Privacy

GDPR Privacy Policy

Classic Car Solutions Ltd a limited company is registered in England under company number 2827132, whose registered address is Moor Park, Moor Road, Leyburn, North Yorkshire DL8 5LA.  Our VAT No. is 602 216201.  Classic Car Solutions Ltds GDPR Point of contact for Clients & Suppliers is our Data Protection Officer who can be contacted by:

 

Email gdpr@bikergroup.co.uk

Telephone 01969 623020

Post Moor Park, Moor Road, Leyburn, North Yorkshire DL8 5LA 

Classic Car Solutions Ltd are listed on the ICO Register of Data Controllers (Ref: ZA374862)

We will collect and use your personal information to conduct our business, to enable you to set up and operate an account with us, in order to enable you to access, use and/or purchase our products and services and for the purposes set out in more detail in this section.  Your information may be shared with our associates and some third parties.

How we collect your informationWhat we do with it
Information when you communicate with us:

This may be in person, through our website, or via email, when you complete a questionnaire, over the phone, or via any other medium such publicly available information sources such as local authority planning applications including:

  • Your contact details (e.g. name, address, telephone or mobile number, email address)
  • Other details specifically pertaining to your enquiry 
  • Details pertaining to your planning application
We use this information to:

  • Deal with the specific reason that you have contacted
  • To process and administer enquiries
  • Provide our Services and Products
  • Carry out our obligations under contract with you
  • Comply with legal and regulatory requirements
  • Audit requirements
  • Answer any issues or concerns
  • Monitor customer communications for quality and training purposes
  • Analyse and improve our services
  • Send you information when you receive planning approval; where you may have a legitimate interest in Classic Car Solutions Ltd’s products or services
  • Notify you of changes to our services or rates
Information you provide as part of our trading agreement with your company (e.g. Suppliers):

  • Company name, address, registration number
  • Your contact details (e.g. name, address, telephone or mobile number, email address)
  • Your job title and contact details
  • VAT, Co. Registration Number and Bank Details
  • Other details specifically pertaining to our purchase 
We use this information to:

  • Purchase goods and services from your company
  • Send requests for quotations and tenders
  • Settle invoices and request credits as appropriate

 

How we collect your informationWhat we do with it
Information provided as part of your contract of services with Classic Car Solutions Ltd Limited:

    • Information regarding the services that we have provided you with or you have purchased
    • When and where you have made use of these services
    • Your bank account and payment details
    • A credit search (if you have sought a credit account)
  • Feedback forms
We use this information to:

  • Consider and process the enquiry for services
  • Provide our services and products
  • Process and fulfil your order
  • Carry out our obligations under contract with you
  • Administer, analyse and improve our services
  • Take payment from you or provide a refund
  • Maintain a record of your purchase (and inform our warranty process)
  • Notify you of changes to services or products
  • Help us to ensure our customers are genuine and to prevent fraud
  • Identify services, and marketing which might be of interest to you

 

Certain types of information are more sensitive than others.  This is known as “special data” and includes information about health and disability issues.  We may in certain circumstances receive such special information.  Below we have identified details of the special data, how we would receive it and how we will use it.

How we collect your informationWhat we do with it
Information that you give us, or we receive when using our products and/or services:

  • Information related to health and or disability which you provide to us in connection with the purchase of our products or use of our services
We use this information to:

  • Enable us to take account of any such health or disability issues in connection with providing our services

We collect and use your personal information for a variety of reasons.  A copy of our Data Retention Policy is available on request to our GDPR point of contact.

We need some information to enter into and perform our contract with you – for example your company name, your contact and payment details.

Some information processing is required to comply with a legal obligation due to our anti-fraud and anti-money laundering screening obligations or in the public interest such as making sure we verify our customers identify.  Your personal information may also be processed if it is necessary on reasonable request by a law enforcement or regulatory authority, body or agency, to enforce or apply the terms of any contract or legal obligation with us or in defence of a legal claim.  We will not delete personal information if relevant to an investigation or dispute.  It will continue to be stored until those issues are fully resolved.

 

Other information we collect because we have a legitimate business interest, for example in:

Some information is processed because you have given your consent.  This includes sharing your personal information with third party organisations where you specifically consented to us sharing your data with such organisations.

We will only keep your information for as long as is reasonably necessary.  It will depend on factors such as statutory requirements which specify that certain data must be retained for specific periods (e.g. information provided in connection with accident investigations, financial transaction and accounting information), whether you have any outstanding claims or warranties, an account with us or have interacted with us recently.  We will routinely refresh such information to ensure we keep it up-to-date,

If personal information is provided we may not be able to provide the information which you have requested or provide the relevant product or services.

We only keep your personal data for as long as we need in order to use it as described and/or for as long as we have your permission to keep it.

Your data will only be stored within the European Economic Area (“the EAA”) (The EAA consists of all EU Member States, plus Norway, Iceland and Liechtenstein).

