SOLUTION PRIVACY POLICY V1.0 18SEP2019

  1. INTRODUCTION

This privacy policy describes how Capital Fireplaces (hereinafter “we, our or us”) process personal data.

The use of personal data by businesses is subject to a complex array of data protection law and regulation. This privacy policy is written in compliance with the Data Protection Act 2018, incorporating GDPR and any successor legislation.

We take the protection of your personal data seriously and respect your privacy. We maintain a high standard of data protection and security.

The Data Subject, you, will be a user and/or owner of at least one solution electric fire marketed and sold by the Controller through a network of approved dealers.  A feature of these fires is that they can be controlled and operated remotely by using a smart phone/tablet/watch application or a smart speaker.  In order to enable this control feature an account must be created by the Data Subject/user/owner, you.  This account will be administered and hosted by the Processor.  

The information provided in this policy is clear and concise to make it easy to understand. Personal data collected directly from you or received by us from external parties for the purposes of making contact with you, with your consent, to promote, market the sale of, and sell our products and/or services, is subject to this privacy policy.

Please read the policy in full.

  1. WHO ARE WE?

We are Capital Fireplaces Ltd, a British company since 1990 and one of the leading UK trade suppliers of fireplaces, fires and stoves. We are the data controller as we determine with your consent, what authorised dealers/stockists/partner companies closest to your postcode location will receive and process your data for the means of contacting you only in relation to the promotion, marketing and/or sale of our products and/or services.  Our contact details are shown below.

  1. WHAT INFORMATION DO WE COLLECT AND HOW DO WE USE IT?

We collect the following personal data when you create a solution account:

  • First name
  • Last name
  • E-mail address
  • User defined password
  • The fact that the Data Subject/user/owner has accepted the Controller’s Terms and Conditions and Privacy Policy
  1. WHAT DO WE DO WITH YOUR DATA?
  • On the occasion that you forget your password the e-mail address will be used by the processor to reset your password.
  • On the occasion that you request your personal information, then the Processor will provide that information, as soon as practicable, to you in the format requested.
  • On the occasion that you request that your personal information is deleted, then the Processor will do so as soon as practicable.
  1. WHEN DO WE SHARE YOUR PERSONAL DATA WITH ANY OTHER EXTERNAL PARTY?

We only share your data with our authorised data processor with whom we have a contract to manage and process your personal information confidentially in order to create a solution account for you, reset passwords as necessary or delete data when requested.

  1. WHEN DO WE OBTAIN YOUR DATA FROM AN EXTERNAL PARTY AND HOW DO WE PROCESS IT?

We may obtain personal contact details from a partner company. Your contact details are required in case we want to provide you with information or product updates relating to the products and/or services you have bought from one of our approved suppliers.

  1. WHAT LEGAL BASIS DO WE HAVE FOR PROCESSING YOUR PERSONAL DATA?

We process your personal data only with your consent (which is provided when you accept these Terms and Conditions and this Privacy Policy), and only for the purpose you have consented to. We would never process your information for any other purpose without your consent. We do not collect, obtain or process any sensitive special category of personal data.

  1. HOW DO WE SECURE YOUR PERSONAL DATA?

To safeguard your data, appropriate data protection and security measures are in place to protect your personal data against accidental or unlawful destruction, or accidental loss, alteration, and/or unauthorised disclosure or access. Data is transferred only by secure electronic means between us and our data processor.

Agreements are in place with our data processor and partner companies to ensure they also adhere to current data protection law and regulation, and appropriate security measures are in place. We do not transfer any personal data outside of the UK (EEA).

  1. WHERE DO WE STORE YOUR PERSONAL DATA, AND HOW LONG DO WE KEEP IT FOR?

Personal data is stored and retained by us and our data processor as long as you have a solution account.  On occasion we may keep anonymised data for the purposes of analysing sales data, account creating numbers and application downloads/updates.

  1. YOUR RIGHTS IN RELATION TO PERSONAL DATA.

You can rectify, erase, restrict or export your data or withdraw your consent by contacting us on 01462 813138, Monday to Friday 08:00 to 17:00.  No personal data is used for the purposes of automated decision making and/or profiling. Your data subject rights remain applicable for any data our data processor or partner companies have control over once your data has been transferred to them with your consent, which is provided when you accept these Terms and Conditions and this Privacy Policy.

  1. HOW TO CONTACT US.

If you have any questions or a complaint about the use of your personal information please contact us on 01462 813138, or write to us at:

Capital Fireplaces
Units 12-17
Henlow Trading Estate
Henlow
SG16 6DS

In the unfortunate event of a need for you to complain, we will do our best to resolve your complaint, if you however remain dissatisfied, after we have issued you with a final response letter you have the right to lodge a complaint with the :

Information Commissioner’s Office (ICO):

Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Telephone: 0303 123 1113

Website: https://ico.org.uk/concerns/

Our ICO registration number is ZA411315

  1. CHANGES TO OUR PRIVACY POLICY.

Any change to this Privacy Policy will be posted on our website. Please check back frequently to see any updates or changes to our Privacy Policy.

  1. GENERAL DATA PROTECTION REGULATION (GDPR)
  • I confirm that I am at least 16 years of age or older
  • I have read and accept any End User License Agreement (EULA), Terms and Conditions, Acceptable Use Policy, and/or Data Processing Addendum, which has been provided to me in connection with the software, products and/or services.
  • I have been fully informed and consent to the collection and use of my personal data for any purpose in connection with the software, products and/or services.
  • I understand that certain data, including personal data, must be collected or processed in order for you to provide any products or services I have requested or contracted for. I understand that in some cases it may be required to use cookies or similar tracking to provide those products or services.
  • I understand that I have the right to request access annually to any personal data you have obtained or collected regarding me. Should I make this request, you have agreed to provide me with a record of my personal data in a readable format.
  • I also understand that I can revoke my consent and that I have the right to be forgotten. If I revoke my consent you will stop collecting or processing my personal data. I understand that if I revoke my consent, you may be unable to provide contracted products or services to me, and I cannot hold you responsible for that.
  • Likewise, if I properly request to be forgotten, you will delete the data you have for me, or make it inaccessible. I also understand that if there is a dispute regarding my personal data, I can contact someone who is responsible for handling data-related concerns. If we are unable to resolve any issue, you will provide an independent service to arbitrate a resolution. If I have any questions regarding my rights or privacy, I can contact the Information Commissioner’s Office (ICO) using the contact details provided above.