This Data Protection Policy (“Policy”) applies to Walstead Group Ltd with registered company number 09927306 and office address 18 Westside Centre, London Road, Colchester, Essex, CO3 8PH, United Kingdom (“Walstead”). The primary activity of Walstead is commercial print production and Walstead is the Data Controller for all of the companies within our group.
Each company within Walstead is its own separate and independent legal entity and for the purpose of clarity this Policy will generally apply to each of these companies, however each of those companies will have its own data protection policy applicable to the jurisdiction or country of registration for that entity.
It is our aim to be a leader within our sector and we are committed to working in the right way to achieve this goal. We are diligent in our approach to the data privacy of our customers and their end user consumers. We are committed to protecting the personal data you share with us and handling your information in an open and transparent manner, in particular with respect to the General Data Protection Regulation 2016/679 (‘GDPR’).
The purpose of this Policy is to inform you about why and how we use your personal data, who we give that information to, what your rights are and who you can contact for more information or queries.
When we refer to “Site” in this Policy we mean this specific website https://www.walstead-group.com/ and any web pages, other than third party links, that may be accessed by you as you use our Site.
This Site provides links to other company sites within the Walstead group of companies and trusted third parties. Whilst we endeavour to ensure these sites share our values in respect for data protection, we are not responsible for the content or data protection practices of any other site. This Policy applies solely to data collected by Walstead and these sub-sites are subject to their own Policies.
How we obtain data
We may collect or obtain personal data from you in the performance of our business, when you give it to us (i.e. you submit a form on our Site), when other people give it to us (i.e. your employer, third party service providers, your suppliers) or because it is publicly available.
Where we are provided with personal data about you by someone else, we use reasonable efforts, including obligations under contract, to ensure they comply with the data protection laws and regulations relevant to that information; this may include ensuring that they have obtained any necessary consent to share the data and for us to process it.
Data we collect and why we use it
The personal data that we collect or obtain may include: identification data (such as name, address (private/work), phone number (private/work), e-mail address (private/work), country of residence, electronic identification data (cookie identifiers, logged data, IP addresses, your browser type and language, your access times,…); and employment details (for example, the organisation you work for, your job title and your education details); details of how you use our products and services; details of how you like to interact with us and other similar information).
The types of personal data that we collect will vary depending on the nature of the relationship between us, the services that we provide or how you use our Site.
As we are a business to business enterprise we have no direct commercial relationship with consumers or end users.
Walstead has commercial relationships with companies that serve consumers and as a result consumer personal data may be shared with us in the performance of our service, for instance where one of our group companies operates a mailing service for a product or where we process end users data for one of our virtual products.
If you contact us through this Site (via social media, the contact form or by phone), we may ask you for information such as your name, address and email address so we can manage and respond to your questions and comments submitted through our Site.
The legal grounds for processing your data
The law requires us to set out the legal grounds on which we process your personal data. We use your personal data for the purposes outlined above because:
(a) the information is required in order to fulfil our contractual obligation to you or our client;
(b) of our legitimate interests in the effective delivery of our services to you or our client;
(c) of our legitimate interests in the effective and lawful operation of our business so long as such interests are not outweighed by your interests.
In connection with one or more of the purposes outlined in the “Data we collect and why we use it” section above, we may disclose details about you to other members of Walstead, third parties that provide services to us and other companies within Walstead that may reasonably require access to personal data relating to you. If our business enters into a joint venture with or is sold to or merged with another business entity, your information may be disclosed to our new business partners or owners.
We reserve the right to disclose your personal information as required by law, or when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, request from a regulator or any other legal process served on us.
Security of your data and data retention
We employ strict technical and organisational (security) measures to protect your information from access by unauthorised persons and against unlawful processing, accidental loss, destruction and damage both online and offline.
These measures include:
- training to relevant staff to ensure they are aware of our privacy obligations when handling personal data;
- administrative and technical controls to restrict access to personal data on a ‘need to know’ basis;
- technological security measures, including fire walls, encryption and anti-virus software;
- physical security measures, such as staff security badges to access our premises.
Although we use appropriate security measures once we have received your personal data, the transmission of data over the internet (including by e-mail) is never completely secure. We endeavour to protect personal data, but we cannot guarantee the security of data transmitted to us or by us.
We will retain your information for a reasonable period, i.e. the longest of the following periods: (i) as long as is necessary for the relevant activity or services; (ii) any retention period that is required by law; or (iii) the end of the period in which litigation or investigations might arise in respect of the services.
You have several rights concerning the information we held about you. We would like to inform you that you have the right:
- to be informed by obtaining confirmation that we are processing your personal data;
- of access, to request a copy of the personal data we hold about you;
- to rectification, to ask that we update the personal data we hold about you, or correct such personal data that you think is incorrect or incomplete;
- to erasure, to ask that we delete personal data that we hold about you;
- to restrict processing or restrict the way in which we use such personal data if you believe that there is no (longer a) lawful ground for us to process it;
- to withdraw consent to our processing of your personal data (to the extent such processing is based on consent);
- to receive a copy of the personal data concerning you and to transmit such personal data to another party (to the extent the processing is based on consent or a contract);
- to object to our processing of your personal data for which we use legitimate interest as a legal basis, in which case we will cease the processing unless we have compelling legitimate grounds to continue processing.
In order to exercise any of your rights, you can send us a request, indicating the right you wish to exercise to the following email address: firstname.lastname@example.org
You may also use these contact details if you wish to make a complaint to us relating to your privacy.
If you are unhappy with the way we have handled your personal data or any privacy query or request that you have raised with us, you have a right to complain to the Data Protection Authority (“DPA”) in your jurisdiction. If you would like to be directed to the appropriate DPA, please contact us.
How to contact us?
If you have any questions about Walstead, this Site or our Policy, you can e-mail us at email@example.com . You can also contact us through one of the mailing addresses found on the ‘Contact Us’ page of this Site https://www.walstead-group.com/contact/ .
Changes to this Policy
We may modify or amend this Policy from time to time. Any changes we may make to our Policy in the future will be posted on this page. To let you know when we make changes to this Policy, we will amend the revision date at the top of this page. The new modified or amended Policy will apply from that revision date. Please check back periodically to see changes and additions.