Call for a quote on 01375 398 398 or email us

Privacy Policy

PRIVACY & DATA PROTECTION POLICY

 

KEY DETAILS

This policy describes how Davlav Limited (a company registered in England under CN 3916775) (“Davlav”) protects and makes use of the information you give to us when you interact with our business or enter into a contract with us. This may be as a customer, a supplier, an employee or a visitor to our website.

If you are asked to provide information when contacting Davlav it will only be used in ways as detailed in this privacy policy.

Our privacy policy is regularly reviewed and is in line with the General Data Protection Regulation (GDPR) (EU) 2016/679 as implemented in the United Kingdom by the Data Protection Act 2018.

We promise to keep personal data confidential, safe and secure at all times.

If you do have any questions you may wish to write to our Data Protection Controller at Davro House, Granites Farm, Granites Chase, Billericay, CM11 2UQor alternatively please call +441375398398 between the hours of 08:30 – 16:30, email datacontroller@davlav.com.

 

 

WHAT DATA WE STORE

Davlav store the following information from their customers:

  • Name
  • Contact information, including email address
  • Site Addresses
  • Credit/Bank Card information for necessary transactions

Davlav will use this information for our own internal records. We may use to contact you in reply to an enquiry. We may also send promotional mailings or call as part of a quality control measure.

Davlav may collect information about you from third parties, for example from publicly available information such as Companies House, websites such as LinkedIn, references from banks or other third parties (with your consent), or from credit reference agencies.

Davlav’s website may collect information from cookies through its website – please see our cookie policy.

Davlav may collect information about you via our IT systems, eg. door entry systems and reception logs; automated monitoring of our websites and other technical systems, such as our computer networks and connections, CCTV and access control systems, communications systems, email and instant messaging systems.

 

 

LEGAL JUSTIFICATION – WHY WE USE YOUR DATA

Under data protection law, we can only use your personal information if we have a proper reason for doing so, eg:

  • to comply with our legal and regulatory obligations;
  • for the performance of our contract with you or to take steps at your request before entering into a contract;
  • for our legitimate interests or those of a third party; or
  • where you have given consent.

A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

We may use your personal information to send you updates (by email, text message, telephone or post) about our products and services.

We have a legitimate interest in processing your personal information for promotional purposes. This means we do not usually need your consent to send you promotional communications. However, where consent is needed, we will ask for this consent separately and clearly.

We will always treat your personal information with the utmost respect and never share it with other organisations outside Davlav’s group for marketing purposes.

You have the right to opt out of receiving promotional communications at any time by:

  • contacting us at datacontroller@davlav.com
  • using the ‘unsubscribe’ link in emails or ‘STOP’ number in texts.

 

HOW AND WHERE WE STORE THIS DATA

Information collected from daily sales enquiries is not retained.

Customer information is not shared with any third parties without consent to do so.

Onsite data is held on Windows servers in an Active Directory Domain structure. File, folder permissions and passwords are in place along with a password complexity policy and regular password changes.

Archived records are treated in the same way as live records.

Only relevant, accurate and non-excessive data is stored and is only accessible for those that have the need to access, as part of their role within the company.

 

 

HOW LONG YOUR PERSONAL INFORMATION WILL BE KEPT

We will keep your personal information while you have an account with us or we are providing products and services to you. Thereafter, we will keep your personal information for as long as is necessary:

  • to respond to any questions, complaints or claims made by you or on your behalf;
  • to show that we treated you fairly;
  • to keep records required by law.

We will not retain your personal information for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal information. Further details on this are available in our Data Protection Controller (see “Key details” above for contact details).

When it is no longer necessary to retain your personal information, we will delete or anonymise it.

 

 

WHO WE SHARE YOUR DATA WITH

We may share your data with:

  • companies within the Davlav’s group – Davro Site Services Limited registered in England No: 1689131.
  • third parties we use to help deliver our products or services to you, eg. payment service providers, warehouses and delivery companies or other contractors;
  • other third parties we use to help us run our business, eg. marketing agencies or website hosts;
  • third parties approved by you, eg. social media sites you choose to link your account to or third party payment providers;
  • credit reference agencies;
  • our insurers and brokers; and
  • our bank.

We only allow our service providers to handle your personal information if we are satisfied they take appropriate measures to protect your personal information. We also impose contractual obligations on service providers relating to ensure they can only use your personal information to provide services to us and to you. We may also share personal information with external auditors, eg in relation to the audit of our accounts.

We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.

 

 

SECURITY

Davlav will always hold your information securely. To prevent unauthorised access to your information we have implemented strong physical security safeguards. Davlav also follow stringent procedures to ensure we work with all personal data in line with EU General Data Protection Regulations. Data will not be kept for longer than necessary and will only be used for the correct purpose. Personal data will be processed fairly and lawfully.

 

 

TRANSFERRING YOUR PERSONAL INFORMATION OUT OF THE EEA

To deliver services to you, it is sometimes necessary for us to share your personal information outside the European Economic Area (EEA), eg:

with your and our service providers located outside the EEA;

if you are based outside the EEA;

where there is an international dimension to the services we are providing to you.

These transfers are subject to special rules under European and UK data protection law.

If you would like further information please contact our Data Protection Controller (see ‘Key details’ above).

 

 

YOUR RIGHTS

You have the following rights, which you can exercise free of charge:

Access The right to be provided with a copy of your personal information (the right of access)
Rectification The right to require us to correct any mistakes in your personal information
To be forgotten The right to require us to delete your personal information—in certain situations
Restriction of processing The right to require us to restrict processing of your personal information—in certain circumstances, eg. if you contest the accuracy of the data
Data portability The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations
To object The right to object:

—at any time to your personal information being processed for direct marketing (including profiling);

—in certain other situations to our continued processing of your personal information, eg processing carried out for the purpose of our legitimate interests.

Not to be subject to automated individual decision-making The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

 

For further information on each of those rights, including the circumstances in which they apply, please contact us or see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.

If you would like to exercise any of those rights, please:

  • email, call or write to our Data Protection Controller (at the address given in the first paragraph entitled “Key details)”; and
  • let us have enough information to identify you (eg your full name, address and customer or matter reference number);
  • evidence if we request it to prove your identity; and
  • let us know what right you want to exercise and the information to which your request relates.

 

 

QUERIES, CONCERNS AND COMPLAINTS

We hope that our Data Protection Controller can resolve any query or concern you may raise about our use of your information.

The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns or telephone: 0303 123 1113.

 

 

CHANGES TO THIS PRIVACY POLICY

This privacy notice was published on 25 May 2018 and last updated on 25 May 2018.

We may change this privacy notice from time to time—when we do we will inform you via our website.

 

Ref: POL003 Rev 1.0 May 2018