This privacy policy sets out how Silvervale uses and protects any information that you give us. Silvervale is committed to ensuring that your data is protected. Should we ask you to provide certain information by which you can be identified, then you can be assured that it will only be used in accordance with this privacy statement. Silvervale may change this policy in the future and you will be notified when this happens. You can always check this page from time to time to ensure that you are happy with how we process your data.
Under GDPR, Silvervale Ltd is the Data Controller.
Our registered address is:
2/4 Ash Lane, Rustington, West Sussex, BN16 3BZ.
You can call us on 023 93 879183 during normal office hours.
We do not have a Data Protection Officer (DPO) and there is no requirement for us to appoint a DPO under the terms of the GDPR; contacting us using the details above will enable us to deal with any related enquiries.
This privacy policy details how we process your personally identifiable data as a customer, prospective customer, or supplier; from this point on in this policy we will refer to this group as ‘customers’.
Under the EU’s General Data Protection Regulation ‘Personal Data’ is defined as:
“any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
In order for us to provide you with our products and services we need to collect personal data for correspondence purposes, including contacting the right person regarding queries, sales and invoices, and to deliver goods to site. We are committed to ensuring that the information we collect and use is appropriate for this purpose and does not constitute an invasion of your privacy. We may pass your personal data on to our service providers who are contracted to Silvervale in the course of our dealings with you. Our contractors are obliged to keep your details securely and use them only to fulfil the service they provide you on our behalf. Once your service need has been satisfied or the case has been closed, they will dispose of the details in line with Silvervale’s procedures.
We do not collect or use data about our customers that is classified under GDPR as ‘special categories’.
Silvervale will process – that means collect, store and use – the information you provide in a manner that is compatible with the EU’s General Data Protection Regulations (GDPR). We will endeavour to keep your information accurate and up to date and not keep it for longer than is necessary. In some instances, the law sets the length of time information has to be kept, but in most cases Silvervale will use its discretion to ensure that we do not keep records outside of our normal business requirements.
Our aim is not to be intrusive, and we undertake not to ask irrelevant or unnecessary questions. Moreover, the information you provide will be subject to rigorous measures and procedures to minimise the risk of unauthorised access or disclosure.
The basis for processing your personal data
We use a combination of legitimate interest and gathering consent to process personal data, depending on the situation.
If you are an individual or run a business as a sole trader or a partnership and haven’t previously entered into negotiation regarding prices with us, communicated with us, registered on our website or purchased from us, we will ask for your consent to process your data.
If you work for a Limited company, PLC, or similar, and we are processing your personal data, your rights under GDPR and PECR are unaffected unless we need them to satisfy a legal obligation or as part of a contract.
Categories of personal data processed by Silvervale
In the course of negotiating, marketing and doing business with customers we may collect any combination of the following categories of personal data:
• Name, job title and/or trade
• Contact details, including email address, postal address, social network handle and telephone numbers
• Location, including additional addresses and GPS coordinates
• Computer device, including IP address, Mac address, browser fingerprint
• Communication, including telephone recordings, voice mail, email
• Transactional, including purchases from strukta, credit information if the business is a sole trader or partnership
We will use the information you provide for the following purposes:
Internal record keeping: we use a system to record our customers’ names and contact details, along with dates of orders, what was ordered, brief descriptions of when our team have corresponded, met or talked to our customers, as well as delivery addresses and any names and contact details needed to get our goods to your site or supplied by customers as referees when opening a credit account. This helps us answer questions about past orders, ensure our invoices are correct, contact customers if there is ever a problem, and anything else that helps us provide the excellent level of service our customers expect.
Business correspondence: from time to time we get in touch with our customers via post, email or phone; this includes sending invoices, arranging meetings, keeping customers updated with their orders, catalogue requests, invitations to events, sending gifts, account management, opening times over holidays, unplanned closures (e.g. due to poor weather conditions), changes to our terms and conditions, or prices.
Delivery to site: sometimes building sites are hard to find, so we make sure that we have some contact details to help the driver deliver goods where they are needed. This is usually a name and mobile number – whatever our customer feels is the best information to give. Occasionally we use courier or delivery companies to get our goods to site, or goods will need to be delivered direct by the manufacturer or our supplier; these are third parties working on our behalf and their obligations are detailed above.
Customer feedback and market research: we regularly ask customers to feedback about their recent experience by email and may also contact customers for market research purposes by email, post or phone.
Website: we may customise the website according to information gathered from previous purchases or what our customers have told us about themselves, such as address or trade. In some instances the information on the website has been added by our customers; the website is also linked to our ERP system and email platform to enable us to work towards providing a seamless experience. We use cookies on our website, which you can read more about here. We also use analytics that track site visitors as they use the website and use this to improve the website.
CCTV and photography: all of our sites have CCTV systems installed and running. We use the footage to investigate issues as they arise. At events and/or for marketing purposes, we may ask to take photographs of customers; we always ask customers to sign an agreement giving us permission to use their picture and keep the agreement on record, giving a copy to the customer for their future reference.
