We take your privacy seriously and will only use your personal information to administer your account and to provide the products and services you have requested from us; your account may be as a commercial client or supplier and/or a database contact. We will never sell, share, or use your personal information other than as described here.
This policy sets out how we will use and share the information that you give us or allow us to obtain from third parties. This policy describes your relationship with Eden Eco Solutions Ltd. This document in no way represents any agreement between you and Eden Eco Solutions Ltd other than as described here.
WHO WE ARE AND HOW TO CONTACT US
T: +44 (0) 203 868 2530 | E: firstname.lastname@example.org
Eden Eco Solutions is registered in England No. 10462502. Registered office: Progress House, 404 Brighton Road, South Croydon, Surrey CR2 6AN, UK
HOW TO CHANGE YOUR PREFERENCES
You can email/call the details above to contact us to change your preferences at any time. This includes requests to object to processing, to be forgotten [right to be deleted], for your data to be corrected, or to transfer your data to another platform. We take your rights seriously and will always reply promptly and professionally.
HOW WE OPERATE
We operate in line with the EU GDPR [May 2018] Data Protection guidelines. We are committed to maintaining your personal rights and allow all users to change or withdraw their consent options at any time. We will also advise you on how to complain to the relevant authorities, namely the Information Commissioners Office.
This policy relates to clients, suppliers and database contacts of Eden Eco Solutions Ltd who may receive various services that we provide. Processing of your data is required in order to offer you these services. We will keep processing of PII (Personally Identifiable Information) down to the bare minimum in order to lawfully provide your contracted services.
WHAT THIS POLICY APPLIES TO
This section describes the lawful basis for processing your data and applies to the information about yourself that you choose to provide us with or that you allow us to collect. We exercise our rights under the consent lawful basis as you are free at any time to register to use this service and consent to receive information from us or at any time to choose to stop using this service and remove your consent. We will always respect your decision to remove consent.
The information we collect and use includes:
– information you provide during the sales & contract negotiations process.
– information you provide: documents, spreadsheets, or other material.
– information given and stored as part of our ongoing relationship.
The only exception to this is when you request a call/email-back – we exercise our right under legitimate interest in order to call you back and send email marketing information for other related services that may be of interest.
SCOPE OF CONSENT
OPTING OUT AT A LATER DATE
Once you have given your consent, you can however still control whether or not you continue to receive communications or receive marketing from us. The simplest way to remove consent is to contact us directly, however you can also remove consent depending on the channel of communication: You can also opt out at any time from communications via any of the methods described above by emailing us at: email@example.com
HOW WE STORE AND PROCESS YOUR DATA
Your account data will be collected, stored and processed in the UK and EEA only. For commercial clients and suppliers, your data will be stored for seven years after your last recorded use of services provided by us, in order to provide updates and offers that may be of interest to you. If we are working under a deed, this will be extended to 13 years. We will store transaction, payment, order and project data for up to 7 or 13 years, respectively, or for as long as required by UK financial and company regulations. For database contacts, our data will be stored for up to three years after your last recorded dialogue with us, in order to provide updates and offers that may be of interest to you. We use recognised third parties to manage our company accounts and provide banking and customer relationship management services. These third parties may operate outside the EU.
We are a data controller and processor in relation to the information that you provide us with. As a result, we are legally responsible for how that information is handled.
We will always endeavour to comply with the Data Protection Act 1998, the GDPR  and Privacy and Electronic Communications Regulations (PECR) in the way we use and share your personal data. Among other things, this means that we will only use your personal data:
– fairly and lawfully,
– as set out in the legislation and this policy,
– to the extent necessary for these purposes.
We will process your personal data ourselves as the data processor. We will take reasonable precautions to safeguard the personal information that you supply.
ANALYSIS AND DERIVATIVE DATA PRODUCTS
Sometimes your data will be used for analysis purposes or to build data products. In these instances, the information is aggregated and wherever possible anonymised in line with the Information Commissioner’s code of practice. Again, these products are of a marketing nature.
All third party users of your data are required to adopt and implement good practice security measures to prevent the loss of, or unauthorised access to your personal information. Where valid, appropriate, verified and subject to legal obligations, third parties are also expected to complete rectification or erasure requests within 72 hours of receipt.
The Provider may subcontract any of its obligations under this Agreement. The Provider shall remain responsible to the Customer for the performance of any subcontracted obligations.
We will report any breaches or potential breaches to the appropriate authorities within 24 hours, and to anyone affected by a breach within 72 hours. If you have any queries or concerns about the data usage please contact us.
Under the GDPR, we are also permitted to share some information with third parties who use such data for non-marketing purposes (including credit and risk assessment and management, identification and fraud prevention, debt collection and returning assets to you). This would include the data you provide to us today, at any time in the past and in the future.
CONTACTING US, EXERCISING YOUR INFORMATION RIGHTS AND COMPLAINTS