PRIVACY POLICY

Introduction 

This Privacy Policy sets out Chisholm Design’s compliance with the General Data Protection Regulation (“GDPR”). 

Who we are 

Chisholm Design is the Controller for all purposes of the GDPR. In this Privacy Policy, Chisholm Design may be referred to as “we”, “our” and “us”; references to “information” include references to “data”, and vice versa. 

References to “our website” are to www.chisholmdesign.co.uk

Contact 

We can be contacted by email at rob@chisholmdesign.co.uk

What information we may collect 

We will collect the information we need to process your relationship with us, any interest you express in us and our services, and the details of any transaction you enter into with us. This may include your name, mailing address, email address, telephone number, requirements for your design, payment details and relevant correspondence. 

In the course of our relationship with you we may collect information about you from other sources, such as other customers who refer us to you, tradesmen who have done work for you etc. 

Legal bases for processing 

Primarily we process your information on the basis of the contract you enter into with us to provide our services and to supply products as part of that service. 

We also process images and descriptions of our work for you and testimonials provided to us by you on the basis of your consent. 

We may send you direct marketing relating to similar services and products offered by us electronically and by postal mail on the basis of our legitimate interest in operating our business. 

How your information is held and processed 

We process your information solely to manage our relationship with you, to deliver the contracted service (including materials and products) and contact you about that relationship. 

In the course of servicing your contract with us, we may, from time to time, need to pass your information to other organisations to facilitate delivery of our service (including contractors working to our instructions on your contract) and related products and materials to you. 

The companies that process (store) data for us have indicated that they are compliant with the requirements of the GDPR. 

Where we pass your information to other organisations this is done under contract which includes requirements to conform to the GDPR, and stipulations that they will not use your information for any purposes other than those authorised by us. 

In order to process payment card transactions, it may be necessary for our payment processor to verify your personal details outside the European Union for the purpose of authorising the transaction. 

Your information is not subject to any processing which includes automated decision making. 

Where your information is processed 

Your personal details are processed on secure computer systems. Any paper documents you have completed and any correspondence are held securely. 

We have contracted to use Apple’s iCloud and Google for remote storage. These companies are defined as “Processors” under the GDPR and have indicated that they are GDPR-compliant in respect of their storage offering to the EU and EEC countries. 

How we use your information 

In general 

We process your information so that we may provide the service you have contracted with us to provide; to facilitate the delivery of third party products and services to fulfil that contract; to further service the contract post-delivery; to enable us to inform you of any matters notified by the manufacturers and suppliers of the products post-installation; to enable us to assist you with any emergent issues including warranty claims; and to remain in contact with you. 

Website 

Our website is maintained by us but is hosted by a third-party. 

The website uses cookies to facilitate management of your current connection. In addition, cookies are placed by facebook.com and sitebooster.com. 

Our website uses Facebook Conversion and Tracking Pixels to gather data for statistical and market research purposes. The collected data is used to allow Facebook and its partners to display advertisements according to Facebook’s Data Use Policy and Business Advertising Policy. The collected data remains anonymous and is solely used to process within the Facebook advertisement services. 

If you decline to accept cookies, some aspects of the website may not work as expected. Most browsers can be programmed to alert you before downloading cookies. 

Retention period 

We will retain the personal information you provide under the following conditions:

  • in general, for the duration of your contract, plus seven years; 

  • warranted items: for the duration of the warranty period, plus one year; 

  • images and descriptions of our work for you and testimonials provided to us by you: until such time as you may revoke your consent. 

Your Rights 

You have: 

  • the right to be informed that we process your personal data; 
    You may make a request to rob@chisholmdesigns.co.uk. No fee is payable. We will inform you within one calendar month. 

  • the right to be supplied with those data; 
    You may make a request to rob@chisholmdesigns.co.uk. No fee is payable. We will supply you with the required information within one calendar month. 

  • the right to rectification of any inaccuracies in the data; 
    If you believe that any of your data we are processing is incorrect, you may make a request for its correction to rob@chisholmdesigns.co.uk

  • the right to erasure of your personal data processed by us; 
    Should you wish for your data to be removed from our computer systems, you may make a request for its correction to rob@chisholmdesigns.co.uk. Please note, however, that we may need to retain certain data in order to comply with legislative/legal requirements, where the data are necessary for the establishment, exercise or defence of legal claims, and where we can demonstrate that it is in our legitimate interests to retain it. We will inform you of any such instances. 

  • the right to restrict our processing of your data for certain purposes; 
    You may make a request to rob@chisholmdesigns.co.uk, setting out the purposes for which you wish to restrict our processing. 

  • the right to have your data supplied in a generally recognised electronic format (PDF); 
    Upon request, we will supply your data in PDF format, electronically, by email, using an encrypted service. 

  • the right to object to processing of your personal data by us. 
    You may make a request to rob@chisholmdesigns.co.uk. Please note, however, that we may need to continue processing certain data in order to comply with legislative/legal requirements, where the data are necessary for the establishment, exercise or defence of legal claims, and where we can demonstrate that it is in our legitimate interests and we have overriding legitimate grounds to retain it. We will inform you of any such instances. 

  • rights in relation to automated decision making and profiling, however we do not perform any such automation. 

  • If you have any complaint about our use of your data you should contact us in the first instance to try to resolve the matter. You have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office, if not satisfied with our response. 

Types of organisations with which we may share your information 

  • Suppliers of products to fulfil your contract. 

  • Contractors to fulfil your contract. 

  • Payment processors to facilitate transfer of payments. 

Note 

Nothing in this document shall be taken to infer that Chisholm Design assumes any responsibility for following up warranty matters or informing clients of emergent issues post-installation. 

This Privacy Policy was updated on 24 May 2018