GBR YACHTS MANAGEMENT LIMITED (registered office 156A Burnt Oak Broadway, Edgware, Middlesex HA8 0AX) (or “we” or “our”).
Your privacy is important to us. When handling and using your personal information, we are subject to the General Data Protection Regulation (“GDPR”).
This notice sets out how we use and process your personal information when you use our website.
WHAT INFORMATION DO WE COLLECT ABOUT YOU?
We may collect, use and process any of the following items:
Information you enter into any form on our website.
Details of your use of our website.
We do not knowingly or intentionally collect special category* information from individuals and we request that you do not submit special category information to us via the website.
HOW WILL WE USE THE INFORMATION YOU PROVIDE VIA THIS WEBSITE?
We use the information you provide to us through a contact form to reply to your query.
We may use processors to help provide our services. Where this is done, any data processed will be in compliance with GDPR.
Our lawful basis for processing the information you provide to us when using the website contact forms is legitimate interests – based on the understanding that Our needs to collect and process some basic data from our potential customers in order to provide a service.
Our lawful basis for processing the information we obtain about your usage of the website via Cookies is also legitimate interests – based on our legitimate interest in being able to improve the quality of the service we provide via our website. You can learn more about what we do in our “Cookies Policy”.
HOW WE WILL USE OTHER INFORMATION YOU MAY PROVIDE US ONCE WE HAVE RESPONDED TO YOUR INITIAL REQUEST
Once we enter into a dialogue with you about your enquiry, we may request that you provide us with further personal data.
ACCESS TO YOUR INFORMATION, AND HOW TO CORRECT
Once we have collected your information, we are very aware of the rights you retain with regard to it. These rights are laid out in the General Data Protection Regulations (GDPR) and are provided for your reference below.
Subject to certain limitations on certain rights, you have the following rights in relation to your information:
The right to be informed— you have the right to request a copy of the information that we hold about you.
The right of access— you have the right to access your personal data that we hold.
The right to rectification— you have the right to have inaccurate personal data rectified, or completed if it is incomplete.
The right to erasure— you have the right to have personal data erased, also known as ‘the right to be forgotten’.
The right to restrict processing— you have the right to request the restriction or suppression of your personal data.
The right to data portability— you have the right to have the data we hold about you transferred to another organisation and reuse your personal data for your own purposes across different services
The right to object— you have the right to object to the processing of your personal data in certain circumstances for e.g. direct marketing
Rights in relation to automated decision making and profiling— you have the right not to be subject to a decision in respect to automated decision making and profiling.
Right to withdraw consent— you have the right to withdraw your consent at anytime. Should you wish to exercise this right please contact us using the contact details below.
For more information please see: https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
If you would like to request to exercise any of your rights or if you have any queries related to accessing your personal information, correction, or your rights under GDPR including requiring a copy of the information we hold on you, we will provide free of charge and within one month.
Please contact our Privacy team if you wish to exercise any of your rights by:
Email: [email protected]
WHERE YOUR INFORMATION IS STORED?
Your information will be stored and processed both inside and outside the EEA. Where personal data is stored and/or transferred outside of the EEA it will be managed and handled in accordance with GDPR, including the use of processors based in the United States who are participant in the EU-US Privacy Shield programme. By submitting your data to us, you agree to this handling.
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
We will store all the personal information you provide to us on securely protected servers.
We will store your information for as long as reasonably necessary to provide our services.
*SPECIAL CATEGORY DATA
Special category data previously known as Sensitive personal data as defined by GDPR means personal data consisting of information as to — the racial or ethnic origin of data subjects, their political opinions, their religious beliefs or other beliefs of a similar nature, whether they are a member of a trade union (within the meaning of the Trade Union and Labour Relations (Consolidation) Act 1992), their physical or mental health or condition, their sexual life, the commission or alleged commission by them of any offence, or any proceedings for any offence committed or alleged to have been committed by them, the disposal of such proceedings or the sentence of any court in such proceedings.