Effective Date: 17th May 2018
The Keyholding Company Limited takes data protection very seriously. It’s important to us that you know that your personal information and privacy are well protected. Personal Information is information that identifies you as an individual, such as your name, surname, date of birth, email address and residential address.
When we collect, store, use and share your Personal Information we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
How do we collect Personal Information from you?
Personal Information which you give to us:
The majority of the Personal Information which we collect and use is provided by you, when you give us information about yourself by filling in forms on our website, by asking us for a quote (via our website, verbally, email or otherwise) or when you otherwise purchase security related services from us. The provision of this Personal Information is required from you to enable us to fulfil our service obligations to you.
Personal Information which we collect about you
When you visit our website we may automatically collect the following information:
- Usage Information: we collect information about your interactions with our website such as the pages or content you view so we can optimise the site for other visitors.
- Advertising information: we capture and share information about which, if any, advertisements led you to the website.
- Log data and device information: we capture information about what device you use to access the site including how you’ve used the The Keyholding Company website (including if you clicked on links to third party applications), IP address, access dates and times, hardware and software information, device information, device event information, unique identifiers, crash data, cookie data, and the pages you’ve viewed or engaged with before or after using the website. This data is only accessible on an anonymous basis for analysis unless the visitor requests a quote using the Get a Quote app online. This app will match device data with the personal information you submit with your request.
Personal Information which others provide to us
We may receive information from other parties, such as your bank, where you have authorised that third party to provide Personal Information to us.
What Personal Information do we collect and use?
Personal Information we collect about you may include the following: your name and surname, your email address, your home/business address, your billing address, your telephone number (landline, home, mobile), your occupational data, the data of your next of kin/emergency contact, financial information, such as direct debit mandates and credit/debit card information.
How do we use your Personal Information?
We use your Personal Information to do some or all of the following:
- communicate with you as part of our business;
- identify you and manage any accounts you hold with us;
- carry out our obligations arising from any contracts entered into between you and us;
- send you important information regarding changes to our website, services, policies and other administrative information;
- conduct research, statistical analysis and behavioural analysis;
- provide marketing information to you in accordance with preferences you have expressed;
- customise our website and its content to your particular preferences;
- manage our infrastructure and business operations, and comply with internal policies and procedures, including those relating to auditing; finance and accounting; billing and collections; IT systems; data and website hosting; business continuity; and records, document and print management;
- resolve complaints and handle requests for data access or correction;
- comply with applicable laws and regulatory obligations (including laws outside your country of residence), such as those relating to anti-money laundering and anti-terrorism; comply with legal process; and respond to requests from public and governmental authorities (including those outside your country of residence); and
- provide improved quality, training and security and manage other commercial risks.
We may monitor and record communications with you (such as telephone conversations and emails) for the purpose of quality assurance, training and compliance.
Who do we share your Personal Information with?
We routinely share your Personal Information with:
- our related entities, including the London Keyholding Company Limited and any other group company;
- our external service providers (and their subcontractors), including our service partners, accountants, auditors, experts, lawyers and other outside professional advisors; IT systems, support and hosting service providers; printing, advertising, marketing and market research and analysis service providers; document and records management providers; technical engineers; data storage and cloud providers and similar third-party vendors and outsourced service providers that assist us in carrying out business activities. We only share your Personal with external service providers who have provided us with appropriate assurances that they will keep your Personal Information safe and protect your privacy; and
- we may also need to share your Personal Information with credit reference and fraud prevention agencies and law enforcement or other authorities if required by applicable law.
How long will we keep your Personal Information for?
Whenever we collect your Personal Information, we will only keep it for as long as is necessary for the purpose for which it was collected and we will retain in accordance with any applicable laws and regulations regarding data retention. At the end of that retention period, your Personal Information will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
What lawful basis do we rely on to process your Personal Information?
In most instances, we rely on contract as the lawful basis on which we collect and use your Personal Information. This is because we need to:
- fulfil our contractual obligations to you; or
- because you have asked us to do something before entering into a contract (eg provide a quote).
On some occasions, we will process your Personal Information with your consent. For example, we rely on consent when we send you marketing messages. You have the right to withdraw consent at any time. Where consent is the only legal basis for processing, we will cease to process your Personal Information after consent is withdrawn.
We may be required to process your Personal Information to comply with our legal and regulatory obligations. For example, preventing, investigating and detecting crime, fraud or anti-social behaviour and prosecuting offenders, including working with law enforcement agencies.
In specific situations, we may require your Personal Information to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. For example, ensuring the security and integrity of our services, selling and supplying services to our customers, improving existing products and services, developing new products and services and fulfilling our duties to our customers.
International Transfers of Personal Information
We will only send you marketing messages if you’ve given us your consent but we will still need to send you occasional service-related messages. If you have consented to receive marketing messages from us, you can opt out at any time by either clicking the ‘unsubscribe’ link in any email communication that we send you or by emailing us at firstname.lastname@example.org
Under the General Data Protection Regulation you have a number of important rights (which are available to you free of charge).
In summary, those include rights to:
- fair processing of information and transparency over how we use your use personal information
- require us to correct any mistakes in your information which we hold
- require the erasure of personal information concerning you in certain situations
- receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
- object at any time to processing of personal information concerning you for direct marketing
- object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- object in certain other situations to our continued processing of your personal information
- otherwise restrict our processing of your personal information in certain circumstances
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals rights under the General Data Protection Regulation. If you would like to exercise any of those rights, please email us at email@example.com
Security of your Personal Information
We have appropriate security measures in place to prevent your Personal Information from being accidentally lost or used or accessed in an unauthorised way. Our security measures include:
- limiting access to your Personal Information to those who have a genuine business need to know it;
- those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality;
- limiting access to our business premises;
- having access controls to our IT environment;
- regularly monitoring our systems for vulnerabilities;
- using computer safeguards such as firewalls and data encryption;
- using enforced patching for our hardware and software systems.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
How to complain
We hope that we can resolve any query or concern you raise about our use of your Personal Information. If you wish to contact us, please send an email to firstname.lastname@example.org
The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
How to contact us