Privacy

Privacy Policy – Last updated 10th May 2018

Allardyce Healthcare Limited are committed to complying with the General Data Protection Regulation 2018 (GDPR)

At Allardyce Healthcare Ltd we respect your privacy and are committed to keeping your personal data safe and secure. Personal data is any piece of data that could be used, on its own or in conjunction with other data, to identify an individual. Under GDPR, Allardyce Healthcare Limited is the “data controller” and is responsible for determining the purpose which and the manner in which your personal data is used.

What information we collect and how we use it

Personal data is collected through your use of this website or at our Dundee showroom and includes any data you may provide when you communicate with us via our online contact forms or directly, make a purchase, request a quotation, request a catalogue / brochure, register on-line, sign up to receive newsletters and special offers.
We need to ask you for your full name, address for billing and delivery, contact numbers, e-mail address and any other information, such as medical condition for VAT purposes if applicable.

Data Protection laws says that we are allowed to use your personal information only if we have a proper reason to do so, the law says we must have one of the following reasons:

To fulfil a contract we have with you
When it is our legal duty
When it is in our legitimate interest
When you consent to it

Any personal information that we may collect from you either on our website or at our showroom is kept safe and secure. To protect our infrastructure from external attack and unauthorised access we use cloud based anti- virus, ransomware, email and server protection. Access to our internal systems are password protected.
We only pass your personal information to third parties at your request and to provide the goods and services you requested. We do not sell or trade any of your personal details. We use this information to identify the services or products you have ordered from us and to personalise your experience.

Other information

If you visit our website, our system may record anonymous information about your visit such as the number of pages you viewed and the duration of your visit. We use this information to understand site usage and to make improvements to the website.

Comments

Should you choose to add a comment to any post that we have published on our site, the name and email address you enter with your comment will be saved to this website’s database, along with your computer’s IP address and the time and date that you submitted the comment. This information is only used to identify you as a contributor to the comment section of the respective post and is not passed on to any of the third party data processors. Only your name will be shown on the public-facing website.
Your comment and its associated personal data will remain on this site until we see fit to either 1.) remove the comment or 2.) remove the blog post. Should you wish to have the comment and its associated personal data deleted, please email us here using the email address that you commented with.

Email Newsletter

If you choose to join our email newsletter, the email address that you submit to us will be forwarded to MailChimp who provide us with email marketing services. We consider MailChimp to be a third party data processor. The email address that you submit will not be stored within this website’s own database or in any of our internal computer systems.
Your email address will remain within MailChimp’s database for as long as we continue to use MailChimp’s services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal via email. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
While your email address remains within the MailChimp database, you will receive periodic newsletter-style emails from us.

Contact Form

Should you choose to contact us using the contact form on our Contact Us page or an email link, none of the data that you supply will be stored by this website or passed to any third party. Instead the data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by SSL, meaning that the email content is encrypted using 256-bit cryptography before being sent across the internet. The email content is then decrypted by our local computers and devices.

Site Usage Tracking

Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see the most popular areas of our website.
Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant access to this. We consider Google to be a third party data processor.
GA makes use of cookies, details of which can be found on Google’s developer guides.

Data Retention

We will hold your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. Typically, we will retain your data for a minimum of seven years.

Your Rights

As an individual, under GDPR you have the right to:

  • be informed what your data is being used for
  • request access to your personal data – this is known as a subject access request and enables you to receive:
    • confirmation we are processing your data
    • a copy of the data we hold on you
    • any other information we have about you ie any data passed to a third party
  • request correction of your personal data
  • request your personal data to be erased (the “right to be forgotten”)
  • request to stop processing data in certain ways ie direct marketing
  • request transfer of your personal data held
  • object to processing your data
  • prevent automated decision making and profiling ie data used for the purposes of advertising, marketing and behavioural analysis

Data Breach

We will report any unlawful data breach of this website’s database, the database(s) of any of our third party data processors or data held at our Dundee office/showroom to any and all relevant persons and authorities if it is apparent that the personal data breach will cause the individual to suffer some form of damage such as identity theft or a confidentiality breach.

Contact Details

Data Privacy Manager, Allardyce Healthcare Limited, Unit 12 Tom Johnston Road, West Pitkerro Industrial Estate Dundee DD4 8XD. Telephone: 01382 773600 or email stevea@allardyce.co.uk

If you have any complaint about the way we are processing your data you can contact the Information Commissioner’s Office (ICO) www.ico.org.uk

This website is designed to comply with the following national and international legislation with regards to data protection and user privacy:

  • UK Data Protection Act 1988 (DPA)
  • EU Data Protection Directive 1995 (DPD)
  • EU General Data Protection Regulation 2018 (GDPR)

Our website is not intended for children (under 16) and we do not knowingly collect data relating to children.