Privacy Policy

Privacy Policy

Summary

This privacy policy will help you understand what happens with any Personal Data we gather from you in relation to the business you carry out with us.

We recognise our obligations under data protection legislation and we are committed to keeping Personal Data safe and secure.

If you have queries about this privacy policy or how we process your personal information, please contact our Business Information and Technology Director at:

Dataprotection@simpsonsmalt.co.uk

Who we are

The organisation responsible for processing your personal information is Simpsons Malt Ltd, Tweed Valley Maltings, Berwick-Upon-Tweed, TD15 2UZ.  This means we are the data controller under the General Data Protection Regulation (also known as GDPR) and the Data Protection Act 2018.

What information we collect about you

In connection with our business the personal information we may collect from you includes:

  • Your trading name, name, e-mail, phone number, address and trading status
  • VAT Number
  • Trade references
  • Bank Account details – for payments
  • Technical details when you visit our website, such as IP address, browser information, site visit usage information.

How we collect information about you

We collect information about you in the following ways:

  • Information you provide to us on a trading account application form
  • Information you provide to us on contracts and orders
  • Information you provide on Contact Us forms on our websites
  • Information collected when you visit our websites
  • E-mail address when you subscribe for our newsletter
  • Updates received from you in order to maintain your trading account, such as address changes, bank account detail changes

Security of your information

We have put in place policies, procedures and technologies to maintain the security of all Personal Data from the point of collection to the point of destruction including procedures to deal with a security breach.  We will ensure your Personal Data is only accessible by those who need to see your data for their specific role.  We will only transfer Personal Data to a third party if that third party agrees to comply with those policies and procedures, or if they put in place adequate measures themselves.

How we use your information and the legal basis for processing

We process information about you to provide services and products and to manage the business efficiently.  The legal basis for processing your information is usually that the processing is necessary to enable performance of your contract.

The table below expands on this:

Type of personal information Reason for processing this information Legal basis for processing Retention
Trading Name, name, e-mail, phone number, address and trading status. To register you as a new customer and/or supplier Performance of a contract with you 3 years after account closure
Trade references To register you as a new customer and/or supplier Performance of a contract with you On account setup
Contact Details and address information To process and deliver your order including:

(a) Manage payments, fees and charges

(b) Collect and recover money owed to us

To manage our relationship with you which will include notifying you about changes to our trading terms or privacy policy

(a) Performance of a contract with you

(b) Necessary for our legitimate interests (to recover debts due to us)

(c) Necessary to comply with a legal obligation

3 years after account closure
Contact Details and address information To provide you with marketing information relating to our products and services

To provide you with marketing information from selected third-party services that are aligned to the existing services we provide to you

Your consent in agreeing to receive marketing in this way when signing up to our contract with you Until you unsubscribe
Bank details To process and deliver your order including:

(a) Manage payments, fees and charges

(a) Performance of a contract with you

 

One month after account closure
e-mail address To send you regular newsletters that you have subscribed to receive Necessary for our legitimate interests (to keep you up to date with news, products and services) Until you unsubscribe
IP address, browser information, site usage information To provide you with website services relevant to your contract.

To provide you with information about other products and services we offer.

As part of our efforts to make our websites safe and secure

To measure the effectiveness of any advertising we may serve to you

Necessary for our legitimate interests (to keep you up to date with news, products and services and to allow us to improve our websites) 12 months after website visit
Name and address provided on contact us forms on website To respond to your requests. Necessary for our legitimate interests (to keep you up to date with news, products and services) 3 years after account closure

Who we share your personal information with

Colleagues in our business who provide products and services to you.  All colleagues are trained in data protection and understand the need to keep your information confidential.

Where relevant we may also share your information with the following categories of third parties:

  • Mailchimp for newsletter subscription (if you subscribe)
  • Aligned third party product and service providers
  • Financial institutions that you ask us to provide your account information to
  • Government agencies, departments and regulatory bodies where we are legally obliged to

If your Personal Data is provided to any third parties, you are entitled to request details of the recipients of your Personal Data or the categories of recipients of your Personal Data.

Processing your information outside of the EAA

We (or one of our third-parties) may transfer your personal data outside of the European Economic Area (EEA).

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

If you choose not to give your personal information

We may need to collect certain personal information so we can perform our contract with you.

If you choose not to give us this personal information, it may in certain limited circumstances delay or prevent us from providing products or services you have asked for.  In some circumstances, it could mean we cannot offer provide those products or services.  We will always tell you at the time we try to collect such Personal Data, if your refusal to provide that data may impact on our ability to provide products or services to you.

How we keep your data accurate

We will keep the Personal Data we store about you accurate and up to date.  We will take every reasonable step to erase or rectify inaccurate data without delay. Please tell us if your personal details change or if you become aware of any inaccuracies in the Personal Data we hold about you.  We will also contact you if we become aware of any event which is likely to result in a change to your Personal Data.

Your rights

Under GDPR legislation you have the following rights about your personal information:

  • To obtain access to, and copies of, the personal information we hold about you via the Data Subject Access Request process that can be found on our website.
  • To have Personal Data rectified if inaccurate.
  • To have any incomplete Personal Data completed.
  • To have Personal Data erased (which does not contravene any legislation or your contract with us)

Please note that these rights may be limited by the legislation and we may be entitled to refuse requests where exceptions apply.  You can find out more about your rights from the Information Commissioners Office at www.ico.org.uk.

Should you wish to exercise any of your rights, please contact our Business Information & Techology Director using the contact details below.

How to complain

We encourage you to contact us with any concerns or suggestions to improve our policies and procedures using the details below.  You also have the right to make a complaint to the Information Commissioner’s Office at any time at www.ico.org.uk.

How to contact us

If you want further information about our privacy policy, would like to exercise your data protection rights, want to raise a complaint or suggest an improvement or just require further information, please contact us in any of the following ways:

  • E-mail: dataprotection@simpsonsmalt.co.uk
  • Telephone: 01289 330033
  • In writing to: Business Information & Technology Director, Simpsons Malt, Tweed Valley Maltings, Berwick-Upon-Tweed, TD15 2UZ

Changes to this privacy notice

We keep this privacy policy under regular review and will publish updated versions on our website.  This version was last updated on 11 November 2018.