Privacy Policy

Updated May 2018


Who we are:


Maldon Structural & Plant Hire Ltd

3 Woodland Cottage
Main Road
Bicknacre
Chelmsford
Essex
CM3 4HW

Tel: 07583-118834
Email: ?enquiries@maldonstructural.co.uk

Company Reg No. 9375897
VAT Reg No. GB 229 760 583


What rights you have over your data:


If you have an account on this site, have left comments, filled out and submitted one of our booking, enquiry or contact forms, then you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.


See the Privacy Centre 


What personal data we collect and why we collect it


Whenever we collect anonymous information, or you provide personal information, we will treat that information in accordance with our Privacy Policy.


We collect a varied amount of information.


Some of the information will allow us to identify you (PII - Personable Identifiable Information), such as name, email address, postcode, phone number etc. But only if you input this information yourself.


Such purposes for collection could be: customer service, marketing, or the booking of our services etc.


Some information collected, is obtained anonymously. We use web technologies, such as cookies, that automatically track and log data. For detailed information, please see our Cookies Policy here.


Such purposes for collection could be: in the technical administration of this website, to enhance your experience of this site (a better browsing experience), improve our website, marketing, targeted advertising (AdWords + Facebook), A/B testing etc.


We also record anonymous data, so we can improve our website, some of the things record in this way are: web traffic statistics (through Google Analytics).


Please note: your personal data shall not be disclosed to state institutions and authorities, except if required to by law.


The personal information we obtain and the anonymous information we collect, who this data is shared with and how it is processed is listed below:


WordPress


This website is built on top of the WordPress platform.


By default, WordPress does not collect any personal data about visitors, and only collects the data shown on the User Profile screen from registered users.


To find out more, visit:


https://automattic.com/automattic-and-the-general-data-protection-regulation-gdpr/


We employ strong password policies to stop unauthorised access to WordPress (and ultimately this website).


Please see Contact forms, Gravity Forms below for more information.


Thrive Themes


ABS Technical Services uses Thrive Themes for the build of the website, the marketing (pop-ups, banners etc.) and A/B testing.


This is achieved through three website WordPress Plugins. These are:


Thrive Architect - Website Design

Thrive Leads - Marketing

Thrive Optimize - A/B Testing


All these Plugins are now designed so that any cookies that are stored, are stored in a way that does not store any PII - Personable Identifiable Information.


To find out more, visit:


https://thrivethemes.com/


https://thrivethemes.com/gdpr-features/


Analytics


Google


https://policies.google.com/privacy/


https://privacy.google.com/businesses/compliance/


Google Tag Manager (GTM)


ABS Technical Services Ltd uses Google Tag Manager for the implementation of Google Analytics & other marketing products.


Google Tag Manager is a solution for managing tags. Tags are snippets of code which are added to a website to collect information and send it to Third Parties.


GTM is an easy way of adding other Third-Party products to our site, including Google Analytics. We may add things like AdWords Conversion Tracking and Remarketing, Bing Ads Conversion Tracking and Remarketing, Hotjar and the Facebook Pixel in the future. We will update this Policy and ask for consent again if we do.


The conversion tracking tags that are installed via GTM, read cookies and send them back to the Third Parties. 


We have turned on the IP Anonymization feature in Google Tag Manager. So, all information sent to Third Parties is sent anonymously. 


Each Third-Party Tag we have added via Google Tag Manger is listed below in this Privacy Policy.


To find out more, visit:


https://www.google.com/analytics/tag-manager/use-policy/


Universal Analytics (Google):


These cookies are used to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website. The cookies collect information in an anonymous form, including the number of visitors to the website, where visitors have come to the website from and the pages they visited. The reports also contain location information. But this still is anonymous. See our Cookie Policy for more information.


To find out more, visit:


https://support.google.com/analytics/answer/6004245


https://privacy.google.com/businesses/compliance/


https://www.google.com/analytics/terms/us.html


Who we share your data with


Below is a list of Third Party Data Processors we share your data with, and why.


We have Data Controller/Data Processor contracts with all below. The contracts and the company?s compliance with the GDPR is reviewed at regular intervals.


Krystal Hosting Ltd, (trading as Smart Hosting) Alta Vista, Higher Warberry Road, Torquay, Devon, TQ1 1SD 


This is our hosting provider. Where we host our website https://www.abs-technicalservices.com/


The servers are based in the UK.


Every function on our website is processed on Krystal Hosting Servers. Any information you input into our forms on this website is processed and held on Krystal Hosting Servers. All the code for cookies, pixels & tags will be processed on their servers.


This websites Database is also held on Krystal Hosting's Servers. Your PII will be held in this database for a limited time. The database is also secured with strong password policies.


Please see How long we retain your data Contact forms below for more info on the information that is held, how it is processed and how long it is kept.


Krystal Hosting is fully GDPR compliant. 


They have in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, they limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.


