The EU General Data Protection Regulation (“GDPR”) comes into force across the European Union on 25th May 2018 and brings with it the most significant changes to data protection law in two decades. Based on privacy by design and taking a risk-based approach, the GDPR has been designed to meet the requirements of the digital age.
The 21st Century brings with it broader use of technology, new definitions of what constitutes personal data, and a vast increase in cross-border processing. The new Regulation aims to standardise data protection laws and processing across the EU; affording individuals stronger, more consistent rights to access and control their personal information.
Taste Vending Ltd are committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have always had a robust and effective data protection program in place which complies with existing law and abides by the data protection principles. However, we recognise our obligations in updating and expanding this program to meet the demands of the GDPR in accordance with the Data Protection Act 1998 and the Electronic Communications Regulations 2003, These laws are being updated and we are bound to inforce by the 25th May 2018.
Taste Vensing Ltd are dedicated to safeguarding the personal information under our remit and in developing a data protection regime that is effective, fit for purpose and demonstrates an understanding of, and appreciation for the new Regulation. Our preparation and objectives for GDPR compliance have been summarised in this statement and include the development and implementation of new data protection roles, policies, procedures, controls and measures to ensure maximum and ongoing compliance.
We gather information either over the phone, contracts signed by customers and via our website, either web orders, web chat or web enquiries. We will not share your personal information with any third party unless made aware or instructed to by you. If you have concerns over our policy or practices, then we advise you not use our website or provide us with any information via other methods.
Information We Collect
We collect your personal information in the following ways:
When you Give it to Us Directly?
- In person, by email, phone or through the post
- Contacting us through our websites
- Through social media
- Making a purchase through our websites
- Applying for a job
- Sign paper agreements
- Completing our account opeing forms and office documentation
When you Give it to Us Indirectly?
On the rare occasion your information might be shared with us through independent third-party interactions. These third parties will only provide us with your information if you have given your permission for it to be shared with us.
We routinely work with trusted partners and suppliers who work with us on our behalf, such as when you order through our websites and your payment details are handled securely by our Payment Service Provider PayPal.
When you engage with our social media accounts we may also obtain your personal information, such as through Facebook, Twitter, or LinkedIn, depending on your settings or the privacy notices of these platforms and messaging services. You can change your settings by referring to their privacy notices for details on how to do this.
When you Visit Our Websites or Social Media
We do not gain any personal information from any third parties when you use our website unless you subscribe to our mailing list.
When using Facebook, Twitter, or linked in accounts we will only gather details when we have responses from interested parties. We do not troll social media to gather information. If you react to our posts, comments, campaigns then in some cases we will use your personal information to provide you with usefull and relevant information.
How We Use Your Personal Information
As a business we must collect personal information when processing orders, opening accounts and taking payments from customers. We collect limited information to ensure we can offer the best possible service and ensure a smooth business transition. Personal information includes your name, email address, postal address, telephone numbers, and credit/debit card details.
The legal basis for processing your personal information is legitimate interest which means that we have respectfully considered the need to process your personal data, when using and processing your information we feel there is a legitimate reason to process your order either online or over the phone. Our legitimate reason to use your information could be for one of the following reasons:
- to contact you for repeat ordering therefore we securely keep a record of our communication for administrative purposes.
- to Contact you for annual maintenance or filter changes
- to identify and prevent fraud
- to enhance the security of our network and information systems
- to send marketing information of which we think may be of interest to you by email or post.
- to administer employment applications
- to process and fulfil any services, orders or enquiries you place with us through our websites or by telephone
- for any lawful reason related to the GDPR and data protection policy
All information is kept securely and in compliance with the GDPR. We will never sell your details or pass to any unauthorised personnel.
Transfers of your information out of the EEA
We will not transfer your personal information outside of the EEA at any time
Changes to this Policy
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) about how we manage your data.
You can contact them in the following ways:
Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Phone: 0303 123 1113
Keeping Your Information Secure
Taste Vending Ltd have appropriate security measures in place to prevent personal information from being accidently lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
All paper-based documentation is help in a locked cabinet with key holders being authorised and management within the business.
We will also use technological and organisation measures to keep your information secure,
We have procedures in place to deal with any suspected data breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Indeed, while we will use all reasonable efforts to secure your personal data in using the site you acknowledge that the use of the internet is not entirely secure and for the reason we cannot guarantee the security or integrity of any personal data that are transferred from you or to you via the internet. If you have any concerns about your information, please contact us using the detail below.
