Hilditch Group Ltd [HGL] consider the privacy and protection of our clients' data, both corporate and personal, to be of the utmost importance and we take robust measures across our business to protect the security and integrity of all such information.
Reference to our 'websites' in this policy also includes the HGL apps.
Information we may collect from you
We may collect and process the following information about you:
Details you provide by filling in forms on our websites and information given in hard copy form or by any other means providing: your name, date of birth, address, interests, marketing preferences, when appropriate your credit information, and any other personal information relevant to the services we provide. This information may be provided when you are registering interest, transacting with us, subscribing to our services or requesting information.
Correspondence or other contact you may have with us.
Details of transactions you carry out through our websites, and any communications by telephone, in person or by any other means relating to those transactions.
Details of your visits to our websites including - but not limited to - traffic data, web logs or other communication data and the resources you access.
Specific information we may collect through our websites
We may collect and process the following information obtained from your use of our websites:
A cookie is a simple text file that is uploaded to your computer or mobile device by a website’s server and only that server will be able to retrieve or read the contents of that cookie. Each cookie is unique to your web browser. It will contain some anonymous information such as a unique identifier and the site name and some digits and numbers. It allows a website to remember things like your preferences or what’s in your shopping basket. Using our websites will result in us placing cookies on your computer in the 4 categories set out below:
- Strictly Necessary
These cookies are essential to enable you to move around the websites and use its features, such as accessing secure areas of the websites; many of the functions on our websites will not work properly, or at all, if you do not allow these cookies to be used. We may therefore be unable to provide many of the services you may wish to request unless you accept the use of these cookies.
These cookies collect information about how visitors use a website, for instance which pages visitors go to most often. These cookies do not collect information that identifies a visitor: all information these cookies collect is aggregated and is therefore anonymous. The information is only used to improve how the website works.
These cookies allow the websites to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features (for example, remembering changes you have made to text size and fonts).
- Targeting or Advertising
How is this personal information used?
HGL will collect, record, store and use your personal data world-wide among the HGL group of companies for clearly specified purposes including but not limited to:
Providing you with information, products or services that you request from us or which we believe would interest you in a way that is targeted and relevant. This could include but is not limited to auctions, private sales, storage services, transportation and valuations.
Carrying out our obligations arising from any contracts entered into between you and us.
Notifying you about changes to our products and services.
Ensuring that our websites are presented in the most effective manner for you and your computer or mobile device.
Selling or purchasing property or services.
Advising you of forthcoming sales, events and services, if you have requested this.
We may from time to time however need to disclose your personal data to certain third parties:
- Agents or Contractors of HGL
We may need to disclose certain personal information to our Agents or Contractors to enable us to process transactions, administer events or communicate with you. Where we do so it will be on the basis that these agents/contractors are required to keep the information confidential and secure, and will not use the information for any other purpose than to carry out the services they are performing for us.
- Anti-Money Laundering and Regulatory Authorities
We may need to retain and disclose certain information about you to regulatory authorities and to appropriate agencies to conduct anti-money laundering and trade sanction checks and to assist with fraud prevention, in particular, in compliance with our AML obligations and in relation to trade sanctions. We will disclose this information as is required by law.
- Credit Agencies
We may need to disclose certain personal information about you to credit agencies to conduct appropriate checks when you are transacting with us.
- Legal Disclosures
While we will not voluntarily disclose your personal data we may disclose such information if we are required to do so by a valid Court Order, if we are lawfully requested by government or law enforcement authorities, if we are required to do so pursuant to other legal processes, or if it becomes necessary to protect the rights or property of the Hilditch group of companies.
Worldwide transfers and processing
In order to provide you with marketing information about our products and services, we may contact you by e-mail, text, telephone and by post. At the bottom of any marketing e-mails you will have a clearly marked unsubscribe option from future mailings. In addition, you may at any time send an e-mail to email@example.com asking for your name to be removed from our lists.
You have the legal right to a copy of the information which we hold about you, including information on how this will be used and to ensure this information is accurate. You also have the right to opt in or out of marketing communications at any time by checking certain boxes on the forms we use to collect data, by clicking the "Unsubscribe" links included on all our e-mail communications, or by contacting us at firstname.lastname@example.org.
We will take all reasonable and appropriate steps to protect the security and integrity of all personal information provided to our websites, or by any other means electronic or otherwise.
We will ensure that your personal data within HGL is suitably protected against both unauthorised physical and electronic access. These measures include an electronic firewall and various other protection measures that involve virus scanning, installation of security patches, vulnerability testing, backup and recovery planning, employee training, security audits and other steps designed constantly to improve data protection. However, we cannot guarantee that information during transmission through the internet or any computer network is entirely safe from unauthorised intrusion, access or manipulation. We will have no liability for disclosure of information due to errors or unauthorised acts of third parties. In any event, where we believe personal data has been compromised, we will notify you of this.
How long will HGL keep my personal information?
We will hold your information on our systems for as long as is necessary for the relevant activity, or for as long as is specified in any agreement between you and us.
If you have any queries in relation to the use and protection of your personal data please contact us at email@example.com.
GDPR Compliance statement
As from May 25, 2018, any company that operates within the EU is required to meet certain obligations under the EU General Data Protection Regulations.
The Hilditch Group including:
- Hilditch Iberia Ltd
have policies, standards and guidance to ensure that the appropriate controls and safeguards are in place to protect all personal data that we use.
We are committed to ensuring that all personal data that we hold is processed fairly and lawfully, kept up to date and accurate, adequately secured and protected, collected expressly for legitimate purposes and kept in such a way as to allow data subjects to exercise their rights.
Hilditch Group has set up a GDPR review to ensure that all areas of the Company are compliant. This allows us to identify and take any necessary steps to ensure we are compliant.
We will only request and hold data for the purposes of creating records, ongoing administration and to meet required obligations. This data may be collected though our websites, emails, letters, forms or by telephone.
We do not currently share customer (buyer or vendor) details with any third party for use outside the Hilditch Group. In the future, we will only share data with carefully selected third parties, and where it is necessary to enable us to carry out required services in the proper management of our dealings with our customers or suppliers.
Any data transferred to these third parties will be done so in a manner that ensures the security of the data no matter how this is transferred.
All data that we hold is stored within the UK either electronically on servers or in paper format. Access to this data is restricted on a business need basis and is appropriate based on the role of the individual being given such access. Confidentiality of passwords is strictly maintained. Processes are in place to ensure that leavers of the business have access removed.
Hilditch Group will be complying with GDPR as a Data Controller and a Data Processor. We will be working with any partner organisations to ensure they can all meet these obligations.
The company has reviewed and put in place GDPR compliant privacy policies internally and externally. All staff who handle any data receive GDPR training and are aware of procedures and responsibilities of staff and stakeholders in regard to GDPR.
Where relevant, we are using all reasonable endeavours to ensure that any third party or supplier is compliant with GDPR.
With regard to data already held, we are undertaking a systematic review of the data we store, maintain, manage, process and control in relation to lawfulness, purpose, minimisation, accuracy, consent, limitation, integrity & confidentiality, record keeping and accountability. This includes any offline storage and paper records.
Data breaches will be dealt with in accordance with the ICO GDPR requirements and, where appropriate and feasible, reported to the relevant authority within 72 hours.
Should you require any further information on GDPR, our compliance, or anything else related to this, please contact firstname.lastname@example.org.