Privacy Notice

We take your privacy very seriously. This privacy notice will inform you as to how we look after your personal data when you visit our website www.greshampower.com (“our Website”) (regardless of where you visit from) and when you correspond with us by telephone, email or otherwise. It tells you about your privacy rights and how the law protects you.

IMPORTANT INFORMATION AND WHO WE ARE

Purpose of this privacy notice

This privacy notice aims to give you information on how Gresham Power Electronics collects and processes your personal data through the use of our Website, including any data you may provide through our Website when you make an online enquiry, request a call back and report a problem with our Website and when you correspond with us by telephone, email or otherwise.

Our Website is not intended for children and we do not knowingly collect data relating to children.

It is important that you read this privacy notice together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them.

Who we are

Gresham Power Electronics (“we”, “us”, “our”) is a ‘data controller’ for the purposes of your personal data. This means that we determine the purpose and means of the processing of your personal data. You will find our contact details at the end of this privacy notice (see below: “How can you contact us”).

PERSONAL DATA WE COLLECT ABOUT YOU

Personal data is any information relating to an identified or identifiable individual.

We collect, use, store and transfer different kinds of personal data about you. This may include:

  • Full name;
  • Job title;
  • Business name;
  • Name of your employer or the organisation you represent;
  • Address;
  • Email address;
  • Telephone numbers (mobile and landline);
  • Information to enable us to check and verify your identity e.g. your date of birth;
  • Information to enable us to undertake credit or other financial checks on you;
  • Your billing information, transaction and payment card information;
  • Your personal or professional interests;
  • CCTV images when you visit our offices;
  • Technical information from when you visit our Website, including your browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our Website;
  • Profile information, including any purchases or orders made by you and your preferences;
  • Information about how you use our Website;
  • Marketing and communications information, including your preferences in receiving marketing from us and your communication preferences; and
  • Information that you volunteer to us when you make an online enquiry, request a call back or  report a problem with our Website and when you correspond with us by telephone, email or otherwise

If you do not provide personal data

For individual customers or suppliers, where we need to collect personal data to enter into a contract with you and you fail to provide that data when requested, we may not be able to enter the contract with you. This data may include contact details or other relevant information. For individual customers, if you thereafter do not provide the personal data we ask for which may include contact details or other relevant information this may delay or prevent us from providing our products or services to you.

HOW YOUR PERSONAL DATA IS COLLECTED

Depending on the circumstances, we use different methods to collect personal data from and about you including:

  • Directly from you. You may give us your personal data by filling in forms on our Website or by corresponding with us by email, telephone or otherwise. This includes personal data you provide when you complete an online enquiry form or request our products or services.
  • Automated technologies or interactions. As you interact with our Website, we may automatically collect technical data about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies. Please see our cookies policy (see link above) for further details.
  • Other sources. We may receive personal data about you from various third parties as set out below:
  • Technical data from the following parties:
    • analytics providers e.g. Google;
    • advertising networks; and
    • search information providers.
  • Contact, financial and transaction data from providers of technical and payment and delivery services;
  • Credit reference agencies;
  • From an employee or representative of the organisation for whom you work;
  • From publicly accessible sources e.g. Companies House;
  • From a third party with your consent e.g. your bank; and
  • Via our IT systems e.g. door entry systems and reception logs, automated monitoring of our Website and other technical systems (such as our computer networks and connections), CCTV and access control systems, communication systems and email.

 

HOW AND WHY DO WE USE YOUR PERSONAL DATA?

Under data protection law, we can only use your personal data if we have a proper reason for doing so, for example:

  • to comply with our legal and regulatory obligations;
  • for the performance of our contract with you or to take steps at your request before entering into a contract;
  • for our legitimate interests or those of a third party; or
  • where you have given consent.

A legitimate interest is when we or a third party have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.

The table below explains what we use your personal data for and our lawful basis for doing so.

What we use your personal data for

Our lawful basis for processing data

 

For individual customers with whom we have contracts – to provide our products and services to youNecessary for the performance of our contract with you or to take steps at your request before entering into a contract with you
For other individuals who work for or represent corporate customers (or prospective corporate customers) e.g. for corresponding with you about the products and services we offer, to provide a price quote, to respond to your queries and to take steps under the contract with the organisation you work for or represent .Necessary for our legitimate interests or those of a third party e.g. to deal with pre-contractual enquiries or issues and to take steps under the contract with the organisation you work for or represent .
For individuals who work for or represent our suppliers (or prospective suppliers) e.g. for corresponding with you about the products or services your organisation offers, to obtain a price quote and to take steps under the contract with the organisation you work for or represent .Necessary for our legitimate interests or those of a third party e.g. to deal with pre-contractual enquiries or issues or to take steps under the contract with the organisation you work for or represent .
To manage our relationship with you which will include notifying you about changes to our terms of business or privacy notice

Necessary to comply with our legal obligations

Necessary for our legitimate interests i.e. to manage our relationship with you and to analyse and improve the products and services we offer

