Who is responsible for your personal data?
Interco Contracts is responsible for your personal data. This means that we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information contained in this privacy notice.
Which personal data do we collect?
The personal data we collect may include:
- Contact information that you provide to us, such as your name, job title, postal address, including your home address where you have provided this to us, business address, telephone number, mobile phone number, fax number and email address;
- Payment data, such as data necessary for processing payments and fraud prevention, including credit/debit card numbers, security code numbers and other related billing information;
- Further business information necessarily processed in a project or client contractual relationship with Interco Contracts or voluntarily provided by you, such as instructions given, payments made, requests and projects;
How do we collect your personal data?
We may collect personal data about you in a number of circumstances, including
- When you or your organisation seek advice or contracted building work from us;
- When you or your organisation browse, make an enquiry or otherwise interact on our website;
- When you or your organisation offer to provide or provide services to Interco Contracts.
Are you required to provide personal data?
As a general principle, you will provide us with your personal data entirely voluntarily; there are generally no detrimental effects for you if you choose not to consent or to provide personal data. However, there are circumstances in which Interco Contracts cannot take action without your personal data, for example because this personal data is required to process your instructions or orders. In these cases, it will unfortunately not be possible for us to provide you with what you request without the relevant personal data and Interco Contracts will notify you accordingly.
For which purposes will we use your personal data?
We may use your personal data for the following purposes only (“Permitted Purposes“):
- Providing advice, completed projects or things you may have requested as instructed or requested by you or your organisation;
- Managing and administering your or your organisation’s business relationship with Interco Contracts, including processing payments, accounting, auditing, billing and collection, support services;
- To analyse and improve our services and communications to you;
- For professional indemnity insurance purposes;
- For monitoring and assessing compliance with our policies and standards;
- To identify persons authorised to trade on behalf of our clients, customers, suppliers and/or service providers;
- For any purpose related and/or ancillary to any of the above or any other purpose for which your personal data was provided to us.
Where you have expressly given us your consent, we may process your personal data also for the following purposes:
- Communicating with you through the channels you have approved to keep you up to date on the latest developments, announcements, and other information about Interco Contracts services.
- Customer surveys, marketing campaigns, market analysis or other promotional activities or events; or
- Collecting information about your preferences to create a user profile to personalise and foster the quality of our communication and interaction with you (for example, by way of newsletter tracking or website analytics).
With regard to marketing-related communication, we will – where legally required – only provide you with such information after you have opted in and provide you the opportunity to opt out anytime if you do not want to receive further marketing-related communication from us.
We will not use your personal data for taking any automated decisions affecting you or creating profiles other than described above.
Depending on for which of the above Permitted Purposes we use your personal data, we may process your personal data on one or more of the following legal grounds:
- Because processing is necessary for the performance of a client instruction or other contract with you or your organisation;
- To comply with our legal obligations (e.g. to keep records for tax purposes); or
- Because processing is necessary for purposes of our legitimate interest or those of any third party recipients that receive your personal data, provided that such interests are not overridden by your interests or fundamental rights and freedoms.
In addition, the processing may be based on your consent where you have expressly given that to us.
With whom will we share your personal data?
We may share your personal data in the following circumstances:
- We may use aggregated personal data and statistics such as Google Analytics for the purpose of monitoring website usage in order to help us develop our website and our services.
Otherwise, we will only disclose your personal data when you direct us or give us permission, when we are required by applicable law or regulations or judicial or official request to do so, or as required to investigate actual or suspected fraudulent or criminal activities.
Personal data about other people which you provide to us
Keeping personal data about you secure
We will take appropriate technical and organisational measures to keep your personal data confidential and secure. Personal data may be kept on our personal data technology systems, those of our third-party suppliers as above or in paper files.
We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Transferring your personal data outside the EU
We do not anticipate transferring your data outside the EU. We will seek your specific consent in the event this is necessary, unless this is required in order to comply with a legal obligation.
Updating personal data about you
If any of the personal data that you have provided to us changes, for example if you change your email address or if you wish to cancel any request you have made of us, or if you become aware we have any inaccurate personal data about you, please let us know by sending an email to firstname.lastname@example.org. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete Personal Data that you provide to us.
For how long do we retain your personal data?
Your personal data will be deleted when it is no longer reasonably required for the Permitted Purposes or you withdraw your consent (where applicable) and we are not legally required or otherwise permitted to continue storing such data.
Rights of access, correction, erasure, and restriction
Under certain circumstances, by law you have the right to:
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party.
- Where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
If you wish to do any of the above, please send an email to email@example.com. We may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorised disclosure of data. We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your data, and for any additional copies of the personal data you request from us.
We will consider any requests or complaints which we receive and provide you with a response in a timely manner. If you are not satisfied with our response, you may take your complaint to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.
How to get in touch with Interco Contracts