PRIVACY NOTICE FOR CUSTOMERS, SUPPLIERS AND WEBSITE USERS

1. ABOUT THIS PRIVACY NOTICE

We, Stocks 2015 Ltd, operate this website (www.stocksmcr.com) (this site). In this Privacy Notice, references to “Stocks”, “we”, “us” and “our” are to Stocks 2015 Ltd.

The purpose of this site is to provide you, as a customer or supplier (or prospective customer or supplier), with information about Stocks and the products and services we offer. This Privacy Notice is designed to provide you with information about how we obtain and process your personal data in connection with your use of this site and/or when you purchase or supply products and services from or to us.

We may collect, use, store and transfer different kinds of personal data about you when you use this site and/or purchase our products and services. In respect of all users of this site, the personal data we may collect includes information you send us when you make an enquiry. If you are a business representative for one of our customers or suppliers, or prospective customers or suppliers, the personal data we collect about you is likely to be more limited, but could include, for example, your name and contact details.

We will process your personal data as a “data controller”. This means that we are responsible for deciding how we hold and use personal data relating to you.

Please read this Privacy Notice carefully together with our Terms and Conditions of Service if you are purchasing or supplying products and services from or to us. From time to time we may also issue other privacy or fair processing notices to you relating to the way in which we collect personal data about you which we will bring to your attention.

2. HOW TO CONTACT US

This site is operated by Stocks 2015 Ltd. We are a limited company registered in England and Wales under company number 9561548 and have our registered address at Unit 4, Caledonia Way, Stretford Motorway Estate, Stretford, Manchester, M32 0ZH.

To contact us, please email enquiries@stocksmcr.com or telephone us on 0161 667 8555

3. THE DATA WE COLLECT AND PROCESS ABOUT

Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (i.e. anonymous data). It also does not include information relating solely to a business or other organisation, rather than to a person.

We have grouped together the types of personal information we may collect, store and use about you. This includes (but is not an exhaustive list) the following types and categories of personal information about you:

  • Identity and contact data – name, email address, telephone number, job title, employer, title, business address.

  • CRM data – your marketing preferences, feedback, survey responses and other communications with us.

  • Transaction and financial data – if you are a business representative paying for our services, we may capture your personal data either peripherally or if you use personal payment details

  • Social media data – data we have access to through a social media platform when you connect with us or like or follow our social media accounts, including your social media handle, photograph, date of birth, location, occupation, interests and other information and content you make available via your social media accounts.

  • CCTV data – footage of you which will be recorded on our CCTV cameras (for security and public safety purposes) if you visit our premises.

  • We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.

4. HOW WE COLLECT PERSONAL DATA

We mostly obtain your personal information directly from you, for example when you correspond or interact with us directly by post, telephone, email or otherwise. This includes personal data you provide when you make an enquiry, provide us with feedback or contact us on behalf of a customer or supplier in (as a business representative).

We may sometimes obtain additional information from third parties including your employer or colleagues (where you are a business representative) and information in the public domain (including on social media websites, such as LinkedIn). If you use your personal payment details to pay for an order, we may also obtain information from third party payment providers.

5. HOW AND WHY WE USE PERSONAL DATA

We will only collect and process your personal information where we have a legal basis to do so. The legal basis will vary depending on the manner and purpose for which we are collecting your personal information. Most commonly, we will use your personal data in the following circumstances:

Where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract;

  • Where we have your consent to do so, subject to your right to withdraw consent (further details provided in section 13 below);

  • Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests (see further below); and

  • Where it is necessary to comply with a legal or regulatory obligation.

Our legitimate interests in processing your personal data for our own business purposes, include (without limitation):

  • To respond to an enquiry from you submitted to us via post, email and telephone;

  • To administer and protect our business and this site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data);

  • To manage our relationship with you and notify you of changes to our terms and conditions or this Privacy Notice;

  • To supply and purchase products and services;

  • To liaise with business representatives in connection with purchasing and supplying products and services, including processing orders, and managing payments and collecting and recovering money owed to us;

  • To promote our services, including sending details of any new products and services which may be of interest to you by email (as explained in section 6 below);

  • To manage, operate and grow our business effectively and efficiently;

  • To monitor and improve the effectiveness of our marketing communications

  • To maintain accurate and up-to-date business records;

  • To fulfil our legal, regulatory and risk management obligations, including to establish, exercise or defend legal claims;

  • For fraud prevention, anti-money laundering, and for the prevention or detection of crime;

  • To maintain our CCTV systems for the purpose of ensuring the safety and security of our people and premises.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you require further detail about the specific legal ground we are relying on to process your personal data.

