Privacy Policy
PRIVACY POLICY & DATA PROTECTION POLICY
Nuffield Engineering Supplies Ltd
We understand that privacy and the security of your personal data is extremely important and we are committed to ensuring that any personal data we collect from yourself is lawfully managed under the terms of the General Data Protection Regulation (EU) 2016/679 (‘GDPR’). This Policy sets out the basis on how we collect your information, what we do with your information and what we do to keep it secure. It also explains your rights over any information we hold on you personally and how you can inform us if you wish to limit the use of that information.
The purpose of processing your personal data
• To manage employees of the company.
• To maintain our own company accounts and records.
• To inform individuals of news, promotions, events or activities.
• To provide a service whereby you may give us information about you by filling in forms on our website www.nestools.com or by corresponding with us by phone, e-mail or otherwise. This includes information you provide when you register to use our site, participate in social media functions on our site or enter competitions, promotions or surveys.
What information do we hold?
• The personal data that you provide to us may include your name, postal address, e-mail address, phone number, financial and credit card information. Credit card information is held in compliance with the Payment Card Industry Data Security Standards (PCI DSS).
• Information about products that you have previously purchased from us.
• Information from other sources such as credit agencies.
• Your NES account login details, including your user name.
What is the legal basis for processing your information?
We will only process your personal data for the purpose it was collected. If we need to process your personal data for any unrelated purpose, we will provide notice to you and if required by law, seek your consent.
• We gather this information to allow us to make the services that we provide available to you and to process your orders and requests accordingly.
• The information may be used to communicate with you on any matter relating to the provision of our service in general.
• We may also use aggregate information and statistics for the purposes of monitoring web site usage in order to help us develop the web site and our service and may provide such aggregate information to third parties. These statistics will not include information that can be used to identify any individual.
• Information from credit reference agencies and credit insurers may be used in making credit decisions such as setting credit limits and payment terms.
• We may process your personal data without your knowledge or consent where required by applicable law or regulation.
Who might we share your information with?
• We use partners and suppliers in aspects of our service delivery; we may share your information with them in order to help them to facilitate providing their services.
• We may need to disclose your personal data where we are under a legal duty to comply with any legal obligation or in order to enforce/apply our Terms and Conditions.
• We may need to disclose your information to protect our rights, property or safety of our customers which includes exchanging information with third party organisations for the purposes of fraud protection and credit risk reduction.
• In the event that this business is ever sold or integrated with another business, your details may be disclosed to our advisers and any prospective purchasers' advisers, and will be passed on to the new owners of the business so that they can continue to provide the service that we currently provide. We will require the purchaser to follow the practices disclosed in this Privacy & Data Protection Policy or to give you at least three months’ notice of any proposed changes.
How we protect your information
All information you provide to us is stored on our secure server. We have implemented appropriate physical, technical, and organisational security measures designed to secure your personal data against accidental loss and unauthorised access, use, alteration or disclosure. In addition, we limit access to personal data to those employees and other third parties that have a legitimate business need for such access.
We require all our third-party service providers to implement appropriate security measures to protect your personal data consistent with our policies. We do not permit our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes in accordance with our instructions.
Rights of Access, Erasure and Objection
It is important that the data we hold about your company is accurate and current. Please keep us informed if any details need to be changed. By law you may have the right to request access to and correct the personal data that we hold about you, or object to the processing of your personal data under certain circumstances. You may also have the right to request that we transfer your personal data to another party.
If you want to review, verify, correct or request erasure of your personal data, object to the processing of your personal data, or request that we transfer a copy of your personal data to another party, please contact us by writing to Customer Services, Nuffield Engineering Supplies Ltd, 7 Fleetsbridge Business Centre, Upton Road, Poole, Dorset BH17 7AF.
We may request specific information from you to help us confirm your identity and your right to access, and to provide you with the personal data that we hold about you or make your requested changes. Applicable law may allow or require us to refuse to provide you with access to some or all of the personal data that we hold about you, or we may have destroyed, erased, or made your personal data anonymous in accordance with our record retention obligations and practices. If we cannot provide you with access to your personal data, we will inform you of the reasons why, subject to any legal or regulatory restrictions.
How long will we keep your information for?
Except as otherwise permitted or required by applicable law or regulation, we will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. In any event this will not usually exceed six years from our last engagement with you after which the personal information will be securely destroyed. Under some circumstances we may anonymise your personal data so that it can no longer be associated with you. We reserve the right to use such anonymous and de-identified data for any legitimate business purpose without further notice to you or your consent.
Right to Withdraw Consent
Where you have provided your consent to the collection, processing and transfer of your personal data, you may withdraw that consent at any time. This will not affect the lawfulness of data processing based on consent before it is withdrawn. To withdraw your consent please contact us by writing to Customer Services, Nuffield Engineering Supplies Ltd, 7 Fleetsbridge Business Centre, Upton Road, Poole, Dorset BH17 7AF.
We may wish to provide you with information about special features of our website or any special service or products which we think may be of interest to you. If you would rather not receive this information, please send an email entitled 'NO MAIL' to web@nestools.com.
We may also want to provide you with related promotions or information from third parties, which we think, may be of interest to you. If you would rather not receive this information, please send an email entitled 'NO RELATED INFORMATION' to web@nestools.com.
By submitting any information to us, or by failure to exercise your rights under GDPR, you consent to the lawful use of your information in accordance with this Privacy Policy.
Changes to Policy
Any changes we may make to our privacy policy in the future will be posted on this page. We will notify you if there are any changes to this policy that materially affect how we collect, store or process your personal data. If we would like to use your personal data for different purposes than those we have notified to you at the time of collection, we will provide you with notice and, where required by law, seek your consent, before using your personal data for a new or unrelated purpose. We may process your personal data without your knowledge or consent where required by applicable law or regulation.
Providing feedback
We welcome your views about our website and our Privacy & Data Protection Policy. If you would like to comment or offer feedback please send via the contact us section of this website.
This is in addition to your right to contact the Information Commissioners Office (https://ico.org.uk/global/contact-us/) if you are unsatisfied with our response to any issues raised.