Ultimate Workwear T/A Ultimate Embroideries Ltd a company incorporated in England and Wales whose registered office is at 6 Wembley Park Business Centre, North End Road, Wembley, HA9 0AS (registered number 02125244 ("we/us/our") holds personal data about our employees, clients, suppliers and other individuals for a variety of business purposes. We will always abide by applicable data protection and privacy laws and are committed to your privacy.
You give us your information either through this website or by any other means. Any and all personal data passed to us by any third party will be treated in accordance with this policy. Our Data Compliance Officer has overall responsibility for the day-to-day implementation of this policy.
What We Do To Protect Your Data
How We Process Data
We will always seek to process personal data fairly and lawfully in accordance with your rights. So, this means that we will not process personal data unless the individual whose details we are processing has consented to this happening or it is a legitimate interest to do so. We ensure that the processing of all data will be (i) necessary to deliver our services and the services that we deliver on behalf of our clients; (ii) in our legitimate interests and not unduly prejudice the individual's privacy and (iii) in most cases this provision will apply to routine business data processing activities.
Sensitive personal data
In the unusual situation where we collect and process sensitive personal data we will require the individual's explicit consent to do this unless exceptional circumstances apply or we are required to do this by law (e.g. to comply with legal obligations to ensure health and safety at work). Any such consent will need to clearly identify what the relevant data is, why it is being processed and to whom it will be disclosed.
Your personal data
You are responsible to ensure that your personal data is accurate and up to date. So, if your personal circumstances change, please inform the Data Compliance Officer so that we can update your records.
Keeping your Data secure
We keep personal data secure against loss or misuse. We are committed to protecting the confidentiality and security of your information and we have taken all reasonable measures to secure your information, including encryption, third party audits, access controls and security testing. We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know the data.
We will always keep our security measures up to date and under constant review to protect personal data.
Data that is stored on a computer will be protected by strong passwords and our Data Compliance Officer will approve all data stored in the cloud.
Our servers containing personal data will be kept in a secure location, away from general office space and back-ups will be regularly made in line with company procedures. Servers containing sensitive data will be approved and protected by security software and strong firewalls.
Data will never be saved directly to mobile devices such as laptops, tablets or smartphones
In cases when data is stored on printed paper, it will be kept in a secure place where unauthorised personnel cannot access it and printed data will be shredded when no longer needed.
Where other organisations process personal data as a service on our behalf, our Data Compliance Officer will establish what, if any, additional specific data security arrangements need to be implemented in contracts with those third party organisations.
How we collect data and what we will do with it:
We will always be transparent and provide information to individuals about how we will use their personal data.
The information that we collect is:
Identity Data including - Full name, title and gender
Contact Data including - billing address, delivery address, email address and telephone numbers
Financial Data We do not store your bank account or payment card details, and any payments by card are made via a secure authorised payment service provider with suitable encryption. We DO NOT store any such details.
Transaction Data including - details about payment between us and other details of purchase made by you
Technical data including - login data, internet protocol addresses, browser type and version, browser plug-in types and version, times zone setting and location, operating and platform and other technology on the devices that you use to access this site
Profile Data including - username and password, purchase orders, your interests, preferences, feedback and survey responses, IF PROVIDED
Usage Data including - information about how you use our website, products and services
Marketing and Communications Data including - your preferences in receiving marketing communications from us and your communication preferences
When we meet you in person
When we speak to you by telephone
When you correspond with us by email
When you fill in forms and questionnaires
When you visit our website, or create an account with us
When you order our products or services
When you download or install our app
When you subscribe to our services or publications
We may receive personal data about you from a third party in a legitimate manner eg a financial provider
We collect data:
Use of data:
We use the information we collect in order to fulfil our contractual obligations with you and understand your needs and provide you with a better service and in particular for the following purposes:
- In connection with good and services offered by our business including on this website and to carry out our obligations arising out from any contracts entered into between you and us
- Where it is necessary for our legitimate interest as long as it does not override your interests
- Where we need to comply with a legal or regulatory obligation and general good practice
- To communicate with you to enable you to access the benefits and services of this website/ our products and services
- To allow you to participate in interactive features of our service, when you choose to do so
- To notify you of changes to our service and to improve our services through knowledge of what is used and how
- Internal record keeping
- To improve our products and services; provide relevant offers and fulfil transactions
- Protect you, provide you with customer service, prevent fraud, operate this website on your behalf and respond to your requests
- For operational reasons, such as recording transactions, training and quality control, ensuring the confidentiality of commercially sensitive information, security vetting, credit scoring
- To send promotional emails and updates about new products, special offers or other information we may think is of interest to you
- To contact you for market research purposes, we may contact you by email, phone or mail and we may use the information to customise the website according to your interests
- To check references, ensure safe working practices, monitoring and managing staff access to systems and facilities and staff absences, administration and assessments and to monitor staff conduct and carry out disciplinary matters
- To ensure business policies are adhered to (such as policies covering email and internet use)
- To gather information as part of investigations by regulatory bodies or in connection with legal proceedings or requests and to investigate any complaints
- Performance of a Contract
If you register as a new customer or place an order with us, you are providing us with a lawful basis to process your data necessary for the performance of a contract, including processing and delivering to you and contacting you about the order.
