collected and for furthering our legitimate interest in marketing our products and services. In general, we retain data for marketing activities related to a customer for as long as they remain a customer. We also retain data used for marketing activities for leads and prospects for a reasonable amount of time to determine if there is any interest or engagement.
​
In all cases, you are given the right to opt out of receiving further marketing communications. In that case, we will only retain the amount of information needed to be sure we do not contact you again for direct marketing purposes.
​
8. How and Where Do You Store or Transfer My Personal Data?
​
The majority of your information is stored and processed in the UK and European Economic Area (EEA). The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein.
​
However, some of your information may be stored or processed by us or the third parties we work with outside of the EEA, including countries such as the United States. These are known as “third countries” and may not have data protection laws that are as strong as those in the UK and/or the EEA. This means that we will take additional steps to ensure that your information is protected to at least an equivalent level as would be applied by UK / EEA data privacy laws e.g. we will put in place legal agreements with our third party suppliers and do regular checks to ensure they meet these obligations.
​
9. Do You Share My Personal Data?
​
We may sometimes contract with third parties to supply products and services to you on our behalf. These third parties include:
​
-
Our product partners whose products and services you may purchase from us
-
Your employer
-
Companies we have chosen to support us in the delivery of the products and services we offer to you and other customers e.g. credit/debit card processors, parcel carriers, finance organisations, research organisations, consultancy or technology companies; or companies who can help us in our contact with you, for example an internet service provider
-
Regulators including the Information Commissioner’s Office for the UK (the ICO)
-
Credit and identity check agencies for the prevention and detection of crime
-
In some limited circumstances, we may be legally required to share certain personal data, which might include yours, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
​​
In some cases, those third parties may require access to some or all of your personal data that we hold.
​
If any of your personal data is required by a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law.
​
We may sometimes contract with third parties (as described above) that are located outside of the European Economic Area (the “EEA” consists of all EU member states, plus Norway, Iceland, and Liechtenstein). If any personal data is transferred to a third party outside of the EEA, we will take suitable steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK and under the GDPR, as explained above in Part 8.
​
10. How Can I Access My Personal Data?
​
If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”.
​
All subject access requests should be made in writing and sent to the email or postal addresses shown in Part 11. To make this as easy as possible for you, a Subject Access Request Form is available for you to use. You do not have to use this form, but it is the easiest way to tell us everything we need to know to respond to your request as quickly as possible.
​
There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
​
We will respond to your subject access request within 21 days and, in any case, not more than one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.
​
11. How Do I Contact You?
​
To contact us about anything to do with your personal data and data protection, including to make a subject access request, please use the following details for attention of the IT Department.
​
Email:
help@ecf.co
​
Telephone:
01664 424288
​
Postal:
East Coast Fittings Limited, Auster House, Rearsby Business Park, Gaddesby Lane, Rearsby. LE7 4YH.
​
12. Changes to this Privacy Policy
​
We may change this Privacy Policy from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.
​
Any changes will be made by updating this webpage and publishing a News Item on our website. You should check this web page on a monthly basis to ensure that you are happy with any changes.
​
This version of our Privacy Policy was last updated 21 May 2018.
​
13. Security
​
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
​
-
Cookies
​​
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site.
​
Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
​
Currently we operate an ‘implied consent’ policy which means that we assume you are happy with our use of cookies. If you are not happy, then you should either not use this site, or you should delete our cookies once you have visited the site, or you should browse the site using your browser’s anonymous usage setting (called “Incognito” in Chrome, “InPrivate” for Internet Explorer, “Private Browsing” in Firefox and Safari etc.)
​
We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our Communication Services in order to tailor it to customer needs. We only use this information for statistical analysis purposes.
​
Overall, cookies help us provide you with better Communication Services by enabling us to monitor which pages you find useful and which you do not.
​
A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies.
​
Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the Communication Services. If you don’t want to receive cookies, you can modify your browser so that it notifies you when cookies are sent to it or you can refuse cookies altogether. You can also delete cookies that have already been set. If you wish to restrict or block web browser cookies which are set on your device then you can do this through your browser settings; the Help function within your browser should tell you how.
​
Alternatively, you may wish to visit www.aboutcookies.org, which contains comprehensive information on how to do this on a wide variety of desktop browsers.
​
Cookies on our websites link to Google Analytics – we use this to understand how our websites are being used in order to improve the user experience. Your user data is all anonymous. You can find out more about Google’s position on privacy as regards its analytics service at http://www.google.co.uk/intl/en/analytics/privacyoverview.html
​
-
Links to Other Websites
Our Communication Services may contain links to other websites of interest for you to access at your sole discretion. However, once you have used these links to leave our Communication Services, you should note that we do not have any control over that other website. Therefore, you acknowledge and agree that, as you have chosen to enter the linked website we are not responsible for the availability of such external sites or resources, and do not review or endorse and are not responsible or liable, directly or indirectly, for (i) the protection and privacy of any information which you provide whilst visiting such sites (ii) the content of such websites, including (without limitation) any advertising, content, products, goods or other materials or services on or available from such websites or resources or (iii) the use to which others make of these websites or resources, nor for any damage, loss or offence caused or alleged to be caused by, or in connection with, the use of or reliance on any such advertising, content, products, goods or other materials or services available on such external websites or resources. You should exercise caution and look at the privacy statement applicable to the website in question.
​
14. Our Rights
​
We reserve the right to: modify or withdraw, temporarily or permanently, Communication Services (or any part thereof) with or without notice to you and confirm that we shall not be liable to you or any third party for any modification to or withdrawal of the Communication Services; and/or change the conditions from time to time, and your continued use of the Communication Services (or any part thereof) following such change shall be deemed to be your acceptance of such change. It is your responsibility to check regularly to determine whether the conditions have been changed. If you do not agree to any change to the conditions then you must immediately stop using the Communication Services.
​
You acknowledge and agree that all copyright, trademarks and all other intellectual property rights in all material or content supplied as part of the Communication Services shall remain at all times vested in us. You are permitted to use this material only as expressly authorised by us or our licensors. You acknowledge and agree that the material and content contained within the Communication Services is made available for your personal non-commercial use only and that you may (if necessary to make a Purchase) download such material and content onto only one computer hard drive for such purpose. Any other use of the material and content on the Communications Services is strictly prohibited. You agree not to (and agree not to assist or facilitate any third party to) copy, reproduce, transmit, publish, display, distribute, commercially exploit or create derivative works of such material and content.
​
15. Disclaimer
​
Due to the processes involved in creating Communication Services and especially websites the reproduction of colours cannot be guaranteed as a true likeness. It is therefore strongly recommended that physical samples of finishes be viewed before proceeding.
​
The material on our Communication Services is given for general information only, and does not constitute professional advice. You should take specific advice before taking a course of action as we do not accept directly or indirectly any responsibility for loss arising directly or indirectly from reliance on information on the Communication Services. Given that the Internet uses an open system we cannot warrant that Communication Services and downloads reach you virus-free. You must, therefore, take all appropriate precautions for your own safety. Copyright © 2018 East Coast Fittings Limited. All rights reserved.