Protecting personal details on our website.
Last updated: 4th June 2018
ABC4D Ltd is a data controller and is registered with the Information Commissioner’s office (registration number ZA299110).
The Website is brought to you by ABC4D Ltd. We believe it is important to protect your Personal Data and we are committed to giving you a service that meets your needs in a way that also protects your privacy. This policy explains how we may collect Personal Data about you.
Some of the Personal Data we hold about you may be ‘special category personal data’ within the meaning of the General Data Protection Regulation, for example, information about your health or ethnic origin.
We are committed to ensuring that your personal data is processed in accordance with data protection law and we will only process your data where: -
- it is processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);
- it is collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes; (‘purpose limitation’)
- it is all adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed; (‘data minimisation’)
- it is all accurate and, where necessary, kept up to date and that reasonable steps will be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’)
- it is kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; (‘storage limitation’)
- it is processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).
- we collect and process the personal data only where it is necessary for the purpose or purposes that it has identified in advance.
We will ensure that all staff who handle personal data are aware of their responsibilities under this policy and other relevant data protection and information security policies and that they are adequately trained and supervised. Proceedings may be taken in respect of any employees who breach this policy.
We will: -
- ensure that the legal basis for processing the personal data is identified in advance, including any special category data;
- ensure that as far as possible the personal data we hold is accurate;
- only process your data for as long as is it required for its purposes and then it will be securely disposed of or deleted. Our Data Retention Policy sets out the appropriate period of time;
- will provide anyone who we collect personal data from with information on why we are asking for that data and what we intend to do with it.
- not do anything with personal data that is unexpected given the content of this policy at the time it is provided.
- ensure that appropriate security is in place in relation to personal data held in paper and digital formats.
We may collect Personal Data about you from a number of sources, including the following:
- From you when you agree to take a service or product from us, in which case this may include your name, contact details, date of birth, how you will pay and your bank details.
- From you when you contact us with an enquiry or in response to a communication from us, in which case, this may tell us something about how you use our services.
- We will also collect personal data from you when we are providing our services, for example, when you receive a scan. The data collected from you at this stage will include some special category data relating to your health, including whether or not you are pregnant, any conditions or illnesses which may affect your pregnancy and your baby, the sex, size and any identifiable medical condition or physical attribute of your baby
If you do not provide us with personal data where you have entered into a contract with us, failing to do so may mean that we are unable to properly implement the contract and that you are unable to exercise certain contractual rights.
Using Your Personal Information
- Personal Data about our customers is an important part of our business and we shall only use your Personal Data for the following purposes and shall not keep such Personal Data longer than is necessary to fulfil these purposes:
- To help us to identify you when you contact us.
- To provide the products and services you have selected
- To help to prevent and detect fraud or loss.
- We may monitor and record communications with you (including phone conversations and emails) for quality assurance and compliance.
- We may check your details with fraud prevention agencies, if we suspect fraud. If you provide false or inaccurate information and we suspect fraud, we will record this.
Where you have purchased a product or service from us we will process your personal data in order to meet our obligations and exercise our rights in terms of that contract. In other cases, we will have a legitimate interest to process personal data prior to entering into an agreement with you or to respond to your requests for information.
Where we collect special category data about you, we will do so as healthcare professionals providing healthcare and we are bound by professional duties of confidentiality/with your consent.
There may be some occasions where we seek your consent to process personal data but where we do so we will provide full details of what we are seeking consent for, so that you will be able to carefully consider whether to provide that consent.
- We may allow other people and organisations to use Personal Data we hold about you in the following circumstances:
- If we, or substantially all of our assets, are acquired or are in the process of being acquired by a third party, in which case Personal Data held by us, about our customers, will be one of the transferred assets, in which case your personal data will be subject to confidentiality agreements.
- If we are required to do so by law.
We will share your data within our organisation with members of staff who need access to that data in order to provide our products or services. We will also share your data with contractors and service providers engaged by us who process data on our behalf –our server and cloud storage providers, IT providers, and Trustpilot. Where we do this, we have the appropriate contractual arrangements in place to safeguard your personal data.
Your information will be stored in hard copy in files which are stored in a locked cabinet and in our secure IT system.
We have strict security measures to protect Personal Data.
- We work to protect the security of your information during transmission by using Secure Sockets Layer (SSL) software, which encrypts information you input.
- We reveal only the last five digits of your credit card numbers when confirming an order. Of course, we transmit the entire credit card number to the appropriate credit card company during order processing.
- We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personally identifiable customer information. Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to you.
- It is important for you to protect against unauthorised access to your password and to your computer. Be sure to sign off when you finish using a shared computer.
We will only hold your personal data for as long as is necessary to deliver our products and services to you. The periods for which your personal data is stored are set out in our data retention policy which is available from Data Protection Officer at firstname.lastname@example.org.
As a data subject, you have a number of rights. These are:-
- access and to obtain a copy of your data on request;
- require Exchange to change incorrect or incomplete data;
- require Exchange to delete or stop processing your data, in certain circumstances;
- object to the processing of your data where Exchange is relying on its legitimate interests as the legal ground for processing;
- portability; and
- right to object to automated decision making.
If you would like to exercise any of these rights, or if you have any concerns about how your personal data is being processed, please contact, Data Protection Officer at email@example.com .
If you have any queries or complaints, we hope that we can resolve these with you and our Data Protection Officer can be contacted at firstname.lastname@example.org in relation to any issues you have.
If you believe that we have not complied with your rights or if we have been unable to resolve any complaint, you can complain to the Information Commissioner’s Office:-
Information Commissioner’s Office
0303 123 1113
- If you communicate with us using the internet, we may occasionally email you about our services and products where you have purchased products or services from us and where you have not opted out of receiving these emails. You can also always send us an email (at the address set out below) at any time if you change your mind.
- Please remember that communications over the internet, such as emails and webmails (messages sent through a website), are not secure unless they have been encrypted. Your communications may go through a number of countries before they are delivered – this is the nature of the internet. We cannot accept responsibility for any unauthorised access or loss of Personal Data that is beyond our control.
Last updated: 4th June 2018
When we provide services, we want to make them easy, useful and reliable. This sometimes involves placing small amounts of information on your computer. These are called ‘cookies’.
These cookies cannot be used to identify you personally and are used to improve services for you, for example through:
– Letting you navigate between pages efficiently
– Enabling a service to recognise your computer so you don’t have to give the same information during one task
– Recognising that you have already given a username and password so you don’t need to enter it for every web page requested
– Measuring how many people are using services, so they can be made easier to use and that there is enough capacity to ensure they are fast
See allaboutcookies.org or www.youronlinechoices.eu to learn more about cookies.
Visit www.google.co.uk/goodtoknow/data-on-the-web/cookies for a video about cookies.
Users typically have the opportunity to set their browser to accept all or some cookies, to notify them when a cookie is issued, or not to receive cookies at any time. The last of these options, of course, means that personalised services cannot be provided and the user may not be able to take full advantage of all of a website’s features. Refer to your browser’s Help section for specific guidance on how it allows you to manage cookies and how you may delete cookies you wish to remove from your computer.
Multiple cookies may be found in a single file depending on which browser you use.
The cookies used on this website have been categorised based on the categories found in the ICC UK Cookie guide, as follows:
Category 1: strictly necessary cookies
These cookies are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website. Without these cookies services you have asked for, like shopping baskets or e-billing, cannot be provide