We hope the following sections will answer any questions you might have but, if not, please get in touch with The Compliance Officer, FSD Active Ltd, Unit 5a, Colyton Business Park, Wheeler’s Yard, Colyton, EX24 6DT.
When you are using our website, FSD Active Limited is the data controller.
ABOUT FSD ACTIVE LIMITED
We are a UK-based company offering innovative technology for the control of vibrations in building floors. Through years of academic and industrial research, we have mastered compact and lightweight CALMFLOOR™ technology. Our Active Mass Dampers are suitable for a wide range of structures and can be simply bolted to the underside of a floor.
WHOSE PERSONAL DATA DO WE COLLECT?
• Our prospective customers and recipients of our marketing communications;
• Those who contact us via our website or other means of communication;
• Our customers, their representatives and users;
• Our suppliers, contractors, agents and subcontractors; and
• Any individuals whose data we receive from any of the above for the purposes of operating our business and providing our products and services.
This policy does not cover employees or prospective employees, who should refer to our internal documentation. If you are unsure whether or how this policy applies to you, please contact us (see details below).
WHAT SORT OF PERSONAL DATA DO WE COLLECT?
For most individuals whose personal data we process, the type of information will be the same. This will typically include:
- Name or another unique identifier;
- Address (business and/or personal address); and
- Contact details (which may include landline telephone number, mobile number and/or email address).
For certain types of individuals, we will also process additional information, including:
- For customers and suppliers: payment or other financial details (e.g. payment card information or bank information); and
- For prospective and actual customers and suppliers: professional, qualification and educational information (e.g. job title and/or type, educational history and certificates, professional/industry qualifications, industry experience).
We do not routinely process sensitive personal information, though we may do so in limited circumstances, e.g. for monitoring diversity and equal rights compliance. For reference, sensitive personal information includes information relating to:
- your ethnic origin
- your political opinions
- your religious beliefs
- whether you belong to a trade union
- your physical or mental health or condition
- your sexual life and orientation, and
- whether you have committed a criminal offence.
If you have a web account with us, we’ll record your name, account information, orders and receipts. For your security, we’ll also keep an encrypted record of your login password.
In relation to website visits and interactions, or (where applicable) use of any mobile application we provide, we’ll record:
- Details of your interactions with us online. For example, we collect notes from our conversations with you, details of any complaints or comments you make, details of purchases you made, web pages you visit, and how and when you contact us.
- Details of your visits to our website or app and which site you came from to reach ours.
- Your comments and product reviews.
- To deliver the best possible web experience, we collect technical information about your internet connection and browser as well as the country and telephone code where your computer is located, the web pages viewed during your visit, the advertisements you clicked on, and any search terms you entered.
- Your social media username, if you interact with us through those channels, to help us respond to your comments, questions or feedback.
EXPLAINING THE LEGAL BASIS WE RELY ON
The law (including the latest requirements placed upon us by the General Data Protection Regulation – GDPR) on data protection sets out a number of different reasons why we may collect and process your personal data, including:
In specific situations, we can collect and process your data with your consent. This includes where you give consent to receive communications from us, e.g. email newsletters, or request specific information from us or voluntarily get in touch.
If we rely on this basis for processing personal data, your consent will be obtained at the point of data collection. You can withdraw your consent by either following the instructions given to you (e.g. via an unsubscribe link in email newsletters) or by contacting us.
In certain circumstances, we’ll need your personal data to comply with our contractual obligations. This is the primary basis on which we will process personal data relating to our customers and suppliers.
If the law requires us to, we may need to collect and process your data.
For example, we can pass on details of people involved in fraud or other criminal activity affecting us to law enforcement agencies.
In specific situations, we require your data to pursue our legitimate interests in a way that might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests.
For example, we’ll use your purchase history to send you or make available further offers. We’ll use your name and address details to send you direct marketing information by post to you about products and services we think might interest you. We may also combine the transaction history of customers to identify trends and develop new products or services.
HOW AND WHY DO WE USE YOUR PERSONAL DATA?
Here’s how we’ll use your personal data and why:
- Prospective customers, marketing recipients and those who contact us – to communicate with you about our products and services, provide information you have requested from us (e.g. by contacting us via our website or other means of communication), and providing email newsletters if you have signed up to receive them;
- Customers and their representatives – to perform our contract with our customer, including the supply of our products and services, account management and administration, and payment processing; and
- Suppliers, contractors, agents and subcontractors – to perform our contract and receive the relevant products and/or services, manage our relationship, and make payments.
In addition to the above, we may process personal data for the following reasons:
- To monitor and record communications, including by recording telephone calls or monitoring emails, for the purpose of training, fraud prevention and/or quality assurance. We do this on the basis of legitimate interests;
- To respond to your queries, refund requests and complaints – handling the information you sent enables us to respond to these. We may also keep a record of these to inform any future communication with us and to demonstrate how we communicated with you. We do this on the basis of our contractual obligations to you, our legal obligations and our legitimate interests;
- To protect our business and your account from fraud and other illegal activity. This includes using your personal data to maintain, update and safeguard your account. We’ll also monitor your browsing activity with us to quickly identify and resolve any problems and protect the integrity of our websites. We’ll do all this as part of our legitimate interest;
- To perform credit checks on actual or potential customers. We may do this prior to accepting an order or agreeing payment credit terms. We do this on the basis of legitimate interests;
- To process payments and to prevent fraudulent transactions; we do this on the basis of our legitimate business interests and it helps to protect our customers from fraud;
- If we discover any criminal activity or alleged criminal activity through our use of CCTV, fraud monitoring and suspicious transaction monitoring, we may process this data for the purposes of preventing or detecting unlawful acts and refer the same to law enforcement authorities;
- To display the most relevant content to you on our website or app, we’ll use data we hold about your usage. We do so on the basis of your consent to receive app notifications and/or for our website to place cookies or similar technology on your device;
- To develop, test and improve the systems, services and products we provide to you; we’ll do this on the basis of our legitimate business interests; and
- To send you feedback requests to help improve our services; these messages won’t include any promotional content and don’t require prior consent when sent by email or text message. We have a legitimate interest to do so as this helps make our products or services more relevant to you. You’re free to opt out of this service at any time by updating your preferences in your online account or by unsubscribing from our communications.
