Privacy policy
This Privacy Notice sets out the steps we follow when personal data is collected, such as our identity and how we intend to use the information, the lawful basis for processing the data, our data retention periods and that individuals have a right to complain to the ICO if they think there is a problem with the way we are handling their data.
Who we are
Mantek (Manufacturing) Ltd, Unit G, Holder Road, Aldershot, GU12 4RH
What information we collect and hold that constitutes personal data
The majority of the information we collect and hold that can be classed as ‘personal data’ is name, address and other contact details such as email address and telephone number of our existing customers, suppliers and other stakeholders, to enable us to provide our products and services. Additionally, we will hold the information required for collection and payment of invoices.
We also collect and hold information on staff necessary to manage and support our employees.
- Our Website may collect the following personal data
- Name and job title
- contact information including email address
- demographic information such as postcode, preferences and interests
- other information relevant to customer surveys and/or offers
We may as part of our marketing activities use names, addresses and other details such as email addresses and telephone numbers, to contact new prospects to gain consent to use their data for marketing purposes in order to generate new business. We will only hold this information once we have obtained consent to retain their data and explained the purposes of doing so.
How is it collected and by whom?
Personal data is collected when we are asked to provide a quotation for a product, answer technical enquiries, or to engage the services of a supplier. This will be done by a member of our team, for example, customer services. New prospect data may be collected from a prospect company’s web site, or networking events. Staff data is collected from the employee directly upon application to the company, then on an ongoing basis for the purposes of their employment.
How we use cookies
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system. We do not track individuals online e.g., using Lead Forensics, or use inferred information through algorithms, or profile people by analysing data derived from combining other data sets.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
A website user may when filling in forms, restrict the collection or use of personal information by clicking a box to indicate that they do not want the