Ace Contracts (London) Ltd Customer Privacy Notice
Ace Contracts (London) Ltd are committed to protecting the privacy and security of your personal information. This notice will describe how we collect and use your personal information in accordance with the General Data Protection Regulation (GDPR).
Ace Contracts (London) Ltd is a “data controller”. This means we are responsible for deciding how we hold and use personal information about you. We are required under data protection legislation to notify you of the information covered in this privacy notice.
This notice applies to current and former customers.
When we mention “Ace Contracts (London) Ltd”, “we”, “us” or “our”, we are referring to Ace Contracts (London) Ltd who is responsible for processing and protecting your data.
Contact details
Our data protection officer is appointed to oversee compliance with this privacy notice. If you have any questions of how we are processing your personal data or any questions on this privacy notice, please contact:
Post: Ace Contracts (London) Ltd, Unit 5-6, Industrial Estate, Old Church Road, East Hanningfield, CHELMSFORD, CM3 8AB, GB
Telephone: 01245 400 653
Email: (Data Protection Officer) lauren.dixon@acecontracts.com
Data protection principles
Ace Contracts (London) Ltd will comply with data protection law and to do this the personal information we hold about you must be:
- Used lawfully, fairly and in a transparent manner.
- Collected only for valid purposes which we have clearly explained and not used in any way that is incompatible with those purposes.
- Relevant to the purpose we have told you about and limited only to those purposes.
- Accurate and kept up to date.
- Kept for as long as necessary.
- Kept securely.
What information we collect, use, and why
We collect or use the following information to provide services and goods, including delivery:
Names and contact details
Addresses
Purchase or account history
Payment details (only bank information in the case of refunds, this information is discarded immediately after the refund is processed and not stored).
Credit reference information
Health and safety information
Website user information (including user journeys and cookie tracking)
Photographs or video recordings
Call recordings
Records of meetings and decisions
Information relating to compliments or complaints
We collect or use the following information for the operation of customer accounts and guarantees:
Names and contact details
Addresses
Purchase history
Account information, including registration details
We collect or use the following information for service updates or marketing purposes:
Names and contact details
Addresses
Marketing preferences
Location data
Purchase history
IP addresses
Website and app user journey information
Records of consent, where appropriate
We collect or use the following information to comply with legal requirements:
Name
Contact information
Financial transaction information
Health and safety information
We collect or use the following information for recruitment purposes:
Contact details (eg name, address, telephone number or personal email address)
Employment history (eg job application, employment references or secondary employment)
Education history (eg qualifications)
Right to work information
Failure to provide personal information
In the event you fail to provide certain information when requested, we may not be able to fulfill our obligations to you, for example, providing a service, or we may be prevented from complying with our legal obligations.
Change of purpose
We will only use your personal information for the purpose for which we collected it, unless we reasonably consider we need to use it for another purpose which is compatible with the original purpose. If we need to use your information for an unrelated purpose, we will notify you and explain the legal basis which allows us to do so.
There may be occasions when we process your personal information without your knowledge or consent, in compliance with the rules, where this is required or permitted by law.
Lawful bases
Our lawful bases for collecting or using personal information to provide services and goods are:
Contract
Legal obligation
Our lawful bases for collecting or using personal information for the operation of customer accounts and guarantees are:
Consent
Contract
Our lawful bases for collecting or using personal information for service updates or marketing purposes are:
Consent
Legitimate interest: There is a legitimate interest for collecting personal information for service updates or marketing purposes because once a customer purchases our services or goods, we believe that there is a relevant and appropriate relationship between us and the individual. We believe by purchasing our goods, there is an evident legitimate purpose for using this data and the nature of this relationship means the processing is less likely to be unexpected or unwanted.
Our lawful bases for collecting or using personal information for legal requirements are:
Consent
Legal obligation
Our lawful bases for collecting or using personal information for recruitment purposes are:
Contract
Legitimate interest: If an individual has applied to a job advertisement on a job board or through a recruitment agency, they have not given specific consent for identified data controllers, but they would clearly expect that recruitment agencies would access the CV and share it with clients or for us to see it directly which is likely to be the individual's intention. As such, the legitimate interest of the individual seeking a new job and the client to fill vacancies would override the rights of the individual. In fact, we believe that these legitimate interests are likely to align with the interests of the individual who is circulating their CV to find a job.
Where we get personal information from
We use different methods to collect data from and about you including through:
People directly
Publicly available sources
Automatically collected data
Cookie policy
Cookies are small text files that are stored on your computer when you visit some websites. You can disable cookies already stored on your computer, but these may stop parts of our website from functioning properly.
You can view our cookie policy using this link:
How long we keep information
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purpose of satisfying legal and accounting requirements. When determining how long to retain your information for, we will consider the amount, nature and sensitivity, the potential risk of harm from unauthorised use or disclosure, the purpose for which we process it and whether we can achieve those purposes through another means, and the applicable legal requirements.
Even if we delete your Data, it may persist on backup or archival media for legal, tax or regulatory purposes.
Who we share information with
We share your information with third parties including third party service providers and other entities within our group. The activities carried out by our third-party service providers are:
Data processors:
IT - Offsite IT support
This data processor does the following activities for us: They manage our IT systems (hardware and software).
Others we share personal information with:
External auditors or inspectors
Emergency services (where necessary)
Debt collection agencies
Your personal information would be shared with third parties where we are required to do so by law, where it is necessary to administer the working relationship we have with you, or where we have another legitimate interest to do so.
We require these third parties to respect the security of your data and treat it in accordance with the law. We do not allow our third-party providers to use your personal data for their own purposes and are only permitted to process your personal data for specific purposes and in accordance with our instructions.
Data security
We have in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised manner, altered or disclosed. In addition, we limit access to your information to those employees or third parties who have a business need to know. They will only process your information on our instruction, and they are subject to a duty of confidentiality.
We have procedures in place to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Your data protection rights
Under data protection law, you have rights including:
Your right of access - You have the right to ask us for copies of your personal data that we hold about you and check that we are lawfully processing it.
Your right to rectification - You have the right to ask us to rectify personal data you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure - You have the right to ask us to erase your personal data in certain circumstances. This enables you to ask us to delete or remove your personal information where you have exercised your right to object to processing.
Your right to restriction of processing - You have the right to ask us to restrict the processing of your personal data in certain circumstances.
Your right to object to processing - You have the right to object to the processing of your personal data in certain circumstances. This is where we are relying on a legitimate interest and there is something about your personal circumstances which makes you want to object processing on this ground.
Your right to data portability - You have the right to ask that we transfer the personal data you gave us to another organisation, or to you, in certain circumstances.
Your right to withdraw consent – When you have provided your consent to the collection, processing and transfer of your personal information, you have the right to withdraw that processing at any time. To withdraw your consent, please contact us above. Once we have received notification of this, we will no longer process your information for the purpose you originally agreed to unless we have the basis to for the law.
In the event you make a request to access your personal information, no fee is payable. However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
In the event you wish to review, verify, correct or request erasure of your personal information, object to the processing of your information or request we transfer a copy of your information to another party, please contact us using the contact details at the top of this privacy notice.
Changes to the Privacy Notice
We reserve the right to update this privacy notice at any time and will provide you with a new privacy notice when we make any substantial changes. We may also notify you in other ways from time to time about the processing of your personal information.
How to complain
If you have any concerns about our use of your personal data, you can make a complaint to us using the contact details at the top of this privacy notice.
If you remain unhappy with how we’ve used your data after raising a complaint with us, you can also complain to the ICO.
The ICO’s address:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
Website: https://www.ico.org.uk/make-a-complaint
Last updated
11 June 2024