This privacy page aims to be completely transparent about how we handle and use your personal data. We’ve tried to keep this information as jargon free as possible, but if you are unsure of any terminology or have any questions or suggestions, please contact us using the contact details below.
“Bruce & Butler” (referred to in this policy as “we”, “us” or “our) is a trading name of:
Bruce & Butler Limited
92 Burton Road
Company Number: 09846952
ICO Registration Number: ZA164370
Email: [email protected]
Telephone: 0800 999 5550
We collect your personal data when you provide it to us by using the contact form on our website or when you interact with us through other communication channels.
We will collect, use, store and transfer personal data about you which we have grouped together as follows:
1. Identity data – title and name.
2. Contact data – current address, email address, telephone number(s).
3. Technical data – IP address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website.
4. Cookie data – Information collected using cookies stored on your device(s) about the use of our online services.
5. Usage data – information about how you use our website and services.
We do not collect any special categories of personal data about you. Special category personal data includes: race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data.
We are only allowed to use personal data about you if we have a legal basis to do so, and we are required to tell you what that legal basis is. We have set out in the list below: the personal data which we collect from you, how we use it, and the legal ground on which we rely when we use the personal data.
In some circumstances we can use your personal data if it is in our legitimate interest to do so, provided that we have told you what that legitimate interest is. A legitimate interest is when we have a business or commercial reason to use your information which, when balanced against your rights, is justifiable. If we are relying on our legitimate interests, we have set that out in the table below. We will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
In order to provide you with our services and meet our legal obligations, we only share your data with 3rd parties, in the following circumstances:
● To register your interest for our services – E.g. our Emails and our CRM;
● To support in providing our services – E.g. our “ClientPortal” and “Support Desk”.
● To manage and maintain the accuracy of your records in our CRM;
● To handle complaints, queries and improve customer service;
● To provide us with professional services or advice;
● To assist us in our marketing and promotional work;
● If Bruce & Butler is acquired by a third party, in which case personal data held by it (such as about its customers), will be one of the transferred assets.
The EEA is the European Economic Area, which consists of the EU Members States, Iceland, Liechtenstein and Norway.
If we transfer your personal data outside the EEA we have to tell you.
Limited personal information that we collect from you may be transferred to and processed in a destination outside of the EEA. In these circumstances, your personal information will only be transferred on one of the following bases:
● The country that we send the data is approved by the European Commission as providing an adequate level of protection for personal data; or
● The recipient has agreed with us standard contractual clauses (SCC’s) approved by the European Commission, obliging the recipient to safeguard the personal data; or
● The recipient has agreed Binding Corporate Rules (BCR’s) approved by the European Commission, obliging the recipient to safeguard personal data; or
These organisations are:
We will always protect the data that you entrust to us via appropriate security measures and controls. We are ISO 27001 and ISO 9001 certified.
We’ll ensure through the contracts we have in place, that other businesses we work with are just as careful with your data.
We will always take appropriate technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.
We continually test, audit and monitor our compliance with Information Security standards and relevant Data Protection regulations.
You have certain rights set out in the data protection law including:
● the right to request access to and rectification or erasure of personal data that we hold about you;
● a right to object to and to a restriction of our processing of your personal data; and
● the right to data portability.
Where we process your personal data based on consent you have the right to withdraw your consent at any time.
You can exercise these rights at any time by contacting us at [email protected].
Please let us know if you are unhappy with how we have used your personal data by contacting us using the details found at the top of this policy.
You also have a right to complain to the Information Commissioner’s Office. You can find their contact details at www.ico.org.uk. We would be grateful for the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.