Last updated 01/06/2022
1.1. “Data Protection Act 2018” – means the UK’s implementation of the General Data Protection Regulation (GDPR) as amended, consolidated or replaced from time to time;
1.2. “personal data” – means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
1.3. “processing” – means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
2. What information does Copes Readymix collect and how is this information used?
2.1. Contact Information
When you contact us through our online ‘Contact Us’ form, we process the contact information that you provide to us, including your name, business/company name, phone number, postcode and email address. This contact information may be processed for the purposes of communication with you, for example, to respond to enquiries or requests from you for additional information about our products and/or services or any other pre-sale marketing inquiries. We also use this contact information to monitor customer/potential customer communications. You do not need to provide this information to us but if you don’t, we will not be able to respond to your communication. The legal basis for this processing is our legitimate interests, namely the business and communications with customers/potential customers.
This contact information may be processed for the purpose of sending you from time to time (by email, SMS text message, telephone, post or other electronical means) marketing information about Copes Readymix products and services which may be of interest to you, such as newsletters, offers, new marketing brochures, product launches, technical updates, and “Marketing notifications” The legal basis for this processing is consent. You may decline to receive Marketing Notifications from us by contacting us using the details in Section 12 or through our online ‘Contact Us’ form, available at: /#contact or by following any instructions we may include in the Marketing Notification we send to you eg, an un-subscribe or opt out mechanism will appear at the foot of any Marketing Notifications we send you.
2.3. Customer Relationship
When you contact us through our online ‘Contact Us’ form with a post-sale enquiry or interact with our customer support representatives via email, telephone or in person, we may
process contact information, such as your name, business/company name, phone number and email address and we may also collect information about the products or services you or your employer or a third party has purchased from Copes Readymix. This may include assisting you with the resolution of technical support issues or other issues relating to websites or services, whether by email, in-app support or otherwise to provide customer support. The legal basis for this processing are in performing the contract that we have entered into with you or your employer or a third party and our legitimate business interest in managing our relationships with customers.
2.4. Visitor’s Usage Log Information
2.5. Legal Requirements
The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others. In addition to the specific purposes for which we may process your personal data set out in this Section 2, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
3. How we share your personal data?
3.2. We may sometimes contract with third parties to supply products and services to us and/or to you on our behalf, such as with suppliers, subcontractors, vendors or installers that
assist us in marketing and customer service, integration services, customer support, and cloud hosting services. Such service providers are required by contract to keep confidential and secure the information received on our behalf and may not use it for any purpose other than to carry out the services they are performing for us. In some cases, the third parties
may require access to some or all of your data. Where any of your data is required for such purpose, we will take all reasonable steps to ensure that your data will be handled safely,
securely, and in accordance with your rights, our obligations, and the obligations of the third party under the law.
3.3. We may compile statistics about the use of our Service including data on traffic, usage patterns, user number, sales and other information. All such data will be anonymized and
will not include any personally identifying data, or nay anonymized data that can be combined with other data and used to identify you. We may from time to time share such
data with third parties such as prospective affiliates or partners or advertisers. Data will only be shared and used within the bounds of the law.
3.4. In certain circumstances, we may be legally required to share certain data held by us, which may include your personal data, for example, where we are involved in legal proceedings, where we are complying with legal obligations, a court order, or a governmental authority.
4. What happens if our business changes hands?
5. Retaining and deleting personal data
5.1. This Section 5 sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.
5.2. Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes for which that data is collected, held and processed, and as permitted or required by law.
5.3. Not withstanding the other provisions of this Section 5, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person. All such retention will be subject to the implementation of appropriate technical
and organizational measures to protect the rights and freedoms of data subjects, as required by applicable law.
6. Where does Copes Readymix store your personal data?
6.1. We store your personal data on third-party servers operated by Amazon Web Services with servers located in the U.S to host our online and mobile services for accounting purposes
6.2 We also store personal data on third-party servers based in the USA to host our online and mobile services for service support request tracking purposes
6.3 Personal information held on our dedicated third-party online server is based in the UK and is used to host your services supplied to you or your business such as emails, websites, and databases
7. How does Copes Readymix protect the security of your personal data?
7.1. We implement and maintain reasonable and appropriate technical and organizational security measures to protect the personal data we process, from unauthorized access, alteration, disclosure, loss or destruction.
7.2. Should despite our security measures, a security breach occur that is likely to result in a risk to the data privacy of a data subject, we will inform the relevant data subjects and other affected parties, as well as relevant authorities when required by applicable European data protection law, about the security breach as soon as reasonably possible.
8. The rights you have over your personal data
8.1. We have listed below the rights you have under the Data Protection Act 2018 law with respect to your personal data. You should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights:
- 8.1.1. The right to be informed about our collection and use of personal data (see Section 8.2);
- 8.1.2. The right of access to the personal data we hold about you (see Section 8.2);
- 8.1.3. The right to rectification if any personal data we hold about you is inaccurate or incomplete;
- 8.1.4. The right to be forgotten (see Section 8.3);
- 8.1.5. The right to restrict the processing of your personal data (see Section 8.4);
- 8.1.6. The right to data portability (obtaining a copy of your personal data to re-use with another company);
- 8.1.7. The right to object us processing your personal data for particular purpose;
- 8.1.8. Rights with respect to automated decisions making and profiling; and
- 8.1.9. The right to withdraw consent (see Section 8.5).
8.2. You have the right to confirmation as to whether or not we process your personal data and, where we do, access to the personal data, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Providing the rights and freedoms of others are not affected, we will supply to you a copy of your personal data in accordance to the European data protection law. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee.
8.3. In some circumstances you have the right to ask us to delete any personal data we hold about you without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; you object to the processing under certain rules of applicable data protection law; and the personal data have been unlawfully processed. However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary: for compliance with a legal obligation; or for the establishment, exercise or defence of legal claims.
8.4. In some circumstances you have the right to restrict the processing of your personal data. Those circumstances are: you contest the accuracy of the personal data; processing is unlawful but you oppose erasure; we no longer need the personal data for the purposes of our processing, but you require personal data for the establishment, exercise or defence of legal claims; and you have objected to processing, pending the verification of that objection. Where processing has been restricted on this basis, we may continue to store your personal data. However, we will only otherwise process it: with your consent; for the establishment, exercise or defence of legal claims; for the protection of the rights of another natural or legal person; or for reasons of important public interest.
8.5. To the extent that the legal basis for our processing of your personal information is consent (e.g., for marketing purposes), you have the right to withdraw that consent at any time. If you make such withdraw, we will cease to process your personal data for this purpose, provided that such withdrawal will not affect the lawfulness of processing before the withdrawal. If the processing is not based on consent, you have the right to object to the processing.
8.6. If you would like to exercise, or assistance with, any of the aforementioned rights, you may contact our Data Protection Officer at: firstname.lastname@example.org or by using the contact details as described in Section 12 below.
8.7. If you have any cause for complaint about our use of your personal data, please contact our Data Protection Officer at: email@example.com or by using the contact details as described in Section 12 below and we will do our best to solve the problem for you. If we are unable to help, you also have the right to make a complaint to the applicable data protection supervisory authority (if in the UK is to the Information Commissioner Office advice bureau at www.ico.org.uk).
9. Third Party Websites
10. Our Services are not intended for Children
Our Services are meant for adults. We do not knowingly collect personal data from children. If you are a parent or legal guardian and think your child has given us information, you can contact us.
12. Contact Us