Multipanel® is a trademark of Grant Westfield Limited
Purpose of the policy notice
The policy sets out the various areas where user data is concerned and outlines the obligations and requirements of the users and controllers. This includes the way this website (http://www.grantwestfield.co.uk) processes, stores and protects user data. We hope you will take time to read it carefully.
The following principles are followed with when processing personal data:
• Data is processed fairly and lawfully
• Data is processed only for specified and lawful purposes
• Processed data is adequate, relevant and not excessive
• Processed data is accurate and, where necessary, kept up to date
• Data is not kept longer than necessary
• Data is processed in accordance with an individual's consent and rights
• Data is kept secure
• Data is not transferred to countries outside of the European Economic Area (‘EEA’) without adequate protection
Lawful basis of processing data
The lawful basis of processing of data will always be determined prior to any data being processed. Grant Westfield Limited processes personal data under one, or more, of the following lawful bases in accordance with GDPR:
Consent – the individual has given their consent to the processing of their personal data.
Contractual – processing of personal data is necessary for the performance of a contract to which the individual is a party, or for Grant Westfield Limited to takepre-contractual steps at the request of the individual.
Legal Obligation – processing of personal data is necessary for compliance with a legal obligation to which Grant Westfield Limited is subject.
Legitimate Interests – processing of personal data is necessary under the Legitimate Interests of Grant Westfield Limited or a Third Party, unless these interests are overridden by the individual’s interest or fundamental rights.
Types of personal data collected
The type of personal data collected may include:
- Identity Data includes; first name, last name, username or similar identifier marital status, title, date of birth and gender.
- Contact Data includes; billing address, delivery address, email address and telephone numbers.
- Financial Data includes credit history, bank account and payment card details.
- Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- Profile Data includes your username and password, purchases or orders made by you, your preferences, feedback and survey responses.
- Usage Data includes information about how you use our website, products and services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
- Surveillance and Security Data will include your physical identity recorded on cameras used to monitor our premises.
How personal data is collected
Personal Data is obtained from one or more of the following:
• Use of social media
• Use of Google Analytics
• Website cookies
• Subscription to Company updates and promotions
• Parties entering into agreements
• Requests for information about products
• Employment inquiries
Why personal data is collected
Personal data is collected to provide legitimate business services which include:
• For Marketing purposes
• For us to review and reply to your enquiry
• To provide an opinion for a product or service you have requested
• To meet our statutory monitoring and reporting responsibilities
• To handle and communicate orders, billings and payment, delivery of products and services
How personal data is used
Personal data may be used to:
• Process orders, process a request for further information, to maintain records and to provide pre- and after-sales service;
• Carry out security checks (this may involve passing your details to our Identity Verification partners, who will check details we give them against public and private databases - this helps to protect us from credit risk and both you and us from fraudulent transactions);
• Comply with legal requirements;
• Assist third parties to carry out certain activities, such as processing and sorting data, monitoring how customers use our site and issuing our emails for us;
• Notify you of changes to our services;
• Send you communications which you have requested and that may be of interest to you. These may include information about product updates and newsletters;
• Inform you of various promotions, goods and services that may be of interest to you. You may be contacted by post, email, telephone, SMS or such other means with carefully selected marketing communications we deem relevant to send to you in the legitimate interests of Grant Westfield Limited as a building material manufacturer.
Each marketing communication sent to you will provide you with the option to unsubscribe;
• Process a job application;
• Create a profile of your interests and preferences so that we can contact you with information relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively.
Where personal data is stored
Information collected is stored on the Company's ERP and server storage system.
How long personal data is stored for.
We review our retention periods for personal data on a regular basis. We are legally required to hold some types of information to fulfill our statutory obligations. We will hold your personal data on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.
Who has access to personal data?
Only Grant Westfield Limited and its subsidiaries employees are granted access to customer data. This is ensured by the use of operational processes and procedures.
