Introduction

This Privacy Notice explains the types of personal data Hockley and Dawson may collect about you when you interact with us. It also explains how we’ll manage your personal data and keep it safe in accordance with the Data Protection Act 2018 (DPA) and the General Data Protection Regulation (GDPR).

For simplicity, we use the terms ‘we’, ‘our’ and ‘us’ to refer to Hockley and Dawson Consulting Engineers Limited throughout this Privacy Notice.

Your data privacy rights.

You have the right to:

  • Request access to the personal data we hold about you, which is free of charge in most cases
  • Request correction of your personal data, when you believe it is incorrect, incomplete or out of date
  • Withdraw your consent for us to use your personal data for any other services that are based on
    your consent

The legal bases for processing your personal data.

The data protection legislation and regulations establish different reasons that an organisation may collect and process your personal data, including:

Consent

There may be occasions when we need your consent to collect and process your personal data.

Whenever you give your consent for us to use your personal data, you have the right to change your mind at any time and withdraw that consent.

Contractual obligations

We need to use your personal data to fulfil our contractual obligations to you.

This includes providing you with the information, offerings, and services requested by you in the most efficient and effective manner and to use the supporting systems and services that are required to support these operations.

Legal compliance

We may need to collect and process your personal data to meet a legal or regulatory requirement.

This includes carrying out risk analysis, risk management and fraud prevention, and activities in relation to auditing, compliance, ethical, legal, litigation and regulatory reporting requirements.

Legitimate interest

We may need to use your personal data to pursue our legitimate interests in a way that can be reasonably expected in the course of running our business and which does not materially impact your rights, freedom or interests.

For instances where legitimate interest is our basis for processing, we will carry out an assessment to check that our interests don’t outweigh your right to privacy, or that they don’t materially impact your other rights, freedoms or interests.

When you access our website

When someone visits www.Hockleyanddawson.co.uk we use cookies and similar technologies to collect the following technical information about you:

  • Your internet connection
  • Your internet browser
  • The country where your device is located.
  • The telephone code where your device is located
  • The web pages you viewed during your visit
  • Any search terms you entered.

We use this information in accordance with the terms of our Cookie Statement to help us deliver the best possible web experience. We will anonymise data by aggregating it with other data so it can be used for statistical analysis without identifying you. We will use aggregated data to identify patterns in the behaviour of visitors to our website so we can assess the effectiveness of the website.

If you email us

When people email us, we use Transport Layer Security (TLS) to encrypt and protect email traffic in accordance with government recommendations. If your email service does not support TLS, any emails we send or receive may not be protected during transmission.
We will also monitor any emails sent to us, including the attachments for viruses or malicious software.

If you submit a contact form

When people complete and submit one of our contact forms, we’ll ask to collect the following personal data about you:

  • Your name
  • Company name
  • Your email address
  • Your phone number
  • Your enquiry

If you call us

If you call us, we may record the call and use this to help improve the efficiency and effectiveness of our services. Calls may also be recorded for training and compliance purposes.

If you interact with us through social media

If you interact with us through social media, we’ll use your social media username to help us respond to your comments, questions or feedback.

When your personal data is publicly available

We collect data from publicly available sources, such as Companies House or the Land Registry, when you have given your consent to share information or for instances where the information is made public as a matter of law.

If we ask you to prove your identity

We will keep copies of documents you provide to us to prove your age or identity for instances where the law requires this. This will include details of your full name, address, date and place of birth and facial image. If you provide a passport, the data will also include your place of birth, gender and nationality. If you provide a driver’s licence, the data will also include your licence number.

If you make an application to purchase a service

When you make an application to purchase a service from us, we may verify the information you have provided using credit scoring services offered by credit reference agencies.

We may then make decisions about how to proceed with your application on the basis of automated checks of the information you have provided. We will use this information to manage our risk, protect our business interests and help us to recommend services that are appropriate for you.

If we make an automated decision about you, you will have the right to contest the decision, to express your point of view, and to request a human review of the decision.

The credit reference agencies may choose to use and share your information with other organisations for the purposes of preventing fraud and money laundering, to protect their business interests and comply with applicable legislation and regulations.

When we complete your service request

When collecting your personal data, we’ll always make clear to you what data is necessary to fulfil a service you have requested.

We need to use your personal data to comply with our contractual obligations to you. This includes providing you with the information, offerings, and services requested by you in the most efficient and effective manner and to use the supporting systems and services that are required to support these operations.

This also includes sending you communications required by law or information about changes to the services we are providing to you. These service messages will not include any promotional content, and as such do not require prior consent when they are sent by email or SMS.

We will keep a record of our communications with you to inform any future decisions we make and to demonstrate how we communicated with you on previous occasions.

If you choose not to share your personal data with us, or refuse certain contact permissions, we might not be able to provide some of the services you have requested.

