We are White Griffin Ltd, a company registered in England and Wales with company number 10411839 and its registered address at Appledram Barns, Birdham Road, Chichester, West Sussex, United Kingdom, PO20 7EQ (“White Griffin”, “we” or “us”). Our correspondence address is firstname.lastname@example.org
We operate the website at www.whitegriffin.co.uk and www.whitegriffin.com (“Site”).
White Griffin Limited is the data controller for the purposes of the UK Data Protection Act 2018 and is responsible for your personal data.
White Griffin respects your privacy and is committed to protecting your personal data.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
The Site is not intended to be used by children and we do not knowingly collect data relating to children.
We may collect, use, store and transfer different kinds of personal data about you when you contact us, receive services from us and when you access the Site.
We may collect and process the following categories of information about you:
We do not collect any Special Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
We use different methods to collect data from and about you, including through:
We will use your personal data for the following purposes:
You can ask us to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time.
We may share your personal data in accordance with this policy with the following third parties:
We use third party suppliers to host our Site, and their servers are located in the USA. As a result, our processing of your data may involve a transfer of data to the USA.
Other of our suppliers, or staff working for them, may also operate in the USA, or in other countries outside of the EEA. These staff may for example be engaged in the fulfilment of your request or the processing of your payments or provide IT support services to us.
Please note that the USA and certain other countries outside the EEA do not provide the same legal standards for protection of your personal data that you have in the United Kingdom or EEA.
We have put in place appropriate security measures to prevent your personal data being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
All information you provide to us is stored on secure servers. However, the transmission of information over the internet or public communications networks can never be completely secure and we cannot 100% guarantee the security of data that you provide to us online.
If you believe your personal data has been breached, please contact us immediately at email@example.com
We will inform you before collecting your data if we intend to use your data for marketing purposes or if we intend to disclose your information to any third party for marketing purposes. You have the right to withdraw consent to marketing at any time by contacting us firstname.lastname@example.org
The Site may contain links to third party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control third-party websites and are not responsible for their privacy practices. These websites and any services accessible through them will have their own privacy policies. We encourage you to read those policies. We do not accept any responsibility for the actions of those third parties.
You have the following rights (subject to applicable local laws) in relation to the personal data that we hold about you:
We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data: see section 13 above for further information.
In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.