Pellcomp is committed to protecting the privacy of, and maintaining the confidentiality of, all the data it holds in accordance with Company business practice, policy and the law including the General Data Protection Regulations and the Data Protection Act 2018. Pellcomp is engaged in an ongoing programme of technical, physical and procedural security measures with the aim of maintaining the integrity of the information we process and store and preventing any data breach or unauthorised disclosure.
Information collection and processing
Pellcomp collects and processes data for the specific purpose of our business operations - product sales, training events, delivering product support, the maintenance of services to our Customers and contract services provided to Pellcomp. We use Google Analytics to process information about:
• the pages you visit
• how long you spend on each page
• how you got to the site
• what you click on while you’re visiting the site
Further details about Google Analytics can be found at: https://policies.google.com/privacy?hl=en-US
The information we collect may include names, job roles/titles, telephone numbers, email, postal addresses, account reports and copies of invoices and receipts. In addition, we may collect the following:
• Details of Customer participation in any events offered by us;
• Customer feedback and/or other correspondence (for the purpose of product improvement);
• Customer traffic patterns and site use (for an improved customer experience)
Information will be collected directly from our Customers, websites and Company House for financial records. Direct collection portals include via our website, email, telephone and hard copy.
Any information collected will only be held for the duration of any agreement and the time required to complete any outstanding business transactions, until the subject requests their information be deleted, as required by current legislation, or where it forms part of an investigation by enforcement agencies.
Any information, over and above that listed above, that is stored will be used solely for contracted business services and will be subject to the same retention/deletion policies as collected information.
As a Company we use a variety of software and information management solutions these include Cloud services and Cloud storage. The servers powering the Cloud services may be based outside the UK/EEC and, as such, they are not subject to the requirements of the GDPR however Pellcomp will not conduct business with organisations that do not uphold to maintain the privacy of their customers and the security of information processing and data storage in accordance with the GDPR or legislation equal to or exceeding the requirements therein.
By registering an interest in an event, product, course or our newsletter uses are agreeing to us collecting and storing your information.
By entering in to a service agreement with Pellcomp, customers need to provide data to facilitate billing, communications, service delivery and support. As part of this agreement with Pellcomp, the customer consents to the storage and use of their data. Where consent is not given, or withdrawn, Pellcomp will not be able to deliver some or all of their services to the customer.
By entering in to an agreement with Pellcomp, a contractor or another third party gives consent to Pellcomp to process business appropriate information for the purpose of communication, monitoring and payment to that supplier.
Use of your information
Pellcomp will use Customer information to provide and personalise our service. We may use information provided by Customers to pass on news about Pellcomp products and services we think may be of interest. We may contact parties by post, email or telephone for these purposes. Customer feedback may be used for the upgrade of existing products, the development of new products, for improvements to security and for improvements to Customer support.
There may be instances where it may be necessary for us to communicate with Customers, suppliers and contractors for administrative or operational reasons relating to our service. This contact will only be made when there is a genuine business need to do so.
Data is encrypted at rest and in transit and is only accessed when necessary and only by authorised members of staff. Access to information is controlled by policy, physical and technical measures. These measures are regularly reviewed. Internal security audits and external audits by independent, specialist auditors, are conducted at least annually to test these measures.
Pellcomp has developed, implemented and tested disaster recovery and business continuity plans to avoid or at least minimise business disruption in the event of a disaster or incident occurring.
When sensitive data needs to be passed to and from a Customer, the information will always be protected. The Company uses a secure file drop facility which provides much greater level of security. Where the information is password protected, the password will be conveyed to the Customer by the most direct method possible and in a format that both parties have a high degree of confidence in.
In accordance with the Data Protection Act 2018, data subjects have the right to:
- Access any information held about them
- Ask for a copy of their data to be provided to them
- Request that their data be passed on to another party/organisation
- Request that they not be contacted for marketing purposes
- Have their data deleted (where the information is not being used for legal or juridical purposes)
- Have their information corrected
If you wish to obtain a copy of the information held by Pellcomp about you please write to us. Where the information request is deemed to be excessive Pellcomp reserve the right to make a charge for reproducing the information.
Where Pellcomp provides a data hosting service for our Customers we are the data processors as defined by the GDPR, therefore any Subject Access Request (SAR) would be re-directed to the Data Controller in the first instance.
Disclosure of your information
We will never sell your information or pass your personal data to anyone else without your permission except to any successors in title to our business, as required to do so under the Data Protection 2018, the General Data Protection Regulations and/or any superseding UK legislation, or when requested to do so by a judicial body after sufficient grounds have been provided for the disclosure. We do not conduct business outside of the UK.
If you have any questions about privacy or information security, please direct them to our Information Security Compliance Officer at email@example.com .