1. Important information and who we are
Controller
Web Box Cardiff Limited is the controller and responsible for your personal data (collectively referred to as “Web Box”, “WebBox”, “we”, “us” or “our” in this privacy statement).
We have appointed a data privacy manager who is responsible for overseeing questions in relation to this privacy statement. If you have any questions about this privacy statement, including any requests to exercise your legal rights, please contact the data privacy manager using the details set out below.
Contact details
Our full details are:
Full name of legal entity: Web Box Cardiff Limited (Company No. 07796087)
Name or title of data privacy manager: Will Roberts
Email address: will@webboxdigital.co.uk
Postal address: Fulmar House, Beignon Close, off Ocean Way, Cardiff, CF24 5HF
Telephone number: 02920 091929
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Changes to the privacy notice and your duty to inform us of changes
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
2. The data we collect about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:
- Identity Data includes, as appropriate, first name, last name, marital status, title and gender.
- Contact Data includes billing address, delivery address, place of work, email address and telephone numbers.
- Financial Data includes bank account and any other relevant direct debit details.
- Transaction Data includes details about payments from you and other details of services you have purchased from us.
- Technical Data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- Profile Data includes orders and enquiries submitted by you, your interests, preferences, feedback and survey responses.
- Usage Data includes information about how you use our website and services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and your communication preferences.
Please refer to our Privacy Notice for further information about the data we collect, how we collect it and how we use it.
3. How is your customer’s personal data collected and used?
When you engage us to provide a service, we shall provide you with our terms and conditions. These are also available on our website (Terms and Conditions).
Where we are engaged to provide a service to you, particularly where we are engaged to provide services in respect of your website and to provide email marketing services, we may collect and store personal data in relation to your website users, customers and marketing database.
We have set out in our Terms, the basis on which we collect and store this personal data.
Please note that in relation to the personal data we collect from you in this regard, you are the controller of and responsible for that personal data. It is your responsibility to ensure compliance with any relevant data protection legislation.
Personal data that we receive from you in this regard will be stored by us in accordance with our website back-up service provisions, details of which are set out in the Terms.
4. Data retention
How long will you use my customer’s personal data for?
We will only retain your customers’ or website users’ personal data for as long as you remain our customer, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of the personal data, the purposes for which we process it and whether we can achieve those purposes through other means, and the applicable legal requirements.