Crawford Healthcare Privacy and Cookies Statement
Your privacy is important to Crawford Healthcare. This privacy statement provides information about the personal information that we collect and use that personal information. In using this website you are deemed to have read and agreed to the following policy.
Who is responsible for managing your information?
The Data Controller is Crawford Healthcare Ltd (referred to in this policy as “we” or “us”).
A data controller, according to the applicable data protection laws, means a person who determines the purposes for which and the manner in which any personal information is to be processed.
We are committed to doing the right thing when it comes to how we collect, use and protect your personal data. That’s why we’ve developed this privacy and cookies policy (“Policy”), which:
· sets out the types of personal data that we collect
· explains how and why we collect and use your personal data
· explains when and why we will share personal data within Crawford and other organisations; and
· explains the rights and choices you have when it comes to your personal data
We ensure that the appropriate technical and contractual measures are in place to provide security of your personal information, guard against unauthorised or unlawful processing of such information and guard against accidental loss, destruction, disclosure or, or damage of it.
This Policy also applies if you contact us or we contact you.
Personal information that we collect
This section tells you what personal data we may collect from you when you use our website and/or online shop and what other personal data we may receive from other sources.
When you shop with us online or browse our website we may collect:
· Information about your online purchases (for example, what you have bought, when and where you bought it and how you paid for it)
· Information about your online browsing behaviour on our websites
· Information about your computer, including where available your IP address, operating system and browser type, for system administration. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.
· Details of your visits to our site and the resources that you access including but not limited to technical data about your visit such as traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes of otherwise.
· Information that you provide by filling in forms on our website sunsense.co.uk (“our website”). This includes information provided at the time of registering to use our site, posting material or requesting further services. We may also ask you for information when you report a problem with our site.
We do not actively collect Special Categories of Personal Data (as defined by applicable data protection laws) (this being information relating to your race, ethnic origin, politics, religion, trade union membership, genetics, biometrics (where used for ID purposes), health, sex life, or sexual orientation). However we may collect this information if you actively chose to share it with us by providing it to us either through the functionality available on the website, by email or over the phone.
How long will you hold my information for?
Your information is only stored whilst it is required for the relevant purposes or to meet our legal requirements. Where your information is no longer required, we will ensure it is disposed of in a secure manner. Where you request that you receive no further marketing communications from us, we will retain your details on a “suppression list” to ensure that no further marketing communications are sent.
If you wish to know how long we retain specific types of personal data then please contact us.
When you contact us or we contact you or you take part in promotions, competitions, surveys or questionnaires about our services, we may collect:
· Personal data you provide about yourself anytime you contact us about our services (for example, your name, contact details), including by phone, email or post or when you speak with us through social media
· Details of the emails and other digital communications we send to you that you open, including any links in them that you click on
· Your feedback and contributions to customer surveys and questionnaires
How and why we use personal data?
Your personal data is used to support a range of different activities. These are listed in the table below together with the types of data used and legal bases that we rely on when processing them, including where appropriate, our legitimate interests. Please be aware that we may process your personal data using more than one lawful basis, depending on the specific activity involved. Please contact us if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
Contact and Interaction with you
We may collect personal data about you in the following ways:
– Direct interactions – you may give us your Identity, Contact, Financial, Transaction, Profile, and Marketing and Communications data by filling in forms, entering information online or by corresponding with us by post, phone, email, telephone or otherwise. This includes personal data you provide, for example, when you:
– Create an account or purchase products on our website;
– Subscribe to our social media sites;
– Enter a competition;
– Complete a voluntary market research survey;
– Contact us with an enquiry or to report a problem (by phone, email, social media, or messaging service);
– When you log in to our website via social media.
– Automated technologies or interactions – as you interact with our website, we may automatically collect the following types of data (all as described above): Technical Data about your equipment, Usage Data about your browsing actions and patterns, and Contact Data where tasks carried out via our website remain uncompleted, such as incomplete orders or abandoned baskets. We collect this data by using cookies, server logs and other similar technologies.
– We do not actively collect Special Categories of Personal Data (as defined by applicable data protection laws) (this being information relating to your race, ethnic origin, politics, religion, trade union membership, genetics, biometrics (where used for ID purposes), health, sex life, or sexual orientation). However we may collect this information if you actively chose to share it with us by providing it to us either through the functionality available on the website, by email or over the phone.
Who do we share this information with?
We share your personal information with the following external third parties:
· Service providers based who provide IT systems and software, and to host our website;
· Third Party payment processing services – Sage pay, Paypal – to process your payment to us. We do not store your payment information. Your payment details are provided to the payment processing service you have selected, who are compliant with necessary regulations;
· Third party service providers that we engage to deliver the goods you have ordered;
· Third party service providers that we engage to send emails on our behalf including in relation to incomplete orders or abandoned baskets, or marketing communications;
· Analytics and search engine providers that assist us in the improvement and optimisation of our website;
· Affiliate networks through whom you have accessed our website;
• Professional advisers including lawyers, bankers, auditors and insurers based in the United Kingdom who provide consultancy, banking, legal, insurance and accounting services.
• HM Revenue & Customs, regulators and other authorities based in the United Kingdom
• In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
· If Crawford Healthcare Ltd or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
· Disclose information about you as required by law, to enforce this Agreement and to preserve our rights.
