Privacy Policy

We take your privacy seriously and will only use your personal information to administer your account and to provide the products and services you have requested from us; your account may be as a commercial client or supplier and/or a database contact. We will never sell, share, or use your personal information other than as described here.

ABOUT THIS PRIVACY POLICY

This policy sets out how we will use and share the information that you give us or allow us to obtain from third parties. This policy describes your relationship with Eden Eco Solutions Ltd. This document in no way represents any agreement between you and Eden Eco Solutions Ltd other than as described here.

WHO WE ARE AND HOW TO CONTACT US

T: +44 (0) 203 868 2530 | E: info@edenecosolutions.com

Eden Eco Solutions is registered in England No. 10462502. Registered office: Progress House, 404 Brighton Road, South Croydon, Surrey CR2 6AN, UK

HOW TO CHANGE YOUR PREFERENCES

You can email/call the details above to contact us to change your preferences at any time. This includes requests to object to processing, to be forgotten [right to be deleted], for your data to be corrected, or to transfer your data to another platform. We take your rights seriously and will always reply promptly and professionally.

HOW WE OPERATE

We operate in line with the EU GDPR [May 2018] Data Protection guidelines. We are committed to maintaining your personal rights and allow all users to change or withdraw their consent options at any time. We will also advise you on how to complain to the relevant authorities, namely the Information Commissioners Office.

WHO THIS PRIVACY POLICY APPLIES TO

This policy relates to clients, suppliers and database contacts of Eden Eco Solutions Ltd who may receive various services that we provide. Processing of your data is required in order to offer you these services. We will keep processing of PII (Personally Identifiable Information) down to the bare minimum in order to lawfully provide your contracted services.

WHAT THIS POLICY APPLIES TO

This section describes the lawful basis for processing your data and applies to the information about yourself that you choose to provide us with or that you allow us to collect. We exercise our rights under the consent lawful basis as you are free at any time to register to use this service and consent to receive information from us or at any time to choose to stop using this service and remove your consent. We will always respect your decision to remove consent.

The information we collect and use includes:

– information you provide during the sales & contract negotiations process.

– information you provide: documents, spreadsheets, or other material.

– information given and stored as part of our ongoing relationship.

The only exception to this is when you request a call/email-back – we exercise our right under legitimate interest in order to call you back and send email marketing information for other related services that may be of interest.

SCOPE OF CONSENT

By submitting your personal data to us, you are affirming your consent for such information to be used in accordance with this Privacy Policy. You will be able to withdraw that consent at any time by the methods described. Provided said information is not required to continue to the contracted services or to abide by statutory laws as laid down in England & Wales.

OPTING OUT AT A LATER DATE

Once you have given your consent, you can however still control whether or not you continue to receive communications or receive marketing from us. The simplest way to remove consent is to contact us directly, however you can also remove consent depending on the channel of communication: You can also opt out at any time from communications via any of the methods described above by emailing us at: info@edenecosolutions.com

HOW WE STORE AND PROCESS YOUR DATA

Your account data will be collected, stored and processed in the UK and EEA only. For commercial clients and suppliers, your data will be stored for seven years after your last recorded use of services provided by us, in order to provide updates and offers that may be of interest to you. If we are working under a deed, this will be extended to 13 years. We will store transaction, payment, order and project data for up to 7 or 13 years, respectively, or for as long as required by UK financial and company regulations. For database contacts, our data will be stored for up to three years after your last recorded dialogue with us, in order to provide updates and offers that may be of interest to you. We use recognised third parties to manage our company accounts and provide banking and customer relationship management services. These third parties may operate outside the EU.

OUR OBLIGATIONS

We are a data controller and processor in relation to the information that you provide us with. As a result, we are legally responsible for how that information is handled.

We will always endeavour to comply with the Data Protection Act 1998, the GDPR [2018] and Privacy and Electronic Communications Regulations (PECR) in the way we use and share your personal data. Among other things, this means that we will only use your personal data:

– fairly and lawfully,

– as set out in the legislation and this policy,

– to the extent necessary for these purposes.

We will process your personal data ourselves as the data processor. We will take reasonable precautions to safeguard the personal information that you supply.

If you have any requests concerning your personal information or any queries about our privacy policy, website or service, please contact us using the details given above. We are friendly and professional and will always help.

ANALYSIS AND DERIVATIVE DATA PRODUCTS

Sometimes your data will be used for analysis purposes or to build data products. In these instances, the information is aggregated and wherever possible anonymised in line with the Information Commissioner’s code of practice. Again, these products are of a marketing nature.

THIRD PARTIES

All third party users of your data are required to adopt and implement good practice security measures to prevent the loss of, or unauthorised access to your personal information. Where valid, appropriate, verified and subject to legal obligations, third parties are also expected to complete rectification or erasure requests within 72 hours of receipt.

The Provider may subcontract any of its obligations under this Agreement. The Provider shall remain responsible to the Customer for the performance of any subcontracted obligations.

SECURITY

We will report any breaches or potential breaches to the appropriate authorities within 24 hours, and to anyone affected by a breach within 72 hours. If you have any queries or concerns about the data usage please contact us.

LEGITIMATE INTERESTS

Under the GDPR, we are also permitted to share some information with third parties who use such data for non-marketing purposes (including credit and risk assessment and management, identification and fraud prevention, debt collection and returning assets to you). This would include the data you provide to us today, at any time in the past and in the future.

CONTACTING US, EXERCISING YOUR INFORMATION RIGHTS AND COMPLAINTS

If you have any questions or comments about this Privacy Policy, wish to exercise your information rights in connection with the personal data you have shared with us or wish to complain, please contact us. Where valid, appropriate, verified, and subject to legal obligations, we will complete objection, rectification or erasure requests within 72 hours of receipt by us. We will process Subject Access Requests (SARs) within 20 days, SAR responses are usually free but we reserve the right to charge for excessive or unfounded requests. We fully comply with Data Protection legislation and will assist in any investigation or request made by the appropriate authorities. This policy may be updated from time to time – where material changes occur we will contact you on the email address provided. You have the right to remove consent at any time.