Privacy Policy & GDPR Compliance | Blue Altitude
Privacy Policy
In accordance with the General Data Protection Regulation (GDPR), we have implemented this privacy notice to inform you, our Customers and Suppliers (current and former), of the types of data we process about you. We also include within this notice the reasons for processing your data, the lawful basis that permits us to process it, how long we keep your data for and your rights regarding your data.
DATA PROTECTION PRINCIPLES
Under GDPR, all personal data obtained and held by us shall be processed according to a set of core principles. In accordance with these principles, we will ensure that:
- processing is fair, lawful and transparent
- data is collected for specific, explicit, and legitimate purposes
- data collected is adequate, relevant and limited to what is necessary for the purposes of processing
- data is kept accurate and up to date. Data which is found to be inaccurate will be rectified or erased without delay
- data is not kept for longer than is necessary for its given purpose
- data is processed in a manner that ensures appropriate security of personal data including protection against unauthorised or unlawful processing, accidental loss, destruction or damage by using appropriate technical or organisation measures
- we comply with the relevant GDPR procedures for international transfer of personal data
WEBSITE
The system will record your email address and other information as volunteered to the organisation by users, any information submitted via the website will be collected, retained and disposed of in accordance with this policy and the GDPR and the Human Rights Act 1998.
As a condition of use of these sites, all users give permission for Blue Altitude © to use its access logs to attempt to track users who are reasonably suspected of gaining or attempting to gain unauthorised access.
Where users provide address details these will be used primarily to operate your account and may be used by us to keep you informed of products and offers. Users may opt out of receiving such mailings.
This site uses some unobtrusive cookies to store information on your computer.
Some cookies on this site are essential, and the site won’t work as expected without them. These cookies are set when you submit a form, login or interact with the site by doing something that goes beyond clicking on simple links.
We also use some non-essential cookies to anonymously track visitors or enhance your experience of the site. If you’re not happy with this, we won’t set these tracking cookies, but some nice features of the site may be unavailable.
To control third party cookies, you can also adjust your browser settings.
Information from tracking Cookies is anonymous and used by us to understand how our site is used and to improve the performance of the site for visitors. This information is not used for mailing purposes.
By using our site, you accept the terms of our Privacy Policy.
TYPES OF DATA HELD
We keep several aspects of personal data on our customers and suppliers. We keep this data securely within our computer systems; specifically we hold the following types of data:
- personal details such as name, address, phone numbers
- company details
- bank account details
COLLECTING YOUR DATA
You provide several pieces of data to us directly during initial contractual setups as well as; emails, business cards and telephone conversations.
LAWFUL BASIS FOR PROCESSING
The law on data protection allows us to process your data for certain reasons only. In the main, we process your data to comply with contractual requirements and for legitimate interest. Failure to provide us with data may mean that we are unable to fulfil our contractual requirements
SPECIAL CATEGORIES OF DATA
Blue Altitude do not hold special categories of data relating to you.
WHO WE SHARE YOUR DATA WITH
As relevant to their function, employees within our company have the responsibility for the administration and handling of your data. All employees with such responsibility have been trained in ensuring data is processed in line with GDPR.
PROTECTING YOUR DATA
We are aware of the requirement to ensure your data is protected against accidental loss or disclosure, destruction and abuse. We have implemented processes to guard against such.
RETENTION PERIODS
Retention periods can vary depending on why we need your data, however we shall only keep your data for as long as we need it for.
AUTOMATED DECISION MAKING
Automated decision-making means making decision about you using no human involvement e.g. using computerised filtering equipment. No decision will be made about you solely on the basis of automated decision making (where a decision is taken about you using an electronic system without human involvement) which has a significant impact on you.
YOUR RIGHTS
You have the following rights in relation to the personal data we hold on you:
- the right to be informed about the data we hold on you and what we do with it;
- the right of access to the data we hold on you.
- the right for any inaccuracies in the data we hold on you, however they come to light, to be
corrected. This is also known as ‘rectification’;
- the right to have data deleted in certain circumstances. This is also known as ‘erasure’;
- the right to restrict the processing of the data;
- the right to transfer the data we hold on you to another party. This is also known as ‘portability’;
- the right to object to the inclusion of any information;
- the right to regulate any automated decision-making and profiling of personal data.
CONSENT
Where consent was required and provided to us to use your data, you have the right to withdraw that consent at any time. This means that we will stop processing your data.
MAKING A COMPLAINT
If you think your data rights have been breached, you are able to raise a complaint with the Information Commissioner (ICO). You can contact the ICO at Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF or by telephone on 0303 123 1113 (local rate) or 01625 545 745.
DATA PROTECTION COMPLIANCE
Our appointed compliance officer in respect of our data protection activities is:
Name: Brett Dale-Heaps
Title: Managing Director
Tel: +44 (0) 1256 517352