Contact:


Name: David Kimberley (Data privacy manager)
Postal address: Alta Vista, Higher Warberry Road, Torquay, Devon TQ1 1SD
Telephone number: 020 8050 1337


To find out more about how Privacy is handled, visit:


https://www.bestwebhosting.co.uk/privacy.php


Lawful Basis:


Our Lawful basis for processing your data under GDPR is Legitimate Interests. Our website can only function by being on Krystal Hosting's Servers. If you wish to make an enquiry or a booking via our website, then you must input your information and submit it to us. This processing must be completed on Krystal Hosting's Servers. 


?Microsoft Office 365 cloud data storage & exchange email


We use Microsoft Office 365 Cloud Solutions to store some of your personal data. Specifically, we use Microsoft Exchange for the transmission and storage of emails.


The personal data you enter in to one of our booking, enquiry, or contact forms, is sent to us via email. Your data in processed by Microsoft's Exchange email servers that are based in the UK. We then receive these emails at our offices. They are reviewed and processed by our staff who are trained in Data Compliance and Security. The type of processing depends on which form you have submitted. Please see Contact forms below for more information. There are retention policies on how long we keep your emails. Please see How long we retain your data below.


Microsoft has robust policies, controls, and systems built into Office 365 to help keep your information safe.


Office 365 uses service-side technologies that encrypt customer data at rest and in transit. For customer data at rest, Office 365 uses volume-level and file-level encryption. For customer data in transit, Office 365 uses multiple encryption technologies for communications between data centres and between clients and servers, such as Transport Layer Security (TLS) and Internet Protocol Security (IPsec). Office 365 also includes customer-managed encryption features.


Contact:


https://support.office.com/home/contact


To find out more about how Privacy is handled, visit:


https://products.office.com/en-us/where-is-your-data-located/

https://www.microsoft.com/en-US/TrustCenter/Security/office365-security/

https://www.microsoft.com/en-US/TrustCenter/Compliance/complianceofferings/

https://www.microsoft.com/en-us/TrustCenter/CloudServices/office365/GDPR/

https://www.microsoft.com/en-us/trustcenter/cloudservices/office365/


Our Lawful basis for processing your data under GDPR is Legitimate Interests. We use Office 365 to process your data on a commercial basis. Our operations and business depend on Microsoft's services. Also, if you consent to us marketing to you, then our lawful basis is that Consent. If you book a service through our website, then our lawful basis is a Contract. We need to process your personal data to be able to carry out the service you have requested (such as unblocking your drains).


Contact forms


We use a contact form plugin called Gravity Forms to capture your personal data.


Gravity Forms is a WordPress website plugin developed by Rocketgenius, Inc.


None of your data is processed by Rocketgenius, Inc. Or stored by them.


Data we collect:


Quotation Form:


First name & last, email, you choice of service and a description entered by you.


Contact forms:


Contact form: first name, last name, email, message you enter.


When you submit a booking, enquiry or contact form the data you submit to us sent to us via email. Please see Microsoft Office 365 cloud data storage & exchange email above for more info. The emails are reviewed and processed by our staff who are trained in Data Compliance and Security.


If you become a customer your data is processed by our staff and entered into a customer database on an Excel spreadsheet that is securely stored on Microsoft's cloud servers. Again, please see Microsoft Office 365 cloud data storage & exchange email above for more info.


A copy of the data you enter is also saved in the database this WordPress website needs to function. See Krystal Hosting Ltd above for more information. This data is deleted on a weekly basis.


We only use the information submitted through these forms for customer service purposes. And the purposes of legitimate interests. We will only use your data for marketing if you consent for us to do so.


How long we retain your data


We have robust data retention polices in place that are aligned with industry standards.


We perform data audits once yearly. Any information we deem to be out of date, incorrect or redundant will be deleted.


Specific retention periods:


Data entered in to:


Contact forms/Quotation form: (send us a message form): 6 months.

Analytics records: 2 years.

Customer records: 10 years.


If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognise and approve any follow-up comments automatically instead of holding them in a moderation queue.

For users that register on our website, we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.


Please note: there is nowhere to leave a comment or register on our website. But these features will be coming in future updates.


How we protect your data


All our staff are trained in data protection and retention. This training is provided on an ongoing basis. And procedures are updated in line with any new legislation.


We use Microsoft's Office 365 Cloud solutions. To retain and process your data. This means that your data is better protected than it is on our premises. All the data stored on Microsoft's UK based cloud servers is encrypted to the highest standards. Data is also encrypted in transit. Please see Microsoft Office 365 cloud data storage & exchange email above for more info.


We also employee two-factor authentication in our business.


It is also company policy to carry out regular Data Privacy Impact Assessments.

Maldon Structural & Plant Hire Ltd

3 Woodland Cottage
Main Road
Bicknacre
Chelmsford
Essex
CM3 4HW


Tel Office: 01621-493314
Tel Lee: 07583-118834
Email 1: enquires@maldonstructural.co.uk
Email 2: lee@maldonstructural.co.uk
Email 3: jackie@maldonstructural.co.uk

Company Reg No. 9375897
VAT Reg No. GB 229 760 583

QUICK LINKS

HOME
ABOUT
CONTACT

Maldon Structural and Plant Hire Ltd 2019