Imperial Colours Ltd is fully compliant with General Data Protection Regulations (GDPR), as of 25th May, 2018. We have also taken care to ensure that any third parties, as listed below, are compliant. Your personal data is not used for advertising unless you implicitly state that you wish to receive direct marketing emails from ourselves. Your personal data has never been, and never will be sold to a third party. We are fully compliant with the Data Protection Act 1998.
Personal data collected
During the Prospect Phase, you have the Right to Consent that your data is going to be used to fulfil the order, and the only data collected is that which pertains to the order being fulfilled. This will include your name, email, telephone number, and your billing and delivery address. During the Customer Phase, you have the right to view and amend your personal data should you wish to change it, or your circumstances change. You have the Right to be Notified of updates to your order and tracking information. Finally, in the Ex-Customer Phase, following completion of the order or a refund, you have the Right to be Forgotten. Customers who create an account online but do not log into it for 18 months will have this account deleted automatically from the website’s database. As we are compliant with HMRC regulations, your name and address associated with any orders you placed are kept for account purposes for a period of 6 years plus the current year. Phone numbers and email addresses are retained within our internal database for a period of 1 year from the date they were last used on an order before being deleted.
Third parties
Personally identifiable information is only used internally by those for whom it is necessary to complete your order. Externally, third parties such as Royal Mail or other couriers, or manufacturers of your products (should a fault with a product occur), may be informed of your address and contact details. We only work with companies that are GDPR compliant. Other third parties may include law enforcement in the case of fraudulent activity, or other government organisations.
Data storage - paper and digital
Digitally, from your first visit to the site, your activity is secured using Single Socket Layer (SSL) technology. Secure servers store personal information pertaining to your order so that your order can be completed. Personally identifiable information is stored securely on the web server following the necessary security protocols. Paper documents are stored securely in locked filing cabinets. Internal documents that no longer need to be retained are destroyed.