Customer testimonials: if customers give us testimonials about the excellent service they’ve received from Silvervale, all customers are asked to sign an agreement giving us permission to use their testimonial with their name, company name and position, and we keep the agreement on record, giving a copy to the customer for their future reference.
Marketing: customers receive marketing messages by email and SMS, and we always provide a means of opting out. Customers can manage their email preferences using links at the bottom of our messages. If we send marketing messages by post it is always regarding products or services similar those previously purchased or used, or related to the industry our customers work in.
IP Tracking Software: strukta.co.uk uses IP tracking software which obtains information on the activity of users that visit the website. The software we use is fully GDPR compliant and does not store any personal data such as the user’s name.
Systems we use or have accounts with may record information about you through your use of, or interaction with them. For example, if you open our emails on your mobile device and have GPS switched on, the email platform we use may record your location – this is usually managed by you with settings on your device.
In line with GDPR, we need to tell you of any other organisations (processors) involved in the processing of your data. For the most part our information is stored on our internal systems here in our offices. We have sought and have recorded assurances from other processors, where they are used; and they are as follows:
Xero Accounting Software: we use this cloud-based solution to record and manage all our customer, supplier and product information and transactions.
Smartsheet: we use this cloud-based solution as a means of managing activity which includes who our staff have spoken to. We only store data essential to the activity on this system. Servers for Smartsheet are in the USA and the company is a member of Privacy Shield.
MarketScan: we use this company to purchase some customer data from which includes de-dupe of our current data.
The Mailing People: we use this company to handle some of our direct mail.
Couriers and delivery companies: we are not always able to deliver direct to site using our own vehicles and use courier and delivery companies including TNT, AET Transport, Swift Couriers, KKM, Sprinter Couriers.
We do not pass or sell personal data to any person or company that is not acting on our behalf.
Before you disclose to us the personal information of another person, you must obtain that person’s consent to both the disclosure and the processing of that personal information in accordance with the terms of this policy.
We buy contact lists from reputable providers that only supply business details that have been checked for quality and against the Telephone Preference Service and Corporate Telephone Preference Service.
You have the right to object to strukta processing your personal data. Your objection would need to be regarding us processing your personal data based on legitimate interest, or for direct marketing, and on grounds relating to your particular situation. Please contact us if you need to raise an objection.
Should we receive an objection relating to direct marketing, we will stop processing your personal data. Direct marketing includes email, SMS (text messages), phone calls and post. All our marketing emails have an unsubscribe link at the bottom, as well as a link to update your preferences.
You have the right to know how we process your data. This privacy policy has been created for this purpose. If you have any questions that you cannot find the answer to in this policy, please do not hesitate to contact us.
You have the right to access your personal data and any supplementary information. You can do this by contacting us and making this request. We will provide you with what information we have free of charge within one month of receiving your request, after we have verified your identity. If your request is complex, we’ll notify you within one month of receipt that we will need to extend this period and why, and the maximum that we are able to extend it by is a further two months. If we feel that a request is manifestly unfounded or excessive, particularly if requests are repetitive, we can charge a reasonable fee to cover the administrative costs or refuse to respond. If we refuse to respond we will explain why; you would still have the right to complain to the ICO and to a judicial remedy without undue delay and within one month.
You have the right to tell us if your information is incorrect or incomplete and for it to be rectified. Should you notice that data we hold isn’t right, please contact us and we’ll correct it within a month of receiving your request. Should the request for rectification be complex, we’ll let you know that we will need to extend this period and why, and the maximum that we are able to extend it by is a further two months. If we don’t take action following your request, we’ll contact you to explain why and you’ll have the right to complain to the ICO and to a judicial remedy.
You have the right to be forgotten. You can request the deletion of personal data when there is no compelling reason for us to continue to process it by contacting us. This includes where you feel that it is no longer necessary, where you withdraw consent, where there is no overriding legitimate interest, or if you feel it was unlawfully processed. Should there be a reason for us to refuse, such as the exercise or defence of a legal claim, we will tell you. We will endeavour to fulfil your request otherwise, although if we have used your personal data on social networks it may not be entirely possible (we would not do this without your consent).
You have the right to request that we restrict processing of your personal data. This would mean that we continue to store your personal data, but not use it going forward. You can do this by contacting us. We will retain just enough information about you to ensure that the restriction is respected in the future. We’ll also restrict processing of your personal data if you tell us that it’s inaccurate or incomplete. Should you need to establish, exercise or defend a legal claim and we no longer need your personal data, we’ll restrict its processing.
You have the right to request your personal data to reuse it for your own use across different services. However, the type of personal data that we process is unlikely to be useful for this purpose. Please contact us if you’d like to request this and we’ll reply within one month either with the data or a reason why we’re not taking action. If we tell you we’re not taking action, you’ll have the right to complain to the ICO and to a judicial remedy without undue delay and within one month.
Silvervale does not use any form of automated decision-making including profiling.
If you would like to make a request concerning your personal data, please email david@silvervalegroup.com
Or write to us:
GDPR Compliance,
Silvervale Ltd,
2/4 Ash Lane
Rustington,
West Sussex,
BN16 3B
You can also call us on 02393 879183 during normal office hours.