Privacy Notice

Last Updated 13th October 2021

Data Privacy Policy – Interested Parties

WIG Engineering Ltd is committed to protecting the privacy and security of personal information belonging to our Workforce, Customers and Suppliers.  It is important to us you are confident that we collect and use personal information about you in accordance with the General Data Protection Regulation (GDPR) and data protection legislation.

Purpose

Our Privacy Notice describes our policies and procedures on the collection, use and disclosure of information from you and tells you about privacy rights and how the law protects you

Controller

WIG Engineering Ltd (collectively referred to as "we", "us" or "our" in this privacy notice) is a “data controller”. This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in our privacy policy.

Contact Details

We have appointed a Data Privacy Officer who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the Data Privacy Officer using the details set out below.

Data Privacy Officer
WIG Engineering Ltd
Barnfield
Akeman Street
Chesterton
Bicester
OXON
OX26 1TH
Info@wigsteel.co.uk

If you have concerns with our Privacy Policy you have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.

Data collected

Our Data Inventory specifies the legal basis for collecting, holding and processing data as stated in GDPR. The legal basis specified are;

Unambiguous Consent
You will have freely given consent for us to process your data and are in-charge of your privacy by positively specifically opting-in.

Legal Obligation
We will rely on this basis to process data where we need to comply with the law.

Legitimate Business Interest
We will rely on this basis where we have identified a legitimate business interest, are able to prove the processing is necessary and have compared the use against the subject’s rights, freedoms and interests.

Vital Interests
We will rely on this basis only for the protection of life. Where we can, we will rely on a less intrusive basis to achieve the same outcome where consent could not be given.

Public Task
We will use this basis to process data collected in-order to inform or protect the public.

Contractual necessity
We will rely on this basis where we need to collect personal data in-order to enter or fulfil a contract.

Categories of Data

We will collect, store, and use the following categories of personal information about you:

  • Identity and contact data (including name, title, address, telephone numbers, email addresses)
  • Contract and Trading Information and related correspondence
  • Financial and Transactional information
  • Marketing Information
  • Performance and Quality Information
  • Other information we are required to hold on by law
  • CCTV Footage from our premises

Data Processors – Third Parties

We may, on occasions, share your information with third parties for the purposes of offering you the services in question or operating the business. Where we share your information, we will take all reasonable care to ensure your data is handled in accordance with GDPR and will make due-diligence checks on the third parties in question. Some examples of the categories of third parties with whom we share your data are;

  • Our IT Company
  • Payment processing
  • Government Agencies and Departments
  • Insurance Companies
  • Credit Reference Providers
  • Regulatory Bodies
  • Any other company to enable the performance of a contract between the parties

We will only share the information that is required in order to carry out the service provided.

Please Note: Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every website you visit.

Storage of Data

Your data may be stored electronically, in hard copy or both. We will endeavour to ensure your data;

  • is accurate and suitable for the purpose for which it is processed.
  • stored in a secure manner by means of encryption, password protected or in locked filing systems if in hard copy format.
  • accessed only by those persons or organisations that need to know and are authorised to use your data.

Retention of Data

We will retain your personal data only for as long as is necessary to fulfil the purposes we originally collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
We may retain your personal data for longer in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect of our relationship with you.

Right to be informed

You have the right to be informed about the collection and use of your personal data under GDPR. We have created this Privacy Notice and our Data Inventory to fulfil our obligations.

Right to Access, Rectification, Right to Erasure, Right to Object, Right to Portability

You have the right to:

  • request access to, and a copy of, your personal information.
  • request correction of the personal information that we hold about you.
  • request that we delete your personal information.
  • object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
    • you also have the right to object where we are processing your personal information for direct marketing purposes.
  • Request portability of your personal information.

If you believe we have not complied with your rights, you can complain to the Information Commissioner.

Breaches of GDPR

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We will record all data breaches regardless of their effect.

If we discover that there has been a breach of GDPR we will takes the steps in accordance with legislation

Policy Maintenance

This Notice is available on our website www.wigsteel.co.uk and reviewed regularly.