This privacy policy is for Norcros Group (Holdings) Ltd T/A Grant Westfield and governs the privacy of its users and the processing of personal information.
The policy sets out the various areas where user data is concerned and outlines the obligations and requirements of the users and controllers. This includes the way websites process, store and protect user data. We hope you will take time to read it carefully.
The following principles are followed with when processing personal data:
The lawful basis of processing of data will always be determined prior to any data being processed. Grant Westfield processes personal data under one, or more, of the following lawful bases in accordance with GDPR:
The type of personal data collected may include:
Personal Data is obtained from one or more of the following:
Personal data is collected to provide legitimate business services which include:
Personal data may be used to:
The data collected from you will usually be stored within the European Economic Area (EEA). However, if you live or work outside of the EEA, we may need to transfer your personal data outside of the EEA to provide our services to you. Where this applies, we will take all steps reasonably necessary to ensure your data is treated securely and in accordance with this privacy notice.
Grant Westfield review retention periods for personal data on a regular basis. We are legally required to hold some types of information to fulfill our statutory obligations. We will hold your personal data on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.
Only Grant Westfield and its subsidiaries employees are granted access to customer data. This is ensured using operational processes and procedures.
Grant Westfield and its subsidiaries employees are trained on security systems and relevant processes and procedures which are reviewed regularly for ongoing effectiveness and suitability for purpose. Employees are notified and/or reminded about the importance we place on privacy, and what they are required to do to ensure that information is protected.
All IT systems are kept in a secure environment with appropriate access controls.
Non-sensitive details (your email address and other requested information) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.
We will not sell or rent your information to third parties.
We may pass your information to our third-party service providers, couriers, agents, subcontractors and other associated organizations’ for the purposes of completing tasks and providing services to you on our behalf. However, when we use third party service providers, we disclose only the personal information that is necessary to deliver the service and we have a contract in place that requires them to keep your information secure.
We may transfer your personal information to a third party as part of a sale of some or all our business and assets to any third party including for a merger, acquisition, divestiture, or similar transaction or as part of any business restructuring or reorganisation.
We may also further transfer data if we are under a duty to disclose or share your personal data to comply with any legal obligation or to law enforcement. However, we will take steps with the aim of ensuring that your privacy rights continue to be protected.
Different rules apply depending on the type of Lawful Processing being undertaken, however many of the following individuals’ rights apply whatever the basis of processing:
The accuracy of your information is important to us. We’re working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change email address, or any of the other information we hold is inaccurate or out of date, please email us at: marketing@grantwestfield.co.uk, or write to us at:
FAO Marketing Department
Grant Westfield
Westfield Avenue
Edinburgh, EH11 2QH.
Alternatively, you can telephone +44(0)131 290 2862.
You can request that your data is updated and/or deleted at any time, unless Grant Westfield can justify that it is retained for legitimate business or legal purpose. When updating your personal data, you may be asked to verify your identity before your request can be actioned.
You can change your marketing preferences at any time by calling our Marketing department on +44(0)131 290 2862, or by emailing marketing@grantwestfield.co.uk, or by clicking on the “Unsubscribe” link.
All websites operated by Grant Westfield take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. Our websites comply with all EU and UK national laws and requirements for user data processing and privacy.
Websites operated by Grant Westfield use cookies to better the user’s experience while visiting the website. Where applicable the website uses a cookie control system allowing the user (on their first visit to the website and in the footer) to allow or disallow the use of cookies on their computer or device. This complies with recent legislation requirements for websites to obtain explicit consent from users before leaving behind or reading files such as cookies on a user’s computer or device. Cookies are small files saved to the user’s computer’s hard drive that track, save, and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
Users are advised that if they wish to deny the use and saving of cookies from the website onto their computer’s hard drive, they should take necessary steps within their web browser’s security settings to block all cookies from the website and its external serving vendors.
The websites use tracking software to monitor visitors to better understand how they use the websites. This software is provided by third party analytics services which uses cookies to track visitor usage. The software will save a cookie to your computer’s hard drive to track and monitor your engagement and usage of the website, but will not store, save, or collect personal information.
Google advertising cookies are used for cross-device tracking and remarketing purposes. This enables the website host to better understand how users interact with the website and allows Grant Westfield to implement better advertising and reporting strategies across different devices. The data collected from the website is associated with Google information from accounts of signed-in users who have given their consent for ads personalisation. This may include a user’s location, YouTube history, and Google’s partner sites. All data collected for these purposes is aggregated and anonymised. Users can opt out any time by using the Google Analytics Opt-out Browser Add-on.
