This privacy policy sets out how Graham Heath Group Ltd uses and protects any information that you give when you use our website – www.grahamheathgroup.co.uk Graham Heath Group Ltd is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement. What we collect We may collect the following information: name, contact information; including email address, phone number and postal address, which is all based on the information provided to us via a sale, business lead, inquiry or quote request. Depending on how you use our service and website, we might collect the following kinds of information about you:
Your name and contact details (email address, telephone number, address) When you create an account with us When you subscribe to our newsletter When you enter a competition When you fill in forms on our website When you complete an order with us When you request a quote When you submit an enquiry form
Information about your order with us When you complete an order online and in-store
Communication we have with you (emails, letters, telephone calls, messages sent to us through our social media platforms, feedback) When you get in touch with us When you respond to our requests for feedback
Information about your activities at our Leek Road site in Hanley, Stoke-on-Trent. We use CCTV in-store. This is for health, safety and security and is not exported or distributed anywhere
Information about you, your location and how you use our website, mobile application, information about your interests and preferences When you accept our cookies placed on your device When you update your account information When you open our marketing emails When you click on our banner adverts When you fill in forms on our website When you get in touch with us When you respond to our requests for feedback When you opt in to receiving marketing messages from us
Payment card details Your card details are stored and protected in accordance with best industry practice When facilitating payment by card
What we do with the information we gather We can only use your personal data if we have a proper reason for doing so. According to the new General Data Protection Regulation (GDPR), we can only use your data for one or more of these reasons:
  • To fulfil a contract we have with you, or
  • If we have a legal duty to use your data for a reason, or
  • When you consent to it, or
  • When it is in our legitimate interests. Legitimate interests are our business or commercial reasons for using your data, but even so, we will not unfairly put our legitimate interests above what is best for you and your data.
  In the table below, we have set out the different ways in which we use your personal data and the reasons we rely on for using that data. If we rely on our legitimate interests for using your personal data, we will explain that to you.
What we use your personal data for Legal grounds for using it Our legitimate interests
To provide services to you Communicating with you and to send you information about your order   Fulfilling contracts Our legitimate interests With your consent Keeping our records up to date, working out which of our products and services may interest you   Developing products and services and what we charge for them   Identifying or defining types of customers for new products of services
To communicate with you and manage our relationship with you To personalise and improve your customer experience   To inform you about our news and offers that we think you might be interested in Fulfilling contracts Our legitimate interests With your consent Keeping our records up to date, working out which of our products and services may interest you Developing products and services and what we charge for them
To develop and manage our brand, products and services To test new products and services Fulfilling contracts Our legitimate interests Our legal duty Being efficient about how we fulfil our contracts, provide our services and fulfil our legal duties Identifying ways to improve the way we deliver products and services to our customers
Security We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. We are also on the Data Protection Registration. We have multiple security layers to Sage accounts and other platforms which contain an individual’s data. Controlling your personal information You may choose to restrict the collection or use of your personal information in the following ways: Whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes if you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at [email protected] See our contact page. We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen. If you believe that any information we hold about you is incorrect or incomplete, please write or email us as soon as possible. We will promptly correct any information found to be incorrect.