Protection of Information
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information that we collect. For example:
· We limit employee access to customer information to those who have a business reason to know this information
· We maintain policies and procedures covering the physical security of workplaces and records.
· We use technological means such as backup files, virus detection software, encryption, firewalls and SSL technology to protect against unathorised access or alternations to customer data.
Whilst we take appropriate technical and organisational measures to safeguard your personal data, please note that we cannot guarantee the security of any personal data that you transfer over the internet to us.
We may transfer your personal data and/or sensitive personal data to recipients located outside of the EU or Switzerland, for example, when we store your data on servers that are located at our headquarters in the U.S. In each case, Crawford shall take the necessary measures to ensure that all personal data and/or sensitive personal data transferred to recipients in countries outside of the EU or Switzerland receives an adequate level of protection as required by EU and Swiss data protection law. Crawford has implemented appropriate international data transfer agreements based on the EU Standard Contractual Clauses.
Marketing and market research
This section explains the choices you have when it comes to receiving marketing communications and taking part in market research.
We will send you relevant offers and news about our products in a number of ways including by email, but only if you have previously agreed to receive these marketing communications. When you register with us we will ask if you would like to receive marketing communications, and you can change your marketing choices online, over the phone or in writing at any time.
Cookies and similar technologies
Cookies are small data files that allow a website to collect and store a range of data on your desktop computer, laptop or mobile device.
Improve the way our website works
Cookies allow us to improve the way our website works so that we can personalise your experience and allow you to use many of their useful features.
Improve the performance of our website
Cookies can help us to understand how our website is being used, for example, by telling us if you get an error messages as you browse.
These Cookies collect data that is mostly aggregated and anonymous.
Deliver relevant online advertising
Cookies used for this purpose are often placed on our website by other organisations, and always with our permission. These Cookies may collect information about your online behaviour, such as your IP address, the website you arrived from and information about your purchase history or the content of your shopping basket. This means that you may see our adverts on our website and on other organisations’ websites. You may also see adverts for other organisations on our website.
To help us to deliver online advertising that is relevant to you, we may also combine data we collect through Cookies in the browser of your desktop computer or other devices.
Measuring the effectiveness of our marketing communications, including online advertising
Cookies can tell us if you have seen a specific advert, and how long it has been since you have seen it. This information allows us to measure the effectiveness of our online advertising campaigns and control the number of times you are shown an advert.
Your choices when it comes to Cookies
You can use your browser settings to accept or reject new Cookies and to delete existing Cookies. You can also set your browser to notify you each time new Cookies are placed on your computer or other device. You can find more detailed information about how you can manage Cookies at the All About Cookies and Your Online Choices websites.
If you choose to disable some or all Cookies, you may not be able to make full use of our Websites. For example, you may not be able to add items to your shopping basket, proceed to checkout, or use any of our products and services that require you to sign in.
Where we display personalised adverts on other organisations’ websites, the AdChoices icon will usually be displayed. Clicking on this icon will provide you with specific guidance on how to control your online advertising preferences. More information is available on the YourAdChoices website.
You have the following rights in relation to your personal data:
To request access to personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information held about you and to check that we are lawfully processing it.
To request correction of the personal information that we hold. This enables the correction of any incomplete or inaccurate information we hold, though we may need to verify the accuracy of the new information provided to us.
To request erasure of personal information. This enables the deletion or removal personal information where there is no good reason for us continuing to process it. A request can also be made for deletion or removal of personal information where the right to object to processing has been successfully exercised (see below), where we may have processed information unlawfully or where we are required to erase personal information to comply with local law. Note, however, that we may not always be able to comply with requests of erasure for specific legal reasons with notification of this given, if applicable, at the time of any request.
To object to processing of personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing personal information for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process information which override your rights and freedoms.
To request restriction of processing of personal information. This enables a request to be made to us to suspend the processing of personal information in the following scenarios: (a) if you want us to establish the information’s accuracy; (b) where our use of the information is unlawful but you do not want us to erase it; (c) where you need us to hold the information even if we no longer require it because it is needed to establish, exercise or defend legal claims; or (d) you objected to use of the information but we need to verify whether we have overriding legitimate grounds to use it.
To request the transfer of personal information back to whom it belongs or to a third party. We will provide to you, or a third party you have chosen, your personal information in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which we were given consent to use or where we used the information to perform a contract with you.
To withdraw consent at any time where we are relying on consent to process personal information. However, this will not affect the lawfulness of any processing carried out before the withdrawal of consent. If consent is withdrawn, we may not be able to provide certain products or services. We advise if this is the case at the time of the withdrawal of consent.
If you wish to exercise any of these rights then please contact us by using the details provided under the ‘How to contact us’ section below.
There is no fee to access personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if a request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with a request in these circumstances.
We may need to request specific information to help us confirm your identity when making the request and ensure your right to access the personal information (or to exercise any of the other rights). This is a security measure to ensure that personal information is not disclosed to any person who has no right to receive it. We may also contact you to ask for further information in relation to the request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if the request is particularly complex or a number of requests have been made.”
How to contact us
If you have any concerns or complaints about a breach of your privacy or have any questions about the way we handle your personal data or sensitive personal data, please contact us by sending an email to firstname.lastname@example.org.
We reserve the right to change the policy at any time, so please check back regularly to keep informed of updates to this Policy.