Information we collect
In operating our website, we may collect and process the following data about you, including:
— Details of your visits to our website and the resources that you access, including, but not limited to, search strings, referring websites, entry and exit pages and other data. This is anonymous, aggregate statistical data that cannot be used to identify you personally.
— Information that you provide by filling in forms on our website.
— Information provided to us when you communicate with us for any reason.
Such data could include your name, address, telephone number, email address and social media identifiers. We do not collect or process information (such as salaries or medical details) that are regarded as sensitive under data protection law, except that about our staff, which we need to fulfil our responsibilities as an employer.
Use of your information
Under the GDPR (General Data Protection Regulation), in force from 25th May 2018, our lawful basis for collecting and processing your information arises from our following legitimate interests:
— To provide you with information requested from us, relating to our products or services.
— To provide information on other products that we feel may be of interest to you.
— To meet our contractual commitments to you.
The above interests were identified as a result of a legitimate interests assessment that we have conducted.
Disclosing your information
Where applicable, we may disclose your personal information to third parties:
— Where we sell any or all of our business and/or our assets to a third party.
— Where we are legally required to do so.
— To assist fraud protection and minimise credit risk.
We may also share your information with relevant external marketing, consultancy or logistics agencies that we use, but on the basis that they will not pass on your information to other parties.
Where your information is stored
Your information may be stored either on secure servers here in the UK, or on the servers of some third-party platforms we make use of. Wherever the latter are outside the EEA, their owners’ data handling processes meet the requirements of the GDPR.
All telephone calls through our system are recorded for training purposes to 4Com HiHi Cloud servers with Microsoft Azure, which can be accessed only by authorised users through the 4Com portal, which is protected by 256-bit encryption, one of the most secure encryption methods available.
Keeping your information secure
We have procedures and security features in place to keep your information secure once we receive it. For example, all documents such as spreadsheets that are held online have to be password-protected, and all online platforms are password-protected and accessed by limited named users.
This website includes links to third-party websites. These websites should have their own privacy policies. We do not accept any responsibility or liability for their policies whatsoever as we have no control over them. We cannot accept responsibility for any loss or damage you may suffer as a result of visiting third-party websites, such as that resulting from viruses or malware. The content of third-party websites is the responsibility of their respective owners and operators.
Access to information
The General Data Protection Regulation gives you the right to access the information that we hold about you. You can also ask us not to make use of your information, or for it to be deleted from our records. Should you wish to receive details that we hold about you, please contact:
Alun Simpson, HR, Legal & Compliance Manager
Borg & Overström
Morton on the Hill
If you wish to unsubscribe from our email bulletins you can either contact us as above or, more simply, click on the unsubscribe link each bulletin contains