To prevent and detect fraud against you or usNecessary for our legitimate interests or those of a third party i.e. to minimise fraud that could be damaging for us and for you
Conducting checks to identify our customers and verify their identityTo comply with our legal and regulatory obligations
Other processing necessary to comply with legal and regulatory obligations that apply to our business (e.g. HMRC, HM Customs, VAT) or as otherwise permitted or required by lawNecessary to comply with our legal obligations
Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodiesNecessary to comply with our legal obligations
Ensuring business policies are adhered to e.g. policies covering data security

Necessary to comply with our legal obligations

Necessary for our legitimate interests or those of a third party e.g. to make sure we are following our own internal procedures so we can deliver the best service to you

Operational reasons, such as improving efficiency, training and quality controlNecessary for our legitimate interests or those of a third party e.g. to be as efficient as we can so we can deliver the best service for you at the best price
Ensuring the confidentiality of commercially sensitive information

Necessary to comply with our legal obligations

Necessary for our legitimate interests or those of a third party i.e. to protect commercially valuable information

Statistical analysis to help us manage our business e.g. in relation to our financial performance, customer base, product range or other efficiency measuresNecessary for our legitimate interests or those of a third party e.g. to be as efficient as we can so we can deliver the best service for you at the best price
Preventing unauthorised access and modifications to systems

Necessary to comply with our legal obligations

Necessary for our legitimate interests or those of a third party e.g. to prevent and detect criminal activity that could be damaging for us and for you

Updating and maintaining customer and supplier records

For individual customers, necessary for the performance of our contract with you or to take steps at your request before entering into a contract

Necessary to comply with our legal obligations

Necessary for our legitimate interests or those of a third party e.g. to make sure we can keep in touch with our customers and other contacts

Staff management and administrationNecessary for our legitimate interests or those of a third party e.g. to make sure we are following our own internal procedures and working efficiently so we can deliver the best service we are able to
External audits for the audit of our accounts or quality systems or Health and Safety procedures

Necessary to comply with our legal obligations

Necessary for our legitimate interests or those of a third party e.g. to make sure we are complying with our own internal quality procedures so that we can deliver the best service we are able to provide.

To make suggestions and recommendations to you about products or services that may be of interest to you and to keep you updated of special offers and general informationNecessary for our legitimate interests e.g. to develop our products/services and grow our business .
To enforce or apply our Website terms and conditions or any other agreementsNecessary for our legitimate interests or those of a third party e.g. to enforce our legal rights and protect our business
To administer and protect our business and our Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

Necessary for our legitimate interests e.g. for running our business, provision of administration and IT services, network security and to prevent fraud

Necessary to comply with our legal obligations

To deliver relevant website content to you and measure or understand the effectiveness of the contentNecessary for our legitimate interests e.g. to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy
To use data analytics to improve our Website, products/services, marketing, customer relationships and experiencesNecessary for our legitimate interests e.g. to define types of customers for our products and services, to keep our Website updated and relevant, to develop our business and inform our marketing strategy
For testimonials on our WebsiteWith your consent

 

We will only process sensitive personal data with your explicit consent or where it is necessary for legal claims.

Where we rely on consent as a lawful basis to process your personal data, you have the right to withdraw your consent at any time. To do this, please telephone, email or write to us (see below: “How can you contact us”).

Please note that we may process your personal data without your knowledge or consent where this is required or permitted by law.

Marketing communications

We may use your personal data to send you periodic communications by email, post, and text about our products and services.

We have a legitimate interest in processing your personal data for marketing purposes. This means we do not usually need your consent to send you information about our products and services. However, where consent is needed, we will ask for this consent separately and clearly.

We will always treat your personal data with the utmost respect and never sell or share it with other organisations for marketing purposes.

You have the right to opt out of receiving marketing communications at any time by:

  • emailing sales@greshampower.com
  • writing to us at Gresham House, Telford Road, Salisbury, Wiltshire, SP2 7PH for the attention of the Sales Manager; or a Director
  • using the ‘unsubscribe’ link in our emails

We may ask you to confirm or update your marketing preferences if there are changes in the law, regulation, or the structure of our business.

Cookies

We may obtain information about your general usage of our Website by using a cookie which is stored on your browser or the hard drive of your computer. Usage information helps us to improve our Website and to deliver a better and more personalised service.

You can block cookies by activating the setting on your browser which allows you to refuse the setting of all or some cookies. You can also indicate your preference to our Website to control its use of cookies. However, if you block cookies you may not be able to use all the features of our Website. For further information about our use of cookies, please refer to our cookies policy.

WHO DO WE SHARE YOUR PERSONAL DATA WITH

Depending on the circumstances, we may share your personal data with:

  • Companies within our group of companies which are based in the US and Israel;
  • External service providers e.g. website hosting provider, email service provider, PR and marketing service provider, IT providers, document management providers, banks, payment card providers, health and safety consultant and service providers who provide website hosting, email hosting, PR and marketing, financial, health and safety and carrier or postal services;
  • Professional advisers including lawyers, bankers, loss adjusters, insurers, auditors, technical consultants and experts who provide legal, banking, insurance, accounting, technical and expert services; and
  • Advertisers and advertising networks to send you marketing communications;

We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data.

