Last updated: September 2018
At Precision Microdrives we are committed to protecting and preserving your privacy while complying with applicable laws and regulations to make sure that the personal information you give us is kept appropriately secure and processed fairly and lawfully.
This privacy notice describes to you:
- who we are
- what personal data we collect and store about you, and how we collect it
- why we collect personal data and what we do with it
- the categories of third parties with whom we share your personal data
- how we retain your information and keep it secure
- your rights and how to exercise them
- how to contact us
1. Who are we?
For the purposes of data protection law, the “controller” is Precision Microdrives Limited, a company incorporated and registered in England and Wales under company number 5114621 with its registered office address 1.07 Canterbury Court,1-3 Brixton Road, London, SW9 6DE, United Kingdom (from now on referred to as “we” “us” and “our”).
As controller, we are responsible for and control the processing of, your personal data.
2. What information do we collect from you?
In the course of our business, which is the sale of micro motors we collect the following personal data when you provide it to us:
- personal details, such as:
- name and title
- contact data, such as:
- delivery address
- billing address
- e-mail address
- telephone and mobile number(s)
- payment details such as:
- card details
- Bank details for BACS payments
- transaction data, such as:
- details about payments to and from you
- details of products and services you have purchased from us
- technical data, such as:
- internet protocol (IP) address
- browser type and version
- time-zone setting and location
- browser plug-in types and versions
- operating system and platform and other technology on the devices you use to access our website
- profile data, such as:
- orders made by you
- usage data, such as
- information about how you use our website, products and services
- marketing data, such as:
- your preferences in receiving marketing and communications
We do not knowingly collect “special category” personal data. This is a special type of sensitive data to which more stringent processing conditions apply and comprises data concerning your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, sex life or sexual orientation, and genetic data and/or biometric data. We also do not collect information about criminal convictions or offences.
3. How do we collect personal data?
We obtain personal data from sources as follows:
- directly from you when you interact with us, for example when you
- buy our products
- sign up to our mailing lists
- request information
- write to us
- phone our sales or engineering team (since your call may be recorded for training, fraud prevention and investigation purposes)
- apply for a job or send a CV
- from customers, if they provide your details in relation to an order or a wish list: if you are providing another person’s details, please ensure you have that person’s explicit consent to do so
- from automated technologies such as cookies and tags when you use our website – for more information, please see our cookies policy to find out more information.
4. How do we use your personal data?
We will only use your personal data when the law allows us to. We will use your personal data in the following circumstances:
- to perform a contract we are about to enter into or have entered into with you
- if it is necessary for our legitimate interests (or those of a third party) and these are not overridden by your own rights and interests
- where we need to comply with a legal or regulatory obligation
In order to process personal data, we must have a lawful reason. We always ensure that this is the case, and we set out our lawful bases below – but please note that more than one may apply at any given time.
We will use your personal data only for the purposes for which we collected it unless we fairly consider that we need it for another reason that is compatible with the original purpose.
If you are our customer or applying for a job, we will process your personal data for the following purposes, on the legal basis that it is necessary for us to provide our products and services to you:
- to enable us to carry out our services
- to identify you
- to respond to your inquiries
- to the extent necessary to provide you with the information you have requested in relation to our products and services before you decide to purchase them
- to provide our products and services, including enabling them to be delivered to you and contacting you about your order (for example, regarding stock or availability)
- to carry out billing and administration activities, including refunds and credits
- to evaluate your job application and take any next steps
You are not obliged to provide us with any of this information, but if you chose not to, we may be unable to provide the product or service that you have requested.
We process your personal information for our legitimate business purposes, which include the following:
- to conduct and manage our business
- to identify suspicious purchasing activity – however, we do not make automated decisions on the basis of such profiling
- to ensure our website and systems are secure
- to analyse, improve and update our services for the benefit of our customers
- to deal with complaints
- where you have made a purchase from us, to let you know about our products or services that we consider may be of interest to you (and which may be tailored to your interests based upon your purchase history). We do this only where you have provided us with a preferred means of contact for this purpose. We carry out this processing on the legal basis that we have a legitimate interest in marketing our products and services, and only to the extent that we are permitted to do so by applicable direct marketing laws. You can opt out of receiving this information by unsubscribing from our emails or by contacting us via email, phone or post. Whenever we process your personal data for these purposes, we ensure that your interests, rights and freedoms are carefully considered.
