Data Protection Policy
Our contact details are
Unit 2 - 6
9 Stock Road
Southend On Sea
Essex, SS2 5QF
Tel: 01702 460047
Our commitment to you
We respect your privacy and remain committed to protecting your personal data.
You should read this policy, and any other privacy policies we provide when we collect your data, so that you fully understand the ways in which we process your data. All Solopress’ privacy policies are intended to supplement one another, not override each other.
See here for our Data Protection Policy
Our Data Protection Officer
For all data related matters, including subject access requests, please contact:
The Data Protection Officer
9, Stock Road
Southend on Sea
Email: [email protected]
The data we collect from you
We will never collect or process special category data, or data relating to criminal convictions or offences, from you. This website is not intended for children and we do not knowingly collect data relating to children.
The personal data we would like to collect from you is as follows:
Use our contact us form
Create a new account on our website
Access customer support
Buy a product
Website checkout process
Order a sample pack
Sign up to our mailing list
(we have to add your details to our do not contact list)
If you choose not to provide your data then we may not be able to offer key products and services to you.
How we process your data, and our lawful bases
We collect and process your data on the following lawful bases
- In the performance of a contract
This means we process your data where it is necessary for the performance of a contract with you, or to take steps, at your request, before entering into such a contract.
- With legitimate interests
This means we process your data in the legitimate the interest of our business in order that we may provide to you to the best service/product and the most secure experience. We always consider and balance any potential impact on you and your rights before we process your personal data for our legitimate interests.
We will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
In any instance where we’re processing your data based on legitimate interests, you still have the right to object to your data being processed in that manner. To do this please contact our Data Protection Officer.
- To comply with a legal or regulatory obligation
This means processing your personal data where it is necessary for compliance with a legal or regulatory obligation.
- With your consent
This means we’ve asked for your explicit consent to process your data in a certain way, and you’ve provided it.
The table below describes all the ways we plan to use your personal data, and identifying which of the legal bases we process according to.
Purpose of processing
Lawful basis for processing
To respond to your enquiry
To create you a new account
To enable you to make a purchase
To fulfil your order
Performance of a contract with you
To glean your feedback so that we may improve our products and services
To email you news and information on offers, discounts and new products.
When we add your details to our do not contact list
We will not actively seek consent from customers to continue to send marketing emails to them beyond 25th May 2018, when the General Data Protection Regulation comes into effect.
We adopt this approach using the lawful basis of legitimate interests; assuming that you’d benefit from receiving information about offers and promotions. This type of processing is secure and presents a low risk to you. This practice is in line with the Privacy and Electronic Communications Regulation 2003.
If you would like to opt out of these marketing emails, you can do so by:
- Unsubscribing here or directly from any emails you’ve received from us; or
- Contact our Data Protection Officer to unsubscribe.
Prior to the 25th May 2018, we will seek explicit consent from any mailing list member that hasn’t made a purchase with us in the last three years. If we do not gain such an individual’s consent by 24th May 2018, we will permanently delete said personal data from our mailing list.
In future, we will always seek explicit consent from new website users and customers in order to send marketing emails to them.
We will only use your personal data for the purposes we originally collected it. This is unless we need it for another reason that we believe is compatible with why we originally collected your data.
Who we share your data with
Providers acting as processors based in the European Union, and on occasion the United States of America, who provide IT and system administration services.
Professional advisers acting as processors including lawyers, bankers, auditors and insurers based in the UK who provide related services to us.
HM Revenue & Customs, regulators and other authorities based in the UK acting as processors or joint controllers who require reporting of processing activities in certain circumstances.
Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We fully support your rights. If you ever feel this is not the case please contact our Data Protection Officer or the Information Commissioner’s Office to discuss the matter further.
At any point you can exercise your:
- Right of access – contact us for a copy of the data we hold about you.
- Right of rectification – let us know if the data we hold is out of date or inaccurate and we’ll update it.
- Right to be forgotten – if you no longer want to use our services, please contact us and we’ll delete all related data where we’re able to.
- Right to restrict processing – we only ever collect the data we need and actively ensure we’re never collecting anything over and above that need.
- Right of portability – we will support reasonable requests to transfer your data to another organisation should you require it.
- Right to object to automated decision making and profiling- we do not currently use any automated profiling of any description. In the event you’re ever unhappy with the way we’re processing your data please contact our Data Protection Officer.
In the event we ever need to refuse your rights we will provide you with a reason why. You will then have the right to complain to the supervisory authority as outlined below.
We only transfer your data outside of the European Economic Area (EEA) when we utilise the services of carefully selected external third parties based in the United States of America.
Each one of these providers participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S Privacy Shield Framework
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.
We engage a small, trusted group of GDPR compliant data processors. They will only process your personal data on our instructions, they are party to a data processing agreement with us which includes a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are required to do so.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
When determining the appropriate retention period for personal data we consider:
- the amount, nature, and sensitivity of the personal data;
- the potential risk posed to you by unauthorised use or disclosure of that data;
- the purposes for which we process it;
- any applicable legal requirements; and
- whether we can achieve those purposes through other means.
Details of retention periods relating to your personal data can be requested from our Data Protection Officer.
In some circumstances you can ask us to delete your data. In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes. In these instances we are able use this information indefinitely without further notice to you.
Automated Decision Making
We do not make any decisions about you based on the automated processing of your personal data.
Subject Access Requests
You will not have to pay a fee to access your personal data (or to exercise any of the other rights).
However, we may charge a reasonable admin fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
To exercise all relevant rights, queries or complaints in relation to this policy or any other data protection matter between you and us, please in the first instance contact our dedicated Data Protection Officer:
Solopress – Data Protection Officer
9 Stock Road
Southend on Sea
Email [email protected]