We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal obligations.

We may also need to share some personal data with other parties, such as potential buyers of some or all of our business or during a re-structuring. Usually, information will be anonymised but this may not always be possible.

TRANSFERRING YOUR PERSONAL DATA OUTSIDE OF THE EUROPEAN ECONOMIC AREA

Some of organisations with whom we share your personal data are based outside the European Economic Area (EEA) (which comprises the countries in the European Union and Iceland, Liechtenstein and Norway) so their processing of your personal data will involve a transfer outside of the EEA. For example, we may share your personal data with our US parent company and group companies in the US and Israel and their third party technical advisors for the purposes of obtaining technical support, enhancing sales and considering operational issues and financial reporting.

These transfers are subject to special rules under European and UK data protection law.

Whenever we transfer your personal data outside of the EEA, we ensure a similar degree of protection is afforded to your data by ensuring one of the following (or one of the other grounds set out in data protection law) applies:

  • your data is transferred to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;
  • the transfer is necessary for the performance of a contract between you and us;
  • the transfer is necessary to establish, exercise or defend legal claims;
  • the transfer is necessary for our business management and is under our legitimate interests
  • there are adequate safeguards in place between us and the organisation receiving it (e.g. by the use of European Commission approved contractual terms); or
  • you have provided explicit consent to the proposed transfer after being informed of any potential risks.

Please contact us (see below: “How can you contact us”) if you want further information on the specific mechanism used by us when transferring your personal data outside of the EEA

WHAT ARE YOUR RIGHTS IN RESPECT OF YOUR PERSONAL DATA?

Data protection law gives you certain rights, which you can exercise free of charge. Your rights will differ depending on our lawful basis for processing your data:

AccessThe right to be provided with a copy of your personal data
RectificationThe right to require us to correct any mistakes in your personal data
To be forgottenIn certain situations, the right to require us to delete your personal data
Restriction of processingIn certain situations, the right to require us to restrict processing of your personal data e.g. if you contest the accuracy of the data
Data portabilityIn certain situations, the right to ask us to transfer any  personal data you provided to us to another organisation
To objectThe right to object at any time to your personal data being processed for direct marketing and in certain other situations to our continued processing of your personal data e.g. where processing is carried out for the purpose of our legitimate interests

 

For further information on each of those rights, including the circumstances in which they apply, please contact us or see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights

If you would like to exercise any of those rights, please email or write to us (see below: “How can you contact us”) and let us have enough information to identify you e.g. your full name and address and e.g. account reference or other identifier as well as what right you want to exercise and the personal data to which your request relates.

HOW LONG DO WE KEEP YOUR PERSONAL DATA?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including;

  • to respond to any questions, complaints or claims made by you or on your behalf;
  • to show that we treated you fairly; and
  • to keep records required by law to comply with our legal obligations.

We will not retain your data for longer than necessary for the purposes set out in this notice. Different retention periods apply for different types of personal data.

KEEPING YOUR PERSONAL DATA SECURE

We have put in place reasonable and appropriate security measures to endeavour to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

Unfortunately, the transmission of information via the internet is not completely secure.  Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk.

Our Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you.  We do not control these third-party websites and are not responsible for their privacy policies.  When you leave our Website, we encourage you to read the privacy policy of every website you visit.

We have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

HOW TO COMPLAIN

We hope that we can resolve any query or concern you may raise about our use of your personal data.  If you want to complain about how we have used your personal data, please email or write to us (see below: “How can you contact us”). However, if we are not able to resolve your complaint to your satisfaction, you can complain to the UK’s supervisory authority, the Information Commissioner’s Office (ICO). Further information about how to make a complaint to the ICO can be found on the ICO website www.ico.org.uk.

The EU General Data Protection Regulation also gives you right to lodge a complaint with the supervisory authority in the European Union state where you work, normally live or where any alleged infringement of data protection laws occurred.

CHANGES TO THE PRIVACY NOTICE

We may change this privacy notice from time to time and when we do so, we will inform you via our Website and update the document number. If any changes are likely to have an adverse impact on your rights under data protection law, we will use reasonable endeavours to notify you of the changes in advance by email or by alternative means.

CHANGES TO YOUR PERSONAL DATA

Please let us know if you change your name, address or any other personal detail (see below: “How can you contact us”).

HOW CAN YOU CONTACT US

If you have any queries about this privacy notice or how we use your personal data, you can contact us by email or post as follows:

HR
Gresham Power Electronics
Telford Road
Salisbury
Wiltshire
SP2 7PH

alison.smithson@greshampower.com

Do you need extra help?

If you would like this notice in another format (for example large print) please contact us (see above: “How can you contact us”).