How we protect your data
Grant Westfield Limited and its subsidiaries employees are trained on security systems and relevant processes and procedures which are reviewed regularly for ongoing effectiveness and suitability for purpose. Employees are notified and/or reminded about the importance we place on privacy, and what they are required to do to ensure that information is protected.
All IT systems are kept in a secure environment with appropriate access controlled
Non-sensitive details (your email address and other requested information) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.
We will not sell or rent your information to third parties.
Third Party Service Providers working on our behalf:
We may pass your information to our third party service providers, agents, subcontractors and other associated organisations for the purposes of completing tasks and providing services to you on our behalf. However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure.
Third Party Service Providers working on our behalf:
We may transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party including for a merger, acquisition, divestiture, or similar transaction or as part of any business restructuring or reorganisation.
We may also further transfer data if we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to law enforcement. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.
Different rules apply depending on the type of Lawful Processing being undertaken, however many of the following individuals’ rights apply whatever the basis of processing:
• The right to be informed how personal data is processed,
• The right of access to their personal data,
• The right to rectification,
• The right to erasure,
• The right to restrict processing,
• The right to data portability,
• The right to object,
• Rights in relation to automated decision making and profiling.
The accuracy of your information is important to us. We’re working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change email address, or any of the other information we hold is inaccurate or out of date, please email us at: firstname.lastname@example.org, or write to us at: FAO Marketing Department, Grant Westfield Limited, Westfield Avenue, Edinburgh, EH11 2QH. Alternatively, you can telephone +44(0)131 290 2862.
You can request that your data is updated and/or deleted at any time, unless Grant Westfield Limited can justify that it is retained for legitimate business or legal purpose. When updating your personal data, you may be asked to verify your identity before your request can be actioned.
You can change your marketing preferences at any time by calling our Marketing department on 0131 337 6262, or by emailing email@example.com, or by clicking on the “Unsubscribe” link.
This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies with all EU and UK national laws and requirements for user data processing and privacy.
Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from this website onto their computer’s hard drive they should take necessary steps within their web browser’s security settings to block all cookies from this website and its external serving vendors.
Other cookies may be stored to your computer’s hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.
Contact & communication
Users contacting this website and/or its owners do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use, as detailed in the Data Protection Regulations 2018. Every effort has been made to ensure a safe and secure form to email submission process, but users using such form to email processes do so at their own risk.
This website and its owners use any information submitted to provide you with further information about the products and services they offer or to assist you in answering any questions or queries you may have submitted. This includes using your details to subscribe you to any email newsletter program the website operates but only if this was made clear to you and your express permission was granted when submitting any form to email process. Or whereby you, the consumer, have previously purchased from or enquired about purchasing from the company a product or service that the email newsletter relates to. This is by no means an entire list of your user rights regarding receiving email marketing material.
Although this website only looks to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout this website. (External links are clickable text/banner/image links to other websites, like; www.multipanel.co.uk.]
The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should, therefore, note they click on external links at their own risk and this website and its owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Adverts and sponsored links
This website may contain sponsored links and adverts. These will typically be served by our advertising partners, to whom may have detailed privacy policies relating directly to the adverts they serve.
Social media platforms
Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are customs to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate or engage with them with due care and caution regarding their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
Shortened links in social media
This website and its owners through their social media platform accounts may share web links to relevant web pages. By default, some social media platforms shorten lengthy URLs [web addresses] (this is an example: http://bit.ly/1kSOTkD).
Users are advised to take caution and good judgment before clicking any shortened URLs published on social media platforms by this website and its owners.
Despite the best efforts to ensure only genuine URLs are published many social media platforms are prone to spam and hacking, and therefore this website and its owners cannot be held liable for any damages or implications caused by visiting any shortened links.
Resources & further information
• General Data Protection Regulation (EU) 2016/679
• The Data Protection Act 2018
• ICO Data Protection advice for the public
• Privacy and Electronic Communications Regulations 2003
• Privacy and Electronic Communications Regulations 2003 - The Guide
We keep this Policy under regular review.
V.3.0 updated May 2018.
t. +44(0)131 337 6262
f. +44(0)131 337 2859