This website also uses cookies and pixel tags to collect aggregated data about user traffic and interactions. This, in return, helps us understand trends and improve our marketing strategies. The data collected does not directly identify you. However, it can be used by our third-party services to create remarketing campaigns.
Other cookies may be stored to your computer’s hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved, or collected.
Grant Westfield utilises Force24’s marketing automation platform.
Force24 cookies are first party cookies and are enabled at the point of cookie acceptance on this website. The cookies are F24_autoID and F24_personID.
They allow us to understand our audience engagement thus allowing better optimisation of marketing activity.
f24_autoId – This is a temporary identifier on a local machine or phone browser that helps us track anonymous information to be later married up with f24_personid. If this is left anonymous it will be deleted after 6 months. Non-essential, first party, 10 years, persistent.
f24_personId – This is an ID generated per individual contact in the Force24 system to be able to track behaviour and form submissions into the Force24 system from outside sources per user. This is used for personalisation and ability to segment decisions for further communications. Non-essential,
first party, 10 years, persistent.
The information stored by Force24 cookies remains anonymous until:
Our website is visited via clicking from an email or SMS message, sent via the Force24 platform and cookies are accepted on the website.
A user of the website completes a form containing email address from either your website or your Force24 landing pages.
The Force24 cookies will remain on a device for 10 years unless they are deleted.
We also use similar technologies including tracking pixels and link tracking to monitor your viewing activities.
All emails have a tracking pixel (a tiny invisible image) with a query string in the URL. Within the URL we have user details to identify who opened an email for statistical purposes.
All links within emails and SMS messages sent from the Force24 platform contain a unique tracking reference, this reference help us identify who clicked an email for statistical purposes.
For more information on how we use and store cookies, please visit our cookie policy.
Users contacting this website and/or its owners do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use, as detailed in the Data Protection Regulations 2018. Every effort has been made to ensure a safe and secure form to email submission process, but users using such form to email processes do so at their own risk.
Grant Westfield uses any information submitted to provide you with further information about the products and services they offer or to assist you in answering any questions or queries you may have submitted. This includes using your details to subscribe you to any email newsletter program the website operates but only if this was made clear to you and your express permission was granted when submitting any form to email process. Or whereby you, the consumer, have previously purchased from or enquired about purchasing from the company a product or service that the email newsletter relates to. This is by no means an entire list of your user rights regarding receiving email
marketing material.
Although the website only looks to include quality, safe and relevant external links, users are advised to adopt a policy of caution before clicking any external web links mentioned throughout the website. External links are clickable text/banner/image links to other websites.
Grant Westfield cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should, therefore, note they click on external links at their own risk and Grant Westfield cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Websites may contain sponsored links and adverts. These will typically be served through our advertising partners, to whom may have detailed privacy policies relating directly to the adverts they serve.
Clicking on any such adverts will send you to the advertiser’s website through a referral program which may use cookies and will track the number of referrals sent from the website. This may include the use of cookies, which may in turn be saved on your computer’s hard drive. Users should therefore note they click on sponsored external links at their own risk and Grant Westfield cannot be held liable for any damages or implications caused by visiting any external links mentioned.
Communication, engagement, and actions taken through external social media platforms are custom to the terms and conditions as well as the privacy policies held with each social media platform
respectively.
Users are advised to use social media platforms wisely and communicate or engage with them with due care and caution regarding their own privacy and personal details. Grant Westfield will never ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
The website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.
Grant Westfield, through their social media platform accounts, may share web links to relevant web pages. By default, some social media platforms shorten lengthy URLs [web addresses] (this is an example: http://bit.ly/1kSOTkD).
Users are advised to take caution and good judgment before clicking any shortened URLs published on social media platforms by this website and its owners. Despite the best efforts to ensure only genuine URLs are published many social media platforms are prone to spam and hacking, and therefore Grant Westfield cannot be held liable for any damages or implications caused by visiting any shortened links.
Norcros Group (Holdings) Ltd T/A Grant Westfield.
Westfield Avenue
Edinburgh
EH11 2QH
t. +44(0)131 290 2862
f. +44(0)131 337 9241
e. marketing@grantwestfield.co.uk
This policy will be reviewed annually and revised as required.
Issued 05/06/2024