Privacy Notice
1.         General
ET Enterprises Ltd take the privacy of your information very seriously. Our Privacy Notice is designed to tell you about our processes relating to the collection, use, and disclosure of personal information which may be provided to us through our websites or by telephone, email, a social media application, or in person by us.
This notice applies to personal information provided by our customers and suppliers and their authorised users and associated individuals.  
Our business is concerned with the supply of photomultipliers and photodetector electronics.  We do not store or process large volumes of personal data but we do retain data in relation to individual users, customers, suppliers, and individuals associated with customers and suppliers, and this notice describes our basis for retaining this data.

This policy is governed by the EU General Data Protection Regulation (the “GDPR”) from 25 May 2018.
2.         Legal Basis to process personal data
Personal data we hold about you may be processed because:
the processing is necessary in order for us to comply with our obligations under a contract between you and us
the processing is necessary in pursuit of a “legitimate interest”, a legitimate interest in this context means a valid interest we have or a third party has in processing your personal data which is not overridden by your interests in data privacy and security.


3.         Personal data we collect
3.1       We may collect and process the following uniquely identifiable personal data about you:
for individuals associated with our customers and suppliers we may hold contact information such as names, email addresses, phone numbers, addresses, bank details, and job titles and/or specific roles within your organisation (“Contact Information”);

for website users we store cookies on your computer when you visit our sites.  The cookies are used to enable the websites to remember your actions and preferences (such as logins, login sessions and for monitoring purposes). You can control whether our website uses cookies or not, however you may find that some services on our website may be limited or ineffective. We cannot accept any responsibility for third party cookies that you may have collected from other sites.  For further information refer to our Privacy Statement on our website at www.et-enterprises.com/privacy-statement

records of correspondence or communication between you and us and any information we may require from you to discuss a specification or requirement, obtain Technical and Commercial Support, request or provide a quotation, place an order, discuss a delivery, submit a complaint, or report a problem (“Communication Information”);

marketing information we may hold about you in order to provide information about our services. This may include names, email addresses, phone numbers, addresses, and job titles and/or specific roles within your organisation (“Marketing Information”).
3.2       We may collect information either from you directly or from a third party (for instance your employer or an introducer). If we do obtain your personal data from a third party your privacy rights under this notice are not affected and you are still able to exercise the rights contained within this notice.
3.3       You are not required to supply any personal information to us but we may be unable to provide our services to you without your personal data (for instance we will need contact information in order to perform a contract with you). You may withdraw our authority to process your personal data (or request that we restrict our processing) at any time but there are circumstances in which we may need to continue to process personal data (please see below).
4.         How we process your personal data

The table below sets out the manner in which we will process the different types of personal data we hold:

Supplier relationship:
Purpose of processing
Customer relationship:
Purpose of processing
Information Type Basis for processing
Definition of requirements,
Technical and Commercial Support


 
Definition of requirements, Technical and Commercial Support, and
Quotations
Contact Information
Communication Information
Necessary for our legitimate interests in promoting our products.
Preparation for performance of a contract or performance of a contract
Account Setup and Maintenance, Processing of Orders, Recording of deliveries, Processing of returns, Account Setup and Maintenance
Processing of Orders, Recording of despatches, Processing of returns,
Contact Information
Communication Information
Performance of a contract with you
Complaints Complaints Contact Information
Communication Information
Performance of a contract with you
Marketing Marketing Contact Information
Marketing Information
Necessary for our legitimate interests in promoting our products
The definition for each Information Type listed above is given in section 3.1.
5.         Data Retention periods
Our current data retention policy is to delete or destroy (where we are safely able to do so) the personal data we hold about you in accordance with the following:
Category of personal data Record retention period
Personal data processed in relation to a contract or in preparation for a contract.

 
15 years from either the end of the contract or the date you last made enquiries about specific products or services
Records relevant for legal obligations
(tax and customs)
7 years from the end of the year to which the records relate
Personal data processed for marketing and business development 15 years from the last date on which a data subject has interacted with us
We may extend or reduce the Data Retention period as needed if the data is subject to legal proceedings or internal investigations.

We review the personal data (and the categories of personal data) we retain regularly to ensure the data we hold is necessary and relevant to our business.  Personal data which is no longer relevant to our business will be deleted where we are safely able to do so.


6.         Sharing your information with third parties

We do not disclose any information you provide to any third parties other than as follows:
if we are under a duty to disclose or share personal data in order to comply with a legal obligation;

in order to enforce any terms and conditions or agreements for our products and services that may apply;

to develop and maintain software and systems (for instance websites, and accounting and manufacturing software) in order to continue our ability to perform a contract with you;

to protect our rights and property and safety, and the rights and property and safety of relevant third parties. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
If we do supply your personal information to a third party we will take steps to ensure that your privacy rights are protected and that third party complies with the terms of this notice.
7.         Security

We will take all reasonable steps to safeguard the information we collect from you and protect against unlawful access and accidental loss or damage.

We will ensure that our employees are aware of their privacy and data security obligations.

We will take reasonable steps to ensure that the employees of third parties working on our behalf are aware of their privacy and data security obligations.
8.         Your privacy rights
8.1       The GDPR gives you the following rights in respect of personal data we hold about you:
  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling.

For a detailed information on these rights please refer to the website of the Information Commissioner’s Office at https://ico.org.uk.
8.2       All requests or notifications in respect of your rights must be sent to us in writing to the address in Section 11 (Contact us)
8.3       We will comply with valid requests within one month of receipt (unless a longer period of time to respond is reasonable by virtue of the complexity or number of your requests).
9.         Data Breaches

If personal data we hold about you is subject to a breach or unauthorised disclosure we will investigate and report the breach to the Information Commissioner’s Office (ICO) in line with the guidance provided by the ICO.
 
10.       Notification of changes to the contents of this notice

We will post details of any changes to our policy on our website www.et-enterprises.com to help ensure you are aware of the information we collect and the basis that we store and process the information.
 
11.       Contact us

To contact us in respect of your rights relating to GDPR, with your views about our privacy notice or with any enquiry or complaint relating to your personal information or how it is handled, please contact us at the following address: The Data Protection Officer, ET Enterprises Ltd, 45 Riverside Way, Uxbridge, Middlesex, UB8 2YF. email: dpo@et-enterprises.com
If we are unable to resolve any issues you may have or you would like to make a further complaint, you can contact the Information Commissioner’s Office by visiting https://ico.org.uk for further assistance
 
Data Protection Officer
Issue 1.    05 October 2018‚Äč