If you fail to provide certain information to us when requested, we may not be able to perform the contract we have entered into with you (such as paying you or providing a benefit), or we may be prevented from complying with our legal obligations (such as to ensure the health and safety of our workers), or you may be unable to exercise your statutory rights (such as in relation to statutory leave entitlements or tax benefits).

Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

6. MARKETING

We may from time to time send you marketing communications by email if you:

  • have purchased or supplied products or services from or to us (or you are a business representative acting on behalf of a customer or supplier who has purchased or supplied products or services from or to us) and you have not opted out of receiving marketing communications from us; and/or

  • have consented to receive marketing communications from us.

We will not sell your personal data to third parties for marketing purposes.

You can ask us to stop sending you marketing communications at any time, by:

  • clicking on the unsubscribe link in the footer of any marketing email from us;

  • contacting us at enquiries@stocksmcr.com.

7. WHO HAS ACCESS TO MY PERSONAL DATA?

We may share your personal data with third parties, including third party service providers who provide the following services to us:

  • IT or software providers (including IT hosting providers);

  • Payment services

  • Marketing services

Where these third parties process personal data on our behalf, they will only be permitted to process your personal data for specified purposes and, where they are processing personal data on our behalf, in accordance with our instructions.

We may also share your personal information with:

  • HMRC and other public bodies to comply with the law;

  • our insurers and professional advisers (who may be acting as data controllers) including lawyers, bankers and auditors in connection with the provision of consultancy, banking, legal, insurance and accounting services to us;

  • third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets.

Where we share data with third parties such as the HMRC, those third parties may also be controllers of your data. We shall not be responsible or liable for the way in which other data controllers hold or process your personal data. Please contact those third parties for further information regarding how they will use your data. We shall only share your personal data with third parties in accordance with this Privacy Notice.

8. INTERNATIONAL TRANFERS

If we have a business need to transfer or store your personal data at a destination outside the European Economic Area (EEA), we shall ensure a similar degree of protection is afforded to your personal data by ensuring appropriate safeguards are implemented in accordance with applicable laws.

9. HOW DO WE PROTECT PERSONAL DATA?

We take the security of your data seriously. We have put in place security measures, including internal policies and controls, to ensure that your data is not lost, accidentally destroyed, misused or disclosed.

We also limit access to your personal information to our personnel and other third parties who have a business need to know such information. They are subject to a duty of confidentiality.

10. CHANGE OF PURPOSE

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we wish to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.

We may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.

11. HOW LONG DO WE KEEP PERSONAL DATA?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

As a general rule, we will retain business records (and personal data contained within them) for a period of seven years following the end of our relationship with that customer or supplier. We will keep this under review and may periodically delete personal data which we no longer require.

In some circumstances we may be entitled or required to retain your data for a longer period where we are under a legal obligation to do so or in order to commence or defend legal proceedings in future.

We shall not have any liability whatsoever to you for the deletion of personal data in accordance with our data retention policy.

12. YOUR RIGHTS

You have the following rights in respect of the personal data that we process about you (where we determine the purpose and means for which that personal data shall be processed):

  • the right to request access to the personal data we hold about you and certain information about how we process it (commonly known as a “data subject access request”);

  • you may have the right in accordance with applicable data protection law to have personal data we hold about you rectified or restricted;

  • you may, in some circumstances, have the right to have personal data we hold about you deleted (although note that we may not always be able to comply with such a request for specific legal reasons which will be notified to you, if applicable, at the time of your request);

  • in some circumstances, you may have the right to receive or ask for your personal data to be transferred to a third party;

  • you have the right to object to how we process your personal data in certain circumstances, including the right to ask us not to process your personal data for marketing purposes;

  • where we are processing personal data relating to you on the basis that we have your consent to do so, you may withdraw your consent at any time (this will not affect the lawfulness of any processing carried out before you withdraw your consent). If you withdraw your consent, we may not be able to provide certain products or services to you.

If you wish to exercise any of the rights set out above in respect of your personal data, please contact us by email at enquiries@stocksmcr.com.

We may ask you to verify your identity if you make a request to us to exercise any of the rights set out above.

If you believe that we have not complied with your data protection rights, you have the right to make a complaint to the Information Commissioner’s Office, the ICO (the supervisory authority for data protection in the UK). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please do contact us in the first instance.

13. CHANGES

We reserve the right to update this Privacy Notice at any time, and we will provide you with a new privacy notice when we make any substantial updates. We may also notify you in other ways from time to time about the processing of your personal information.

We encourage you to help us to comply with our obligations by telling us promptly if you change your contact details or other personal information. You have the right to question any information we hold about you that you think is wrong or incomplete. Please contact us if you want to do this. If you do, we will take reasonable steps to check its accuracy and correct it.

This Privacy Notice was last updated in November 2018.