Collier & Catchpole Ltd – Privacy Notice

Collier & Catchpole Ltd is committed to protecting your privacy and complying with data protection laws applicable to the United Kingdom, including the UK General Data Protection Regulation (GDPR) and the Data Protection Act 2018 (DPA).

We can be contacted via the following:

By Post

11 London Road

Stanway

Colchester

CO3 0NT

By Phone

01206 715500

By Email

[email protected]

1. Personal Information

Personal information refers to any data related to an individual who can be identified directly or indirectly, often through a name, account number, location, online identifier, or other unique attributes. This can include “special category data” such as racial or ethnic origin, political opinions, religious beliefs, trade union membership, physical or mental health, and criminal records and allegations. When we collect personal information, mandatory fields are marked with asterisks on our website.

1.1 Who the Information Concerns

This privacy notice applies to personal information we (including subsidiaries, affiliates, and relevant third parties) process concerning the following individuals:

– Visitors to our website

– Customers who purchase goods or services or create an account with us

– Our suppliers

1.2 Types of Data

We may process various types of information about you, including but not limited to:

Personal Details: Name, address, email, phone number, date of birth, identification copies, account name

Order Details: Delivery addresses, payment details, contact information, complaints/enquiries, delivery photos, survey and installation details

Account Details: Identification, purchase history, credit limits, contact information, account activity, login details

Fraud Prevention: Anti-money laundering and credit check results, fraud investigations

Website Details: Our server logs capture details like your operating system, browser, IP address, URL, and visit date and time

1.3 Purposes of Processing

Website Visitors:

You can browse our website without providing personal details. We use cookies for site analysis and functionality—see our Cookies Policy for more information.

Customers:

If you purchase products or services, we may process your information for:

– Responding to enquiries, complaints, or rights requests

– Providing or quoting services

– Informing you about our products and services (including marketing)

– Processing and following up on orders

– Managing your account, including identity checks

– Managing credit accounts, including credit checks

– Using purchase history for rebates and supplier claims

– Conducting market research

– Improving website content and tracking activity

– Linking with social media for advertising

– Notifying you about important changes

– Managing deliveries, returns, and refunds

– Processing competition entries

– Product liability purposes

– Handling enquiries and complaints

– Claims management and insurance purposes

– Record keeping

Suppliers:

If you supply products or services, we may use your personal information for:

– Processing and managing orders

– Managing deliveries, installations, returns, and refunds

– Product liability

– Managing accounts, including credit and background checks

– Conducting market research

– Notifying you about changes to our websites, services, and policies

– Supply chain management

– Handling rights requests, enquiries, and complaints

– Claims management and insurance purposes

– Record keeping

If you have questions about how we use your personal information as a supplier, please contact the Commercial Team or your usual business contact.

1.4 Third-Party Sources

We may receive information about you indirectly from:

– Next of kin / delegated authorities

– Business associates

– Your employer in partnership/business with the Travis Perkins Group

– “Trusted Sources” such as:

– Credit/default agencies

– Financial institutions

– Insurance companies

– Health providers

– Third-party service affiliates or suppliers who have obtained your consent

1.5 Call Recording

Some calls, especially those to our customer service teams, may be recorded or monitored for:

– Training and quality control

– Evidence of conversations

– Crime prevention or detection (e.g., fraudulent claims)

2. Legal Basis for Processing

The legal basis for processing your personal information depends on the specific activity and business area involved. It may include:

Consent (Article 6(1)(a) GDPR): When you have given us permission.

Performance of a Contract (Article 6(1)(b) GDPR):

– When setting up an account

– To process orders

– For contracts with you or your employer

– To provide quotes or estimates

Legal Obligation (Article 6(1)(c) GDPR): When required by law, such as:

– Privacy and Electronic Communications Regulation

– Crime and anti-money laundering

– Financial services

– Employment

– Health and safety

Legitimate Interests (Article 6(1)(f) GDPR): For purposes like:

– Managing communication opt-out requests

– Training, communication, and awareness

– Direct marketing

– Web analytics and cloud storage

– Track and trace requirements

– Understanding customer interactions

– Improving website facilities

We do not typically collect special category data unless we suspect criminal activity, such as fraudulent claims. In such cases, we may record details and take appropriate actions, including reporting to relevant authorities.

If we process special category data, the legal bases may include:

– Explicit Consent (Article 9(2)(a) GDPR)

– Establishing, Exercising, or Defending a Legal Claim (Article 9(2)(f) GDPR)

– Legal claims under Schedule 1, Part 3, Paragraph 33 DPA 2018

3. Data Sharing

We engage service providers to assist in business operations and service delivery. We share personal information only as necessary for these services, and third parties are prohibited from using it for other purposes. Contracts are in place to protect personal information shared with third parties.

Personal data may be disclosed to:

– Tax, customs, and excise authorities

– Regulators, courts, and the police

– Fraud screening agencies

– Duplicate payment reviewers

– Central and local government

– Insurance companies

– Other professional advisors

We may share your information with credit reference agencies (CRAs) for assessing creditworthiness, identity checks, managing accounts, debt recovery, and preventing criminal activity. We may also disclose information if necessary to enforce terms and conditions or protect our rights and safety.

In case of business reorganization, share purchase, or asset transfer, your personal information may be disclosed and/or transferred accordingly.

3.1 Links to Other Websites

Our website may contain links to third-party sites not operated by us. We are not responsible for the content of these sites. Please review their privacy policies.

4. International Transfers

Some service providers are located outside the UK, which may result in your personal information being transferred internationally. We ensure data protection standards through binding corporate rules, adequacy rulings, and model clauses.

5. Security

We implement administrative, technical, and physical safeguards to protect your personal information. However, internet transmission is not completely secure, and any transmission is at your own risk. We take measures to safeguard your data upon receipt.

If you have an account, it may be password-protected. Keep your password confidential and sign out after use. Access to personal data is limited to those with a legitimate need, and third parties process data only under our instruction.

6. Retention

Information is retained only as long as necessary for its purpose, in line with business needs, legitimate interests, and legal obligations. For specific retention schedules, contact customer services.

7. Rights

You have certain rights regarding your data, including:

– The right to receive a copy of the information we hold about you

– The right to correct inaccurate or incomplete information

– The right to have your information erased

– The right to restrict processing

– The right to withdraw consent or object to processing based on legitimate interests

– The right to transfer your information to another organization

– The right to request human intervention in automated decision-making

These rights depend on the purpose and lawful basis for processing. For example, the right to erasure applies if you provided consent or we rely on legitimate interest. Requests can be made verbally or in writing, with a recommended follow-up in writing for clear correspondence. We respond within one month, extendable by two months for complex requests.

Identification may be requested to confirm your identity, limited to necessary documentation. If we refuse a request, we will provide an explanation and information on complaints procedures and supervisory authorities.

7.1 Direct Marketing

You may receive direct marketing from us if you signed up or if we have a legitimate interest. You can opt out at any time via the unsubscribe option in emails or texts, or by contacting us with your account number.

7.2 Profiling

We may use data analysis, matching, and profiling for purposes including:

– Website activity tracking

– Business conduct

– Fraud and money laundering investigation

– Financial viability analysis

– Business partner/client performance and risk analysis

– Anti-money laundering

– Tax reporting

– Credit default analysis

8. Lodging a Complaint

If you are dissatisfied with our use of your personal information or our response to a request, you can complain to the Information Commissioner’s Office:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Tel: 0303 123 1113 (local rate) or 01625 545745 (national rate)

Email: [email protected]

Contact them within three months of your last contact with us, after exhausting our complaints process.