Compliance with laws
We may process your personal data in order to comply with applicable laws.
If you have never purchased from us or have not purchased from us for a long time, but have given us your explicit consent to hear from us about our products or services that we consider may be of interest to you, we will contact you (according to the contact preference you have provided). You have the right to withdraw consent to marketing at any time.
5. Do we share your personal data?
We may provide your personal data to the following recipients for the purposes set out in this notice:
- other companies in our group, currently
- Precision Microdrives Limited
- PMD Engineering Limited
- our service providers, including
- logistics providers, such as those who deliver our orders
- e-mail and mail service providers
- technical and support partners, such as the company who hosts our website and who provides technical support and backup services
- merger or acquisition partners, to the extent that sharing your personal data, is necessary
- law enforcement agencies, government or public agencies or officials, regulators, and any other person or entity that has the appropriate legal authority where we are legally required or permitted to do so, to respond to claims, or to protect our rights, interests, privacy, property or safety
- any other parties, where we have your specific consent to do so.
6. Do you have to provide personal data – and, if so, why?
To form a contract with you, we will need some or all of the personal data described above so that we can perform that contract or the steps that lead up to it. If we do not receive the data, the contract can not be performed.
If you sign up to our mailing list, you will have to provide certain personal data. You can decide to stop receiving our mailings at any time.
7. How long will your personal data be kept for?
We carefully consider the personal data that we store, and we will not keep your information in a form that identifies you for longer than is necessary for the purposes set out in this notice or as required by applicable law. We respect requests to stop processing your personal data for marketing purposes.
8. Do we transfer personal data outside the EEA?
Although we are a UK based company, we may transfer your personal information to a location (for example, to a secure server) outside the European Economic Area, if we consider it necessary or desirable for the purposes set out in this notice.
In such cases, to safeguard your privacy rights, transfers will be made to recipients to which a European Commission “adequacy decision” applies (this is a decision from the European Commission confirming that adequate safeguards are in place in that location for the protection of personal data), or will be carried out under standard contractual clauses that have been approved by the European Commission as providing appropriate safeguards for international personal data transfers, or by the adoption of EU-US Privacy Shield.
9. How do we keep your personal data secure?
Precision Microdrives has security measures in place designed to prevent data loss, to preserve data integrity, and to regulate access to the data. Only our employees and third parties processing data on our behalf have access to your personal data.
All our employees who have access to your personal data are required to adhere to our Privacy Notice and we have in place contractual safeguards with our third-party data processors to ensure that your personal data is processed only as instructed by Precision Microdrives.
The security measures we have in place include:
- regular reviews of information collection, storage and processing practices to protect against unauthorised access
- restriction of access to personal information
- monitoring of systems storing and processing information
- use of secure technologies (e.g. SSL, encryption)
- scenario planning and crisis-management exercises to ensure we are ready to respond to cybersecurity attacks and data security incidents.
We take all reasonable steps to keep your data safe and secure and to ensure the data is accessed only by those who have a legitimate interest to do so. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to us. Any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.
10. Your information rights
We draw your attention to your following rights under data protection law:
- right to be informed about the collection and use of your personal data
- right of access to your personal data, and the right to request a copy of the information that we hold about you and supplementary details about that information
- right to have inaccurate personal data that we process about you rectified. It is your responsibility to ensure you submit true, accurate, and complete information to us. Please also update us in the event this information changes.
- right in certain circumstances to have personal data that we hold on you blocked, erased or destroyed
- the right to object to, or restrict:
- processing of personal data concerning you for direct marketing
- in certain other situations, to our continued processing of your personal data
- the right of portability of your data in certain circumstances.
Please contact us if you would like to exercise any of these rights or know more about them.
These rights are subject to certain limitations that exist in law. Further information about your information rights is available on the ICO’s website: https://ico.org.uk/.
13. Your right to Complain
write to: Precision Microdrives, 1.07 Canterbury Court, 1-3 Brixton Road, London, SW9 6DE
phone: +44 (0) 1932 252482.
Should you find it necessary, you have a right to raise a concern with the information regulator, the Information Commissioner’s Office: https://ico.org.uk/
May 2018 - Policy updated in-line with GDPR requirements
September 2018 - registered address updated