Privacy Policy

Like most companies, Acstro need to collect and use your personal details for a variety of purposes. This privacy notice provides you with details of what information we collect and how we process your personal data including any information you may provide through our website. We are required by data protection law to give you this notice. We only process data ‘as necessary’ and only to the extent that it is needed.

If you are not happy with any aspect of how we collect and use your data please contact us so that we can try to resolve your concern.

You have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues www.ico.org.uk.

It is very important that the information we hold about you is accurate and up to date. If your personal information changes, please write to us or email mail@acstro.com


THE LAWFUL BASIS ON WHICH WE USE THIS INFORMATION
On 25th May 2018 the Data Protection Act 1998 will be replaced by the General Data Protection Regulation (GDPR). The condition for processing under the GDPR will be:

Processing Client and Supplier information as is necessary for Acstro to undertake its responsibilities in the day to day running of a project and in discharging its legal obligations to all parties involved in the project.
 

YOUR DATA AND OUR GDPR RESPONSIBILITIES
The General Data Protection Regulation (GDPR) gives you important rights: –

1. The right to be informed

2. How you can access your information

3. Ensuring your information is accurate

4. Making sure your information is deleted in an appropriate timeframe

5. Ensuring that your information is only used for the purposes for which it was gathered

6. In certain circumstances the right to object


WHAT INFORMATION DO WE COLLECT ABOUT YOU?
Personal data means any information capable of identifying an individual; however, it does not include anonymised data.

Typically, the business to business personal data we collect about you is limited to the types of information found on a business card.

We may process certain types of personal data about you as follows:

  • Identity Data may include your first name, last name, username, marital status, title and date of birth.
  • Contact Data may include your billing address, delivery address, email address and telephone numbers.
  • Financial Data may include your bank account.
  • Transaction Data may include details about payments between us and other details of purchases made by you.
  • Technical Data may include your login data, internet protocol addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform and other technology on the devices you use to access our      website.
  • Website Usage Data may include information about how you use our website, products and services.


HOW WILL WE USE THIS INFORMATION ABOUT YOU?
We will only use your personal data when legally permitted. The most common uses of your personal data are:

  • Where we need to perform the contract between us.
  • Where you would reasonably expect us to legitimately contact you about our services relevant to your role, or that you or your business have      expressed an interest in.
  • Where we need to comply with a legal or regulatory obligation.

Generally, we do not rely on consent as a legal ground for processing your personal data. You have the right to withdraw consent by writing to us or emailing mail@acstro.com

 
COLLECTING CLIENT AND SUPPLIER INFORMATION
Whilst the majority of information provided is on a voluntary basis in order to comply with the General Data Protection Regulation, we will inform you whether you are required to provide certain information to us or if you have a choice in this.
 

WHO WE SHARE CLIENT AND SUPPLIER INFORMATION WITH:
We may have to share your personal data with the parties set out below for the purposes of performing our contract:

  • Service providers who provide IT and system administration services.
  • Professional advisers including lawyers, bankers, auditors and insurers who provide      consultancy, banking, legal, insurance and accounting services.
  • HM Revenue & Customs, regulators and other authorities based in the      United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances.


SHARING CLIENT AND SUPPLIER INFORMATION
We do not share information about our Clients and Suppliers with anyone without their prior knowledge and consent, unless the law and our policies allow us to do so.
 

VITAL INTEREST INFORMATION
In emergency situations it may be necessary to share information without your consent or knowledge.
 

REQUESTING ACCESS TO YOUR PERSONAL DATA
Under data protection legislation Clients and Suppliers have the right to request access to information about them that we hold. To make a request for your personal information please make your request in writing to the Directors including your contact details and we will contact you.

You also have the right to:

  • Object to processing of personal data that is likely to cause, or is causing, damage or distress
  • Prevent processing for the purpose of direct marketing
  • In certain circumstances, have inaccurate personal data rectified, blocked, erased or destroyed; and
  • If you have a concern about the way we are collecting or using your personal data, we request that you raise your concern with us in the first instance. Alternatively, you can contact the Information Commissioner’s Office at https://ico.org.uk/concerns/.      Our ICO Registration certification can be found here.

RIGHTS IN RELATION TO AUTOMATED DECISION MAKING AND PROFILING
Acstro does not use automated decision making and profiling techniques.
 

MARKETING
Acstro will not share personal data with third-parties for marketing purposes.

We may send to you our company profile about our services which may be of interest.  If you do not wish to continue to receive this, you may opt out by advising us via email to mail@acstro.com
 

RETAINING COMMUNICATIONS AND CORRESPONDENCE
Telephone calls are not monitored or recorded.  Correspondence includes all ways in which we receive communications from whatever source.  This includes emails, text messages and social media messages, letters and documentation. This can also include photographs and other visual recordings.  It is in our legitimate interests to maintain an accurate record of these.
 

STORAGE AND SECURITY OF DATA
We keep information both electronically and in a manual filing system to maintain our records.  We have in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.  In addition, we limit access to your personal data to those employees, agents, contractors, sub-consultants and other third parties who have a legitimate business need to know.  They will only process your personal data on our instructions and they are subject to a duty of confidentially.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
 

WEBSITE
This website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website we encourage you to read the privacy notice of every website you visit.
 

COOKIES
You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

For further information visit www.allaboutcookies.org/
 

OTHER WEBSITES
We may also obtain information from you which is available in the public domain via search engines such as Twitter, Facebook or LinkedIn.  This will include information about you which you yourself made public however, when doing so we make sure that we comply with the applicable guidelines under data protection legislation.
 

DATA RETENTION
We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. By law we have to keep basic information about our customers for six years after they cease being customers for tax purposes.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

All information will be reviewed before destruction to determine if there are special factors that mean destruction should be delayed, e.g. potential litigation, complaints, or ongoing cases.
 

CHANGES TO OUR PRIVACY POLICY
We will keep our policy under regular review and we will place any updates on this web page.  This policy was produced on 1 August 2018.
 

HOW TO CONTACT US
Please contact us if you have any questions about our privacy policy or information we hold about you:

  • By email: mail@acstro.com
  • Or write to us at: Ty Penbryn, Salem, Llandeilo SA19 7LT