Section 1 – Identity of the data controller
Firescape Global Limited (also referred to in this policy as “Us”, or “Ourselves”) protect the personal data of clients (also referred to in this policy as “Users”, “You”, or “Your”) in line with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679), and adhere to the principles of providing you with clear information as to;
- What personal data we collect;
- How we process this data, and the reasoning behind this processing;
- Your rights as a data subject, including how you can access your personal data or request for your data to be deleted;
- How your data is stored and kept secure;
- Details regarding our cookies policy, and;
- Details of how you can contact ourselves in the case of any enquiries.
Section 2 – Your obligations, and the right to withdraw consent
Section 3 – Personal data which we collect from You
In the course of your relationship with Firescape, we acquire and securely store the following details;
- First Name
- Email Address
- History of products purchased through Firescape, and records of financial transactions which have taken place in the fulfilment of those purchases.
We collect these details for the purposes of fulfilling our services to you in the best fashion, and of providing a record of financial transactions in accordance with regulatory requirements (see Section 7).
Section 4 – How do we obtain your personal data?
The personal data which we collect and store is volunteered from you to us, with the exception of any contact details which you have chosen to make publicly accessible (for example, through publishing your name and telephone number, email address etc… etc…) on your website or on a business card which we may use in the event of any potential introductory contact between You and Us (for example, Firescape calling or emailing you without your prior consent to discuss a potential business deal).
Section 5 – How and why we process your personal data
We process your personal data in the following fashions;
- To perform essential operations in the fulfilment of any contract or sales agreement between You and Us.
- To retain a record of financial transactions with You.
- For the purpose of marketing communications, if you have opted-in to receiving such communications.
- Correspondence with clients through our customer services team will be evaluated for quality by Firescape, for the purpose of monitoring compliance with this privacy notice, and for determining staff training and system requirements.
- To notify you of any changes to our service or any agreement between You and Us through the contact details provided.
We undertake all of the above processes as a legitimate business interest for the purpose of operating our service to clients. We also process your personal data in order to comply with any applicable statutory provision which regulates our service which we provide to you.
Section 6 – Personal data which we share with others
These external partners are ActiveWin Media (for the provision of customer support services and marketing to customers who have opted-in to receiving marketing communications), and Belmonte Insurance Services, for the provision of any unique insurance service(s) from Belmonte Insurance which may have been agreed at the point of sale of a customer entering a purchase agreement with Firescape. Any transfers to these external parties are completed through secure file transfer protocols which are in full compliance with the previously stated GDPR requirements.
No data transfers take place to any recipients whom are outside of the EEA, or are not currently recognised by European Union statute as having an adequate level of legal protection for the rights and freedoms of data subjects.
We would be required to share your personal data with authorities in the event of any applicable legal requirement, such as fraud/crime prevention, or co-operating with regulatory authorities such as HMRC or the Information Commissioners Office.
In the event of a sale, merger, transfer of assets, entering receivership, or liquidation, Firescape may need to transfer your information to a third party. This will be communicated to you in the event, and you will be able to withdraw consent for future processing and request deletion of data in line with your rights as a data subject.
Section 7 – Deletion timeframes, and your right to deletion
Firescape will delete (or anonymise, where appropriate) all personal data which we hold about you once a period of twelve months from the date of our last contact or transaction with You has elapsed.
There is an exception to the above timeframe for the records of financial transactions, which will be retained for 6 years from the end of the financial year where the transaction took place, in order to comply with the Companies Act (2006).
If you wish for your data to be deleted at any point sooner than these stated time-frames, please contact the Data Protection Officer through the process outlined in Section 1. The Data Protection Officer will review what personal data we hold about you, and delete the data if it is possible to do so. If there is a legal basis for retaining the data, you will be contacted by the Data Protection Officer within one calendar month confirming the legal reasoning as to why the data has not been removed.
Section 8 – Your rights as a data subject
Requested information will be provided within one calendar month from the SAR being received by Firescape. If for any reason Firescape can not meet this deadline (for example, if the requests made are numerous and complex), you will be informed of this within the initial one month window, with an explanation as to why the data has not yet been provided, along with a firm estimation of when the data will be collated and prepared for sending to you.
No charge is applied to an SAR, however in the event of requests being manifestly unfounded, excessive, or repetitive in nature, Firescape may charge a reasonable fee to complete the SAR. This fee will be based purely on the administrative costs incurred in providing the requested information, and will never exceed £10.
If you are in any way dissatisfied with how Firescape has handled your personal data, and are dissatisfied with your response from ourselves after raising an SAR or any other concern with ourselves through firstname.lastname@example.org, you have the right to make a complaint to the Information Commissioners Office (ICO), with whom we comply in any enquiry or investigation which they may make.
Section 9 – Automated decision making and profiling
Firescape do not use any automated systems in order to make decisions, nor complete any profiling, which would have any legal effect on the user. The only profiling techniques used are in the segmentation of the client database in order for the creation of marketing lists for marketing communications to opted-in customers.
Section 10 – How we store and protect your data
The personal data which you submit to Firescape is stored on a secure server, based in the United Kingdom, and in compliance with the standard outlined in the information security standards of ISO/IEC 27001. This service is provided by XXXXXX
When you visit our website, we use small text files (“cookies”) to increase the performance of the website, offer a more personalised service to you, and analyse user behaviour for the sole purpose of improving website functionality. The cookies which we use on our site fulfil the following purposes;
- Allowing visitors to use certain functions of the website and set preferences.
- To improve user experience and increase functionality (for example, to stop users from being shown the same message on more than one occasion)
- To monitor and collect information about user behaviour on the website, for the purpose of analysis and tracking.
We also use Google Analytics cookies in order to track and report on website traffic.