Estairs require to gather and use certain information from our customers, business contacts, organisations, and any other persons that we may deal with.
This policy describes how this personal data must be collected, handled and stored to meet both the
company’s data protection standards and to comply with UK law.
Why this policy exists
This data protection policy ensures Estairs:
- Complies with data protection law and follows good practice
- Protects the rights of customers, employees and partners
- Is open about how it stores and processes individuals’ data
- Protects itself from the risks of a data breach
Data protection law
The Data Protection Act 2018 describes how organisations must collect, handle and store personal information.
These rules apply regardless of whether data is stored electronically, on paper or on other materials.
To comply with the law, personal information must be collected and used fairly, stored safely and not disclosed unlawfully.
The Data Protection Act is underpinned by eight important principles. These say that personal data must:
- Be processed fairly and lawfully
- Be obtained only for specific, lawful purposes
- Be adequate, relevant and not excessive
- Be accurate and kept up to date
- Not be held for any longer than necessary
- Processed in accordance with the rights of data subjects
- Be protected in appropriate ways
- Not be transferred outside the European Economic Area (EEA), unless that country or territory also ensures an adequate level of protection
Information we gather
As a customer we may ask you for some or all of the following personal information:
- Contact details – e.g. name, address, email address and phone number
Why we need your personal information
Estairs require this information so that we can manage your enquiry in a timely and orderly fashion to ensure we respond to and investigate your questions, comments, support needs, complaints, or concerns.
Who we share your personal information with
Estairs may be required to share personal information with statutory or regulatory authorities to comply with statutory obligations. We may also share personal information with suppliers, professional and legal advisors for purposes of obtaining advice.
How we protect your personal information
Your personal information will be accessed by our staff only for the purposes set out above. It may be stored in electronic and paper records. We will never sell your data on to third parties and will take all reasonable technical and operational measures to store your personal data securely.
How long we keep your personal information
Estairs will only keeps your personal information for as long as necessary to provide you with services and in line with company laws.
You have a right to:
- Change your communication preferences or restrict the processing of your personal data for specific purposes.
- Request that Estairs correct your personal data if you believe it is inaccurate or incomplete.
- Request that Estairs delete your personal information.
- Access the personal data that Estairs hold about you through a “subject access request”.
These actions can be requested by contacting us, by email or in writing.
If you are dissatisfied with our handling of your personal information, you have a right to raise a
complaint with the Information Commissioner’s Office at www.ico.org.uk.