This privacy notice sets out how we use and manage your personal data.
Where we refer to “personal data” in this privacy notice, this means data which relates to you and which personally identifies you either directly or indirectly.
1.1. Data Controllers and Data Protection Officer.
Galieri Ltd is registered in England and Wales, number: 11646869. Registered Office: Unit 10 Valleys Enterprise Zone, Pant Industrial Estate, Dowlais, Merthyr Tydfil. CF48 2SR. The Galieri website is www.galieri.com In the context of this privacy notice, when we use the term ‘we’ it means Galieri Ltd. The Data Protection Officer for Galieri Ltd can be contacted at email@example.com
Galieri Ltd is Registered with the Information Commissioners office;
iCO Registration Number: ZA520018
1.2. What information do we collect.
We may collect and process the following personal information about you:
We will collect personal data directly from you when you purchase goods or services, apply for a trade account, or change any of your details. This includes information provided by you at the time of becoming a customer of us. This information could include your name, date of birth, address, contact details, and information to process and fulfil your order(s), including your payment card details and delivery address.
Details of your visits to our Digital Services and how you use our Digital Services; this may involve the collection of, among other things, traffic data, location data (including the country and telephone area code where your computer or device is located) and details of the resources that you access (including the pages of our Digital Services that you view).
We may also obtain personal data from third party companies for the purposes of providing goods and service to you. Such communication may be sent by ourselves or by the third parties. These third parties must check you have given your permission for such contacts to take place.
CCTV footage in which you feature when you visit our premises.
In the event that you have an accident while on our premises that you bring to our attention, we may record details of that accident and any injury you suffer in the site’s accident log.
Information contained in and records of communications between us, including recordings of telephone calls and instant messaging applications.
1.3. How We Use Your Data
We will use your personal data in the following ways:
To provide goods and services and to manage your account.
To assess whether to offer you a trade account and for ongoing administration of any credit facility. This includes accessing and sharing information with the Credit Reference Agencies (CRAs).
For research and statistical purposes.
To ensure consistent service levels, to prevent or detect fraud, to resolve queries and complaints and for performance management and training purposes.
1.4. Why We Need Your Personal Data
We need to process your personal data for a number of different reasons and these are our legal bases for processing. We also need to keep your personal data for as long as is necessary for us to operate our business and to comply with legal and regulatory obligations. We rely on one or more of the following legal bases for processing personal data:
To perform our contract with you or to enter into a contract with you.
To fulfil our legitimate interests or the legitimate interests of a third party.
To comply with legal obligations to which our business is subject.
Consent If we are relying on consent as our legal basis to process your personal data, you have the right to withdraw consent at any time. We will keep your personal data for the purposes set out in this privacy notice and only for as long as any legal basis continues to apply.
Below is a non-exhaustive list of some of the reasons we need to retain your personal data:
Compliance with Anti-money Laundering Regulations.
Ensuring we have relevant information in the event of any queries or complaints.
Being able to identify if you have purchased a product which is subject to a product recall.
Being able to service any product or service guarantee you have purchased.
To assist with the establishment, exercise or defence of legal claims The length of time we need to keep the personal data will vary depending on the nature of the personal data and the reason we are obliged to hold it. We will apply appropriate risk-based measures to protect your personal data.
1.5. Who we transfer data to
Transferring personal data to other organisations needs to take place with appropriate safeguards and you can be assured that we will only share the personal data that is needed for these organisations to be able to provide the right service to you or support us in doing so. We may transfer your personal data to the following third parties:
Delivery companies – our couriers, parcel firms and mail firms who deliver your goods or services and manage any returns on our behalf.
Technology service providers – our partners who provide IT and website services.
Telephony providers – our partners who provide telephone services and functionality.
Distributors and manufacturers of goods – our partners who fulfil orders and deliver products to you and manage any returns on our behalf.
Product service providers – our partners who provide products and services such as production inspectors and technicians for repair service.