In certain circumstances, we may need to use your personal data to pursue our legitimate interests in a way that can be reasonably expected in the course of running our business and which does not materially impact your rights, freedom or interests.

For instances where legitimate interest is our basis for processing, we will carry out an assessment to check that our interests don’t outweigh your right to privacy, or that they don’t materially impact your other rights, freedoms or interests.

When we use third-party service providers

We may sometimes share your personal data with our trusted third-party service providers and organisations that provide data processing services for us.

The types of organisations that process your personal data on our behalf include:

  • IT companies that support our website, apps and other business systems

The identity of these third parties and their purposes for processing your data will be communicated to you at the point of collecting your personal data.

We will only provide our trusted third-party service providers with copies of your personal data they need to perform their specific services for us. They may only use your data for the purposes that we have specified in our contracts with them.

We work closely with our third-party service providers to ensure that your data privacy is respected and protected at all times. The contracts we have with our third-party service providers specify the standards they must follow.

If we stop using their services, any of your personal data held by them will either be deleted or rendered anonymous.

There may be occasions where we need to share your personal data with our third-party service providers that are located outside the European Economic Area (EEA) to fulfil your order or provide supporting services. If this is necessary, we will ensure your personal data receives the same protection as if it were being processed inside the EEA.

When we no longer need to use your personal data

Whenever we collect or process your personal data, we will only keep it for as long as is necessary for the purpose for which it was collected. This is to fulfil our contractual obligations to you.

However, we may need to keep your personal data longer to meet a legal requirement.

At the end of that retention period, your personal data will either be deleted completely or anonymised. We will anonymise data by aggregating it with other data so it can be used for statistical analysis without identifying you. We will use aggregated data to develop new or existing services, carry out testing and troubleshooting.

The retention period for any personal data will not exceed twelve years from the point at which the data was first collected by us.

If this is not possible, for example when your personal data has been archived in a backup file, then it will be segregated and securely stored to prevent any further processing until we are able to
delete it.

If we expand, reduce or sell the organisation

We may expand, reduce or sell the organisation and this may involve the transfer of our business to new owners. If this happens, your personal data may be transferred to the new owner or controlling party in accordance with the terms of this Privacy Notice.

If we suspect fraud or other criminal activities

We can pass on details of people who are suspected of being involved in fraud or other criminal activities affecting Hockley and Dawson to law enforcement. We do this to protect our business interests and your account from fraud and illegal activities.

This includes carrying out risk analysis, risk management and fraud prevention and activities in relation to auditing, compliance, ethical, legal, litigation and regulatory reporting requirements.

We may also be required to disclose your personal data to any competent law enforcement body, regulatory body, government agency, court or similar organisation. This will occur in instances where we believe it is necessary to disclose your personal data to comply with applicable legal or regulatory requirements, to establish, exercise or defend our legal rights, or to protect your interests of those
of another natural person.

If you request information about the use of your personal data

If you wish to make any request about the use of the personal data we hold about you, please contact our GDPR Representative, who will be pleased to help you.

We will ask you to verify your identity before proceeding with any request you make. This is to protect the confidentiality of your personal data.

If you have authorised a third party to submit a request on your behalf, we will ask them to verify their identity, and that they have permission to act on your behalf.

If we choose not to complete your request, we will explain the reasons for our decision.

If you request to receive a copy of your personal data

You may request a computer file in a common format, such as .CSV, containing the personal data that you have previously provided to us. You also have the right to have your information transferred to another organisation if this is technically possible. You may ask us to restrict the use of your personal data, in specific circumstances, which will generally occur while we are deciding about how to proceed with any request you have made.

Your rights may be affected if fulfilling your request could reveal the personal data of another natural person, or if you ask us to delete data that we need to keep to fulfil a legal obligation or compelling legitimate interest.

If you have any comments or concerns

Hockley and Dawson strives to meet the highest standards when collecting and using your personal data.

This Privacy Notice was documented with the intention of being clear and concise. It does not provide a comprehensive account of all aspects relating to the collection and use of personal data by Hockley and Dawson.

Our GDPR Representative will be pleased to provide any additional information or explanation you need.

If you believe our collection or use of your personal data is inappropriate or misleading, please contact our GDPR Representative

Email

[email protected]

Address

Hockley and Dawson Consultant Engineer Limited
Unit 5 Birtley Courtyard
Bramley
Surrey
GU5 0LA

If you wish to make a complaint

If you believe that your personal data has not been handled correctly, or you are unhappy with our response to any request you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

Telephone

0303 123 1113

Website

www.ico.org.uk/concerns

If you are based outside the UK, you have the right to lodge a complaint with the relevant data protection regulator in your country of residence.

  • This field is for validation purposes and should be left unchanged.

Responsive site designed and developed by