This Policy governs the use of personal data which you provide to us via our website. Personal data is any or all data relating to a natural person who is identified, or can be identified, from the data.
GR Morgan Formations respects your privacy. We understand that how your personal data is used and shared online matters to you, and we take the privacy of those who visit our website very seriously. We will not collect any data other than when you contact us, and we will always process that data in compliance with the law. Our site may contain links to other sites, and be aware that if you choose to click on those links, your data may be processed by other organisations hosting those sites. We cannot control or monitor this, and you should be aware of their Privacy Policies.
Who we are
You have certain rights as a data subject under the General Data Protection Regulation (GDPR), which governs the collection, processing and disposal of personal data by organisations such as ours.
In relation to personal data about you, you have the right:
to be informed about how and why we collect and use the data
to be given access to the data we hold
to have any inaccurate or incomplete data rectified
to ask us to delete personal data, earlier than we might already dispose of it
to prevent us from processing the data further
to object to us using the data for particular purposes
We provide contact details at the end of this Policy for you to use if you have any complaint about our processing of your personal data. If you are not satisfied with the way we deal with this issue, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), which is the body in charge of supervising personal data use in the UK.
What data do we collect?
If you communicate with us by e-mail, we will collect your name and e-mail address and any other content that you send to us in the body of the e-mail. We do not collect any other personal data by any other method and in particular, we do not place cookies on our Site.
How is your data used?
We will process and store your data securely, and we will only keep it for as long as we need it for the purpose(s) for which it was collected.
In relation to the data we do collect, as laid out in the section above, we may use it as follows:
to reply to your emails;
to provide goods and services to you;
to make a tailored website available to you;
to manage any registered account(s) that you hold with us;
to verify your identity;
for crime and fraud prevention, detection and other related purposes;
with your agreement, to contact you electronically about promotional offers, products and services which we think may interest you;
for market research purposes – to better understand your needs;
to enable us to manage customer service interactions with you;
to comply with our legal rights or duties (e.g., in relation to an investigation by a public authority or in a legal dispute).
You have the right to withdraw your consent to our use of your personal data at any time, and to request that we delete it.
We will not share your personal data with anyone at any time
How and where do we store your data?
We will only keep your data as long as we need it for the purpose(s) for which it is collected, and/or for as long as we have your permission to hold it.
Some or all of your data may be stored outside of the EEA. If we do store data outside this area, we will take all reasonable steps to ensure that your data is as safe and secure as it would be within the UK, and is treated lawfully and in accordance with the GDPR.
The steps we take to secure your data include:
Only allowing our partners to handle your personal data when we have confirmed that they apply appropriate data protection and security controls. We also impose contractual obligations on service providers relating to data protection and security, which mean they can only use your data to provide services to GR Morgan Formations and to you, and for no other purposes.
Aside from our service providers, we will not disclose your personal data to any third party, except to law enforcement agencies, when required to do so.
We will not retain your data for longer than necessary for the purposes set out in this Policy. Different retention periods apply to different types of data, however, the longest we will usually hold any personal data is 5 years.
We will never sell or rent our customer data to other organisations for marketing purposes.
Accessing your data
You are entitled to make a Subject Access Request under the GDPR. This means that you may request a copy of any personal data we hold about you, free of charge. We will provide any or all information in response to your request if you contact us at firstname.lastname@example.org
If you have any questions about the Site or this Policy, or you wish to make a Subject Access Request, then please contact us as follows, making your request or query clear:
postal address: Unit 3, 1st Floor ,6-7 St Mary At Hill, London EC3R 8EE
Amending the Policy
We may change this policy from time to time, in response to changes in the law or for operational reasons. Any changes will immediately be posted on the Site and you will be deemed to have accepted the amended Policy if you continue to use the Site afterwards. You should therefore regularly review this Policy.