Marketing service providers – our partners who work with us to make sure we send your information about products, services and special offers that are of interest to you.
Debt collectors, tracing agencies, debt purchasers or organisations providing debt support – our partners who help us to recover debts, who purchase debts or who offer debt advice and support.
Regulators and other governmental agencies or law enforcement agencies.
Insurance providers- our insurance broker and insurance company who provide services to us.
Legal Consultant – our legal services providers who help us to resolve trade related disputes.
Organisations who may be interested in purchasing our business or organisations who we may be interested in purchasing – and your personal data may be shared with such third parties as part of this process.
1.6. Your Rights
You have certain rights in respect of your personal data and we have processes to enable you to exercise these rights.
Right of Access – This is known as a Subject Access Request. If you want to know if we are processing personal data relating to you and to have access to any such personal data, you can contact us using the contact details below. We may occasionally request proof of identity before we are able to disclose sensitive information to you. Any access request may be subject to a fee to meet our costs in providing you with details of the personal information we hold about you.
Right to Rectification – If you believe that we hold inaccurate personal data about you, then you can request a review by using the contact details below. Depending on the type of personal data you believe is inaccurate, we may ask you for further proof to ensure that the personal data is being corrected properly. If we are satisfied that the personal data is inaccurate we will make the necessary changes.
Right to Erasure – You have a right to ask for your personal data to be erased in certain circumstances. However, this right does not apply where we have to comply with a legal obligation or where we need personal data for the establishment, exercise or defence of legal claims.
Right to Restriction – You have a right to request that processing of personal data is restricted in certain circumstances.
Right to Object – Where we are relying on legitimate interests as a legal basis to process your data, you have a right to object to such processing on grounds relating to your particular situation (See 1.).
Right to Complain to the Information Commissioner – You have the right to lodge a complaint with the Information Commissioner and more details can be found on their website www.ico.org.uk.
1. If you object to our use of your personal data for marketing purposes, we will opt you out of marketing. You can contact us using the contact details below. You may also object to other processing when we rely on our legitimate interests as the basis for processing, but we do not have to stop the processing if we can demonstrate compelling legitimate grounds for the processing (taking into account our processing activities, the nature of our business and our legitimate interests) and that these grounds override your interests, rights and freedoms or in the event that we need the personal data for the establishment, exercise or defence of legal claims. To enable us to consider any objection we will need to know what specific interests, rights or freedoms relating to your particular situation you believe will potentially be put at risk by our processing. If we do stop processing your personal data (apart from for direct marketing purposes), this may affect our ability to trade with you.
1.7. Credit Application
In order to process your application and during our relationship with you, we will perform credit and identity checks on you with one or more CRAs. We will use this information to:
Assess your creditworthiness and whether you can afford to take the product
Verify the accuracy of the data you have provided to us
Prevent criminal activity, fraud and money laundering
Manage your account(s)
Trace and recover debts, and Ensure any offers provided to you are appropriate to your circumstances. Please refer the following link for the detailed privacy notice for CRAs:
1.8. Fraud Prevention
Before we provide services and goods to you, we undertake checks for the purposes of preventing fraud and money laundering, and to verify your identity. These checks require us to process personal data about you. When we and fraud prevention agencies process your personal data, we do so on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, to protect our business and to comply with laws that apply to us. Such processing is also necessary to enable us to enter into and perform our contracts with you. We, and fraud prevention agencies, may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime. Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.
Consequences of Processing
If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the goods and services you have requested, or we may stop providing existing services to you. A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us on the details above.
1.9. How To Contact Us
If you have any queries about how we use your information or on data protection generally please call us on 0844 884 9227, send an email to firstname.lastname@example.org
or write us at the Data Protection Office, Unit 10 Valleys Enterprise Zone, Pant Industrial Estate, Dowlais, Merthyr Tydfil. CF48 2SR.
About Cookies and the way we use them