- Legitimate Interest
The personal data that we collect and process under the legitimate interest basis is done so in the commercial interest of the business and we will use this basis especially in connection with the business eg debt recovery, business management/ growth e.g. to improve our website, products/services and customer relationships and to send you our Surveys, Newsletters, Events and other marketing literature. We will process information in a targeted, proportionate way, which would be reasonably expected for that data and has a minimal privacy impact in accordance with our Legitimate Interest Assessment. As regards direct marketing, you have an absolute right to object to this processing and if you wish to exercise this right contact the Data Compliance Officer, at which time we will stop processing your data.
Where we rely on consent to process your personal data it will be subject to active consent properly obtained and given by you to us directly or by virtue of us fulfilling our role as a Fulfilment Partner of a third party. This consent can be revoked at any time by contacting our Data Compliance Officer.
Where we obtain personal data concerning a child under the age of 13, we will obtain the consent of whoever holds parental responsibility before processing that personal data.
Purpose for Use of Data:
We will only use your personal data for the purposes for which we have collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for a reason that it was not originally collected for, we will notify you and explain the legal grounds of processing.
Who will your information be shared with?
Your personal data is an important part of our business. We do not sell your information to third parties. We will only share your information as set out below as necessary or with your express consent where appropriate. All information sharing is only done on the basis of being necessary and to fulfil legitimate business purposes. For example:
- Payment card information for transaction via the website will be entered directly with payment processors to facilitate card transactions
- Bank account information may be shared with our bank to facilitate payment into your account, if there is a need to collect this
- Information may be shared with third parties to fulfil transactions including passing your delivery address and contact details to our delivery partners; payment information, shipping, and other personal information may be required to fulfil the transaction.
- Service providers e.g. who provide IT and systems administration services or Professional Advisers eg law firms, bankers, auditors, insurance companies.
- Public Authorities eg HM Revenue & Customs or other regulators and authorities who require us to report to them
If further consent is required to pass your personal data to third parties, you may be contacted in order to give your positive consent for this purpose
We may disclose your personal information to third parties in limited circumstances as follows:
- Where we engage the business services of a third party to provide services directly to us. We will carry out the necessary due diligence on any third party that we use to ensure that they fully comply with data protection regulations. Any third party will be engaged for a specific purpose and they will be strictly prohibited from using your personal data for any other purposes. If we do share your personal information we will contact you, where appropriate, to inform you of the identity of that third party and to gain positive consent to pass your personal data to the third party specified.
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets
We will hold your data for:
We will retain personal data for no longer than is necessary and in any event no longer than two years from the date of last usage. What is necessary will depend on the circumstances of each case, taking into account the reasons that the personal data was obtained, but will be determined in a manner consistent with our data retention guidelines.
We will also need to take into consideration satisfying any legal, accounting or reporting requirements and any regulations that we must fulfil, for example for auditing purposes or for legitimate business purposes and may retain your information after your relationship with us has ended.
By law we have to keep basic information about our customers for six years after they cease being customers for tax purposes.
Transferring data internationally
There are restrictions on international transfers of personal data. Your personal data will not be transferred anywhere outside the UK without first consulting the Data Compliance Officer. Where we do transfer your personal data outside the European Economic Area (EEA) we will do our best to ensure a similar degree of security of data by transferring to countries with a similar degree of protection for your personal data, or, we may use specific contracts or codes of conduct or certification which gives personal data the same protection as it has in Europe.
We will not send direct marketing material to anyone electronically (e.g. via email) unless they have given us positive consent to receiving our marketing material and that consent will be recorded and stored, or if it is in our legitimate interest to do so.
We would like to send you information, from time to time about our products and services but will only do so where you have requested information from us or purchased goods or services from us and where you have not opted-out of receiving that marketing. Where we use the legitimate interest basis to send you marketing communications, you can object to at any time by emailing the Data Compliance Officer.
Where you opt-out of receiving our marketing communications we will cease immediately from sending you any marketing communications as specified by you.
Your Legal Rights
Access your data
You have the right to access information held about you. If you would like a copy of your personal data, please contact the Data Compliance Officer which we will supply free of charge.
You can ask us to correct any inaccurate data held about you.
Accuracy and relevance
We will seek to ensure that any personal data we process is accurate, adequate, relevant and not excessive, given the purpose for which it was obtained. We will not process personal data obtained for one purpose for any unconnected purpose unless you have agreed to this or would otherwise reasonably expect this.