HOW WE PROTECT YOUR PERSONAL DATA
We’ll always treat your data with the utmost care and take all appropriate steps to protect it. We secure access to all transactional areas of our websites and apps using trusted https:// technology.
We regularly monitor our system for possible vulnerabilities and attacks and carry out penetration testing to identify ways to strengthen security even further.
While we use all reasonable efforts to safeguard your personal data, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that is transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us.
HOW LONG WILL WE KEEP YOUR PERSONAL DATA?
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary for the purpose for which it was collected; at the end of that retention period your data will be deleted completely.
For example, customer data retention periods include:
When you place an order we’ll keep the personal data you give us for 10 years so we can comply with our legal and contractual obligations.
If you haven’t used your account for more than 10 years, it will be flagged as inactive and we’ll contact you to ask if you want to keep it open. If you don’t confirm you do, we’ll close the account and delete the personal data associated with it.
If your order included a warranty the associated personal data will be kept until the end of the warranty period
WHO DO WE SHARE YOUR PERSONAL DATA WITH?
We sometimes share your personal data with trusted third parties.
For example, delivery couriers or third-party technicians who visit your premises.
Here’s the policy we apply to those organisations to keep your data safe and protect your privacy:
- We provide only the information they need to perform their specific services.
- They may only use your data for the exact purposes we specify in our contract with them.
- We work closely with them to ensure that your privacy is respected and protected at all times.
- If we stop using their services, any of your data held by them will either be deleted or rendered anonymous.
Examples of the kind of third parties we work with are:
- IT companies who support our website and other business systems.
- Sub-contract installation contractors.
- Companies such as delivery couriers.
- Direct marketing companies who help us manage our electronic communications with you.
- Google/Facebook who may show you products that might interest you while you’re browsing the internet. This is based on either your marketing consent or your acceptance of cookies on our website.
Sharing your data with third parties for their own purposes:
We’ll only do this in very specific circumstances, for example:
- For fraud management, we may share information about fraudulent or potentially fraudulent activity on our premises or systems; this may include sharing data about individuals with law enforcement agencies.
- We may also be required to disclose your personal data to the police or other enforcement, regulatory or government body upon a valid request to do so. These requests are assessed on a case-by-case basis and take the privacy of our customers into consideration.
WHERE YOUR PERSONAL DATA MAY BE PROCESSED
We will process your personal data in the UK. Third parties may have other processing locations but we will ensure that appropriate safeguards are in place in connection with any transfers to such third parties.
WHAT ARE YOUR RIGHTS OVER YOUR PERSONAL DATA?
You are responsible for ensuring that the information you provide to us is accurate, complete and up-to-date. You can review and change your information through your online account (where applicable) or by contacting us.
You have a number of rights in relation to your personal data, including the right to:
- Find out how we process your data;
- Request access to the personal data we hold about you;
- Request the correction of your personal data if you believe it is incorrect, out of date or incomplete;
- Obtain restriction on, or object to, our processing of your personal data;
- Require that we stop using your personal data for direct marketing (either through specific channels or all channels);
- in relation to consent-based processing of your personal data, withdraw that consent; and
- Lodge a complaint with the UK supervisory body, the Information Commissioner’s Office (the ICO) via ico.org.uk. If you have a concern or complaint about the way we handle your data, we ask that you contact us in the first instance to allow us to investigate and attempt to resolve the matter.
You can contact us to request to exercise these rights at any time as follows:
To ask for your information please contact The Compliance Officer, FSD Active Ltd, Unit 5a, Colyton Business Park, Wheeler’s Yard, Colyton, EX24 6DT or email firstname.lastname@example.org. To ask for your information to be amended please update your online account or contact our Customer Services team.
If we choose not to action your request we’ll tell you why.
Checking your identity
If you’ve authorised a third party to submit a request on your behalf we’ll ask them to prove they have your permission to act.
HOW CAN YOU STOP THE USE OF YOUR PERSONAL DATA FOR DIRECT MARKETING?
There are several ways you can stop direct marketing communications from us:
- Click the ‘unsubscribe’ link in any email communication we send you. We’ll then stop any further emails from us.
- If you have an account, log in into your account, visit the ‘My Account’ area and change your preferences.
- In our apps, you can manage your preferences and opt out of one or all of the different push notifications by selecting or deselecting the relevant options in the ‘Settings’ section.
- Write to The Compliance Officer, FSD Active Ltd, Unit 5a, Colyton Business Park, Wheeler’s Yard, Colyton, EX24 6DT, or email email@example.com
Please note you may continue to receive communications for a short period after changing your preferences while our systems are updated.