Data security is very important to us and to protect your data we have taken suitable measures to safeguard and secure data collected through our business:

Steps we take to secure your data include

  1. In cases where personal data is being processed by third parties, a rigorous adequacy process is performed to ensure that your data is always secured;
  2. Web applications used by Classic Car Solutions Ltd are operated in ISO 27001 certified data centres in the UK;
  3. Firewalls, anti-virus/anti-malware, backups and disaster recovery are in place to prevent loss or deletion;
  4. Closed circuit television and locks to rooms, secures the data within our offices;
  5. Access to infrastructure and elevated privileges and network are granted on an as-needed basis;
  6. Infrastructure and web applications operated by Classic Car Solutions Ltd is backed up on a regular basis and business continuity and disaster recovery tested regularly;
  7. Ensuring all company IT equipment and mobile phones are password protected;
  8. All personal data on paperwork is locked away in locked filing cabinets, store rooms and offices and the keys only available to key personnel;

 

  1. Photographs will only be taken and used in pursuance of the business i.e. accident reports or site inspections.  No photographs of the public will be taken.  Consent to use photographs will be obtained if necessary.  Identifying images will be erased or blanked out on the photograph;
  2. All paperwork containing personal data no longer required is shredded or destroyed;
  3. Ensure all our employees, clients and suppliers are aware of our Data Protection Policies
  4. Ensure all employees have received training with regard to GDPR.

We will use all reasonable efforts to safeguard your personal information.  However, you should be aware that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of personal information which is transferred from you or to you via the internet.

We will limit access to your personal information to those who have a genuine business need to know it.  Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach.  We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

We may share your personal information with certain accreditation company’s, associates, suppliers or service providers.  They may process your personal data for us, for example organisations who check our Drivers License’s. Our suppliers and service providers will be required to meet out standards on processing information and security.  The information we provide them, including your information, will only be provided in connection with the performance of their function.

We may also share your information with certain third parties when we’ve received your consent (see above – Why we collect and how long we keep your information”) or because we need them to see your information to provide services or products to you.

We will only transfer data to jurisdictions within the European Union when appropriate safeguards are in place which provide an adequate level of protection for your information.

We may also disclose your personal data to third parties in the following circumstances:

Your personal data may be shared if it is made anonymous and aggregated, in such circumstances the information ceases to be personal data.

We set out below the rights you have over your information and how you can exercise those rights:

  1. We need your consent for some of the ways we use your information e.g. for marketing.  You can withdraw that consent at any time
  2. You can ask us to confirm if we are processing your information
  3. If we are processing your information, you can ask for access to your information
  4. You can ask us to correct your information if it is wrong
  5. You have a right to be forgotten and you can ask that our systems stop using your information
  6. You can ask us to restrict how we use your information
  7. You can ask us to stop using your information
  8. You have a right to complain to the relevant supervisory authority which in the United Kingdom is the Information Commissioner’s Office www.ico.org.uk 

We may, from time to time, expand or reduce our business and this may involve the sale and/or transfer of control of all or part of our business.  Any personal data that you have provided will, where it is relevant to any part of our business that is being transferred, be transferred along with that part of the business and the new owner or newly controlling party will, under the terms of this Privacy Policy, be permitted to use that data only for the same purposes for which it was originally collected by us.

In the event that any of your data is transferred in such a manner, you will be contacted in advance and informed of the changes.  When contacted, you will be given the choice to have your data deleted or withheld from the new owner or controller.

Note: More expansive detail can be found in Classic Car Solutions Ltd IT Security Policy IT-INFORSECURITY-POL-001 which includes details on Network Access and Authentication.

  1. All passwords used to protect personal data and equipment should be changed regularly and should not use words or phrases that can be easily guessed or otherwise compromised.  All passwords must contain a combination of uppercase and lowercase letters and numbers.  All software used by Classic Car Solutions Ltd is designed to require such passwords.
  2. Under no circumstances should any passwords be written down or shared between the employees, agents, associates or contractors, or other parties working on behalf of Classic Car Solutions Ltd, irrespective of seniority or department.  If a password is forgotten, it must be reset using the applicable method.
  3. All software (including but not limited to, applications and operating systems) shall be kept up-to-date.  Classic Car Solutions Ltd utilises the services of a third-party for all its IT Infrastructure Management [Signal Telecom, 10 Bailey Court, Colburn Business Park, Catterick Garrison, North Yorkshire, DL9 4QL].  They, through their duties shall be responsible for installing all security-related updates after the updates are made available by the publisher or manufacturer OR as soon as reasonably and practically possible, unless there are valid technical reasons not to do so; and
  4. No software may be installed on any Classic Car Solutions Ltd owned computer or device without prior approval from one of the following: sam.biker@bikergroup.co.uk OR howard.pearson@bikergroup.co.uk

 

This policy will be changed from time to time.  If we change anything important (the information we collect, how we use it or why), we will highlight those changes at the top of the policy and provide a prominent link to it for a reasonable length of time following the change.

 

Questions, comments and requests regarding this privacy policy can be directed to Classic Car Solutions Ltd at the address above.