Upon request, you will have the right to receive a copy of your data in a structured format. These requests will be processed within one month, provided there is no undue burden and it does not compromise the privacy of other individuals. You may also request that your data is transferred directly to another system. This will be done for free.
Right to be forgotten
You may request that any information held on you is deleted or removed, and any third parties who process or use that data will also comply with the request. An erasure request can only be refused if an exemption applies. We will respond to any request within one month.
Privacy by design and default
We will always ensure that privacy and data protection is at the heart of everything that we do and so compliance is considered right from the outset of every project. Our Data Compliance Officer will conduct any Privacy Impact Assessments and ensure that all IT projects have a privacy plan in mind. In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
When relevant, and when it does not have a negative impact on the data subject, privacy settings will be set to the most private by default.
Although we take every reasonable step to protect the information that you provide, we cannot guarantee the security or accuracy of the information that we gather. Please be assured that all our staff must observe this policy. The Data Compliance Officer has overall responsibility for this policy. They will monitor it regularly to make sure it is being adhered to.
If you have any questions or concerns about anything in this policy, do not hesitate to contact the Data Compliance Officer.
If you have a complaint as to how your data is being collected or used, please contact our Data Compliance Officer in the first instance. If you are still not happy with the way your data is being collected and used, you have the right to complain to the UK Supervisory Authority, the ICO (www.ico.org.uk).
Links to other websites
General Information about cookies
Cookies can most easily be explained as leaving a small trail in your browser confirming where you have been on the internet or navigation from certain emails that you open.
A cookie is a small file typically consisting of a string of letters and numbers that is sent by a web server to a web browser (e.g. Internet Explorer), and stored by the browser. This small file is then sent back to the server each time the browser requests a page from the server.
Cookies can be used by web servers to distinguish and track users as they navigate different pages on a website and to improve the experience for returning users.
Cookies can be either session cookies or persistent cookies. A session cookie will expire at the end of the user session, effectively when the web browser is closed. A persistent cookie will be stored by the browser and will remain valid until a set expiry date (unless deleted by the user before the expiry date).
- To recognise your device when you visit our websites;
- To log on and register on our websites:
- To improve our websites' usability;
- To analyse the use of our websites;
- To link to email marketing campaigns;
- To improve the security of our websites; and
- Tor the general administration of our websites.
Cookies on our website
We use both session cookies and persistent cookies on this website. Session cookies are those delete themselves when you leave the site. Persistent cookies are those that last for up to one year after you first visit our website. The specific cookies that we use are:
Registration, Login and Application cookies, which are persistent cookies
Social media cookies, which are session cookies; and used for example with LinkedIn
Performance and tracking cookies
Analytics cookies, which are persistent cookies
Device Cookies, which are persistent cookies
Most cookies we use are persistent cookies to give you a better experience and service, as well as making it more secure.
For your information these are the cookies active on our website www.ultimateworkwear.co.uk
Performance and tracking cookies
We use performance and tracking cookies to analyse clicks in emails sent to job candidates of relevant job vacancies
CampaignProcess.aspx.vb - Persistent Cookie
Analytics are persistent cookies that allow us to recognise, count the number of visitors, and provide anonymous data about how our visitors use our websites.
Using analytics cookies helps us improve the way our websites work and navigate, ensuring that users are able to find what they are looking for without difficulty. No personally identifiable data is collected about you.
We use Google Analytical Cookies ending with: _utma _utmb _utmc _utmz
For further information please click here https://support.google.com/analytics/answer/6004245.
We use a persistent cookie: to understand what device you are using and make sure the website is displayed correctly.
Managing and Blocking cookies
You can block some or all cookies by activating the setting on your browser. If you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our websites. This may impair your ability to fully utilise our websites.
More information about cookies can be found on the website http://www.aboutcookies.org. This also gives details on how to delete cookies from your device. For information on how to do this on your smart mobile phone or tablet browser, please consult your device's manual, or manufacturer.
More information can be found here: http://docs.businesscatalyst.com/reference/misc/bc-cookies.html.
By clicking "I Consent" on the cookie banner, you agree to the placement of cookies on your device, unless you actively block them. If you choose not to receive our cookies, we cannot guarantee that your experience will be as fulfilling as it would otherwise be or access all the website. Once your consent has been provided, this message will not appear again when you revisit. If you, or another user of your computer, wish to withdraw your consent at any time, you can do so by altering your browser settings.
If you have any questions about our cookies or this cookies policy please contact us by email to firstname.lastname@example.org
Post: Ultimate Workwear T/A Ultimate Embroideries Ltd, address, 6 Wembley Park Business Centre, North End Road, Wembley, HA9 0AS.
Email: email@example.com (Data Compliance Officer)
Telephone: 0208 900 2266
Updated: February 2019