- ABOUT US
- CASE STUDIES
The General Data Protection Regulation (“GDPR”) which comes into being on 25th May 2018 is the biggest change to data privacy laws since the Data Protection Directive was first established in 1995. The new regulation is focused on you, the individual, and how your information is used and processed. It will increase transparency and give you more control and protection.
If you have any specific concerns around the privacy of your personal information or require further information about how we manage your data, please get in touch with us directly:
By post: The Data Protection Manager, Clement Windows Group, Clement House, Haslemere, Surrey, GU27 1HR
By phone: +44 (0) 1428 643393
By email: firstname.lastname@example.org
We are open 8.30 am to 5.00 pm Monday to Friday. For your security and to improve the quality of our service, we may record and monitor telephone calls.
2. Who we are
Clement Windows Group manufactures and installs an innovative range of steel windows, doors, screens and rooflights. We are also recognised as specialists in conservation work for both private residences and commercial projects.
If you are a residential customer you will interact with Clement Windows Ltd.
If you are a commercial customer you will interact with Clement Projects Ltd.
Manufacturing is carried out by Clement Polska sp.z. o. o.
The data controller of your information will be the Clement Windows entity you interact with, as set out above.
3. What information we hold and how we collect it
Personal information is information that identifies you as an individual or from which you are identifiable. This includes your contact details and financial information.
For the sales process, only contact and address details are required.
In order to secure an order and administer your account, occasionally financial details are required such as debit card information. Card details are not recorded in any form, paper or electronic. If a subsequent payment needs to be made, we would need to ask you for your card details again.
As a Clement customer, we collect personal information about you in connection with providing our products and services to you. This means we will generally use your information in the following ways:
4. How we use your personal information
The main ways in which we may use your personal information are to:
5. Our lawful bases for processing information
We will only process your personal information where we have a lawful basis for doing so. Clement Windows Group will rely on the following legal bases:
6. Sharing your personal information
We may share your personal information with:
In these cases we will only provide the third party with the information that they need and they may only use your data for the exact purposes we specify in our contract with them.
We may also share your personal information with the following, should the need arise:
We do not share your information with any third parties for the purposes of marketing.
7. Retaining your personal information
We will retain your personal information for as long as is necessary for the purposes described above and therefore the retention period will vary depending on your interactions with us. For example, typically we will retain information related to your order for a minimum of seven years to: fulfil our business purposes; comply with legal and regulatory requirements; or, for any legal claims. Records earmarked for destruction are sent for secure shredding.
We may keep your data for longer where this is necessary for statistical purposes. However, we will ensure all personally identifiable information is removed where technically feasible.
8. How we ensure the security of your personal information
We know how important data security is to our customers. With this in mind, we treat your personal information with the utmost care and take all reasonable precautions to keep it secure, including safeguards against unauthorised access, use or data loss. This includes ensuring our staff, partners and any third parties who perform work on our behalf comply with security standards as part of their contractual obligations.
We operate a secure web site and a secure PDQ terminal supplied by Global Payments is used. This terminal is not connected to the company network, internet or any other computer systems other than those provided by Global Payments and access to the terminal by anyone other than authorised employees is prohibited. If the terminal has to be service or exchanged, this process is supervised by the Clement Windows Group Financial Controller.
Occasionally if we need to take your payment card details it is for the purposes of administering the transaction at that specific time. Your card details will not be maintained or communicated in any form, paper or electronic and the security code will always be destroyed.
Company business systems are maintained on a firewall protected server which is backed up regularly. Accounting software is password protected and only made available to authorised employees.
We utilise a third party company to monitor our systems for possible vulnerabilities and attacks.
9. Your data subject rights
You can withdraw your consent to marketing (including our newsletters) at any time. As well as our obligations and commitment to respect the privacy of your information, you also have the right to request access to and the erasure or correction of your personal information. You also have the right to request the restriction of processing your personal information, and in some cases, you will be able to object to its processing. Please note, these rights are all subject to various exceptions and limitations, therefore there may be circumstances where can cannot comply with your request. You can exercise these rights at any time by contacting us using the contact details at the beginning of this document (See (1) Introduction). You are also entitled to contact the Information Commissioner’s Office (“ICO”) if you are not satisfied with how we have handled your information.
Last updated 23rd May 2018