Updated: 31st July 2020
At ELSS Group Ltd we take your data privacy very seriously and strive to comply with GDPR General Data Protection Regulation (EU) 2016/679.
What information do we collect about you?
We collect information about you when you request that we contact you by filling out the contact form. The personal data collected when you submit a form to us for processing is Name, Email, Website Address and details of your enquiry.
How will we use the information about you?
The information that we collect about you enables us to make contact with you to discuss our services, manage your account and, if you consent, to email you about other products and services we think may be of interest to you.
We use your information collected from the website to personalise your repeat visits to our website. If you consent, we shall pass on your personal information to our group of companies so that they may offer you their products and services. ELSS Group Ltd will not share your information with companies outside the organisation except where required to mailing list providers as detailed below.
Information provided for marketing purposes will be retained and regular consent will be sought to continue providing you with this service. You have the right to unsubscribe and have your data deleted at any time as defined at the end of this policy.
The data you provide will be transmitted via SSL encryption (Secure Sockets Layer) which is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.
The information is stored on a secure server in an ISO27001 compliant data centre in the EU. This server has regular vulnerability scans run and action is taken if any updates are found needing to be done. Our hosting partner themselves are GDPR compliant – you can view their terms HERE.
We have implemented robust security tools to protect our website from potential threats such as malware attacks, DDoS attacks, hacking, etc…
Under General Data Protection Regulation (EU) 2016/679 if the personal data that you store about you has been compromised in any form we will report the breach to the DPC (Data Protection Officer) within 72 hours. We have procedures in place to detect, report and investigate a personal data breach and will comply with these and review them on a regular basis. If a data breach is likely to bring harm to you the ‘individual’ (such as identity theft or breach of confidentiality) you will also be notified.
We operate an email mailing list program, used to inform subscribers about products, services and/or news we supply/publish. Users can subscribe through an online automated process where they have given their explicit permission. Subscriber personal details are collected, processed, managed and stored in accordance with the regulations named in ‘The policy’ above. Subscribers can unsubscribe at any time through an automated online service, or if not available, other means as detailed in the footer of sent marketing messages (or unsubscribe from all Mailchimp lists for example). The type and content of marketing messages subscribers receive, and if it may contain third party content, is clearly outlined at the point of subscription.
Email marketing messages may contain tracking beacons / tracked clickable links or similar server technologies in order to track subscriber activity within email marketing messages.
Where used, such marketing messages may record a range of subscriber data relating to engagement, geographic, demographics and already stored subscriber data.
Our EMS (email marketing service) and other providers including their privacy policies are listed below:
Facebook pixel: https://www.facebook.com/business/gdpr
Consenting to receiving our mailouts requires us to send email addresses and names to these providers which can be based outside of the EU.
We would like to send you information about products and services of ours and other companies in our group which may be of interest to you. If you have consented to receive marketing, you may opt out at any time. You have a right at any time to stop us from contacting you for marketing purposes or giving your information to other members of the Retail Group.
If you no longer wish to be contacted for marketing purposes, please email us at email@example.com to have your data deleted.
Access to your information and correction
You have the right to request a copy of the information that we hold about you. If you would like a copy of some or all of your personal information, please email us at firstname.lastname@example.org or write to us at our registered address above. We reserve the right to charge a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive.
We also reserve the right to charge a reasonable fee to comply with requests for further copies of the same information. This does not mean that we are able to charge for all subsequent access requests.
The fee will be based on the administrative cost of providing the information.
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
For further information visit www.aboutcookies.org or www.allaboutcookies.org.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However in a few cases some of our website features may not function as a result.
• by email to email@example.com
• Unit 3, Windyhill Retail Park, 16 Windyhill Road, Limavady, BT49 0RA, N.Ireland
If you feel that your personal data has been misused you have the right to lodge a complaint with a supervisory authority, in the UK this is the Information Commissioner’s Officer. In the Republic of Ireland this is the Data Protection Commissioner.