Privacy Statement (GDPR)
Exterior Lights UK Ltd are committed to safeguarding your privacy. We only collect and use certain information about individuals as detailed in the Privacy Statement.
We only use and share your personal information in accordance with the Data Protection Act 1998, GDPR 2018 and other applicable laws. You can contact Exterior Light UK Ltd at any time with questions or concerns of the privacy of your data, as well as to see, correct or remove personal information.
Your use of this website and the disclosure of any personal information signifies your consent to us collecting and using personal information about you in accordance with this Privacy Statement.
The type of data collected and stored
The information we collect and hold a record of is as follows:
- Name & Job Title
- Company Name (if applicable)
- Contact Information, including email address & telephone number
- Demographic information
- Website usage data
- Communication Records: order history, emails, verbal conversations (telephone calls may be recorded for training or business purposes, including dispute resolution and / or complaint management)
Sensitive Personal Information
Generally, we do not require to collect “sensitive personal information”. This includes, but is not restricted to: race, ethnic origin, political opinion, date of birth, sexual orientation, criminal records, physical or metal health, trade union memberships, religious beliefs etc. We recommend that this type of information is not disclosed to us. If you do, then this will mean that you, and we, accept this information for us to use if required for any reason within this policy.
How the data is used
Collecting this data helps us to operate and improve our services to you on a more personal level. Your trust is important to us, therefore we are dedicated to using the collected personal information only for the following purposes:
- To process and supply orders of goods & services to you, including customer administration
- Keeping you up to date with offers, product information, general business news and information, opening hours, changes to services and shipping information
- Verify details of the payment method selected
- Planning and Managing business activities, including customer interests, shopping habits & preferences, success of advertisements & special offers etc.
- Website Analytics / Administration – analysing how customers use our website to enable us to improve web content, design, structure and functionality, as well as presenting you with information with is relevant to you.
- To allow search engines to access information publicly available on your profile, if your settings allow.
Who has access to the data and who it may be shared with
All 3rd parties will only use the information they are provided in connection with the service they perform on our behalf and must follow general Data Protection / GDPR laws.
- 3rd party suppliers for direct deliveries will be supplied basic contact information
- Couriers will be supplied basic contact information to allow and assist with a reliable delivery service
- Agents, or contractors of whom we instruct to provide business operations support, financial services and technology services.
- We do not process or store card details ourselves, they are provided solely to the selected third party service provider (currently Payment Sense or Paypal).
- In the event that the business is sold, data forms a part of the business. Therefore all records will be transferred to the new business owner. Equally if we were to purchase a business or assets, your information may be shared with the seller. You will be given advanced notice of this.
- If we are requested to provide information to the Police, regulatory or government authority investigating illegal activities, we will do so.
- Only employees and third party service providers who require the information will be granted access to personal information stored.
Where the data is stored and who has access to these records
We are devoted to ensuring all personal information collected is stored safely in a secure environment. Where information is stored in the cloud or other platforms, these Companies will also be following GDPR compliance.
Data will be stored in the following ways, all of which are secure & password protected:
- Exterior Lights UK Ltd internal secure server which is protected by 'Cyber Essentials' IT Governance processes and has passed its testing procedures and we now have the relevant certification in place.
- Sales order processing software (web platform and Quickbooks Accounts Software)
- Some personal contact information is stored in the Cloud (secure server) via Microsoft.
- Order history, contact information, user details, and Google Analytics are stored on the Server Database. SSL encryption
technology is used to protect information and sensitive transactions such as payments.
- Cookies – if you agree when accessing our website
Data will be stored for what is considered to be a reasonable, practical period of time. In line with the current UK litigation
process and guarantee periods, this is currently set at approximately 6 years from final mutual communication / ordering.
This may vary due to different types of information held and may be subject to change.
Controlling information about you
You have a right to access information held about you and for you to request that amendments be made if inaccurate.
If you have agreed that we can use your information for marketing purposes, you can update your contact preferences or unsubscribe at any time, via one of the following methods:
- Click “unsubscribe” on any marketing newsletter
- Send an email to [email protected]
We will never lease, sell or distribute personal information to third parties, unless we are required by law or you have given us permission to do so.