Credit and Debit Card Payment Information
When you order from us online or over the phone, Taste Vending ensures that this is done securely and in accordance with the Payment Card Industry Data Security Standard (PCI DSS) please look at the following link for more information: https://www.pcisecuritystandards.org/pci_security/.
All credit or debit card details are entered directly into our stripe pay Merchant Services or online we use the PayPal platform and never recorded or stored in any of our systems on completion of your transaction. Please do not send any information of you credit card, debit card or personal payment details via phone, email, post or any other unsecure method.
If you have any questions about the security of your personal information, you can contact us at @tastevending.co.uk
In the event of a data breach, we shall ensure that our obligations under applicable data protection laws are complied with where necessary.
How Long We Keep Your Data
Taste Vending Ltd will only keep your data for as long as you are a customer or in accordance with the statutory requirements. However, where information is not required we will ensure all data is disposed of in a secure manner. When there is a legitimate interest for us as the Data Controller to retain your personal information such as to inform or communicate with you as a customer, we shall retain the personal information for this purpose only. If, however you have informed us that you do not wish to hear from us in the future, we will may keep the minimum information but, in most cases, dispose of to ensure you are not contacted by us again. If you remain as an active customer or subscriber we will only keep your personal information for a period of 2 years, then we will remove all information from our systems.
Who We Share Your Information With
If we feel the need to use or disclose your personal information by law
We reserve the right to use or disclose your personal information if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with a law, court order, or legal process.
Sharing Your Information with Trusted Third Parties
We may share your person details with third parties to ensure a smooth transition of business procedures, however these will be with our trusted third parties or partners, for example, a courier services to ensure delivery of product or spare parts, leasing companies to underwrite machine finance or machine manufactures to deliver new machine. This is to ensure we can maintain our services and deliver on expectation. For your security and be remain compliant we require all partners or third-party providers to process your personal information only on our instructions and in accordance with applicable data protection and privacy laws.
Direct Marketing – we have revised the wording and processes for direct marketing, including clear opt-in mechanisms for marketing subscriptions; a clear notice and method for opting out and providing unsubscribe features on all subsequent marketing materials. However, as a business this is not generally how we conduct our business. If you are receving emails which are considered unauthorised or considered direct marking and you wish not to reveive them please either click the ‘unsubscribe’ link on the bottom of out email, or send us an email firstname.lastname@example.org
Postal marketing again is very rare but may be included with any orders you place with us including, these may contain the latest special offers on products. If you would prefer not to receive this information, please again contact us via post or telephone.
Telephone and SMS marketing - we do not carry out telephone or SMS marketing activities though we may call to update you on an order you have placed with us and if we do we may notify you of relevant offers on our products and services.
Taste Vending Ltd respect your confidentiality and will never send information unauthorised to you, however please contact us if you want to change any preferences.
What rights do you have?
Under the general data protection regulation, you have several important rights free of charge in summary, those include the right to
- Fair processing of information and transparency over how we use your personal information
- Access to your personal information and to certain other suppliementary information that this private notice is designed to address
- Requires us to correct any mistake on any information we hold
- Requires the erasure of personal information concerning you in certain situations
- Receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readble format and have the right to transmit the data to a third party in certain situations
- Object at any time to processing of personal information concerning you for direct marketing
- Object to decisions being taken by automatic means which produce legal effects concerning you or similarly significantly affect you
- Object in certain other situations to our continual processing of your personal information
- Otherwise restrict our processing of your personal information in certain circumstances
- Claim compensation or damages in breach of data protection laws
For further information on each of those rights, including the circumstances in which they apply, see guidelines from the UK information commissioners office (ICO) on individual rights under the general Data Protection Regulation (https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/)
If you would like to exercise any of these rights, please contact us via the following methods:
- Email: Info@tastevending.co.uk
- Telephone: 01202 800600
- Write to us:
Taste Vending Ltd
Unit 21 Old Street
Bailie Gate Industrial Estate
- Let us have enough information to identify you
- Let us have proof of identity (a copy of either your driving licence, passport, recent utility bill
- Let us know information to which your request relates
From time to time we may we may have other methods to unsubscribe or opt out from direct marketing including for example, unsubscribe buttons or web links. If such is offered, please note that there may be some period after selecting to unsubscribe in which marketing may still be received whilst your request is being processed.
This Website uses Paypal for all credit and debit card transactions. Under no circumstances will we hold sensitive payment details such as your card number, expiry date and security code. All transactions are handled through our accredited payment partner PayPal, visit paypal for more information www.paypal.co.uk
If you would prefer to arrange an order or pay over the telephone please contact one of our sales advisers on 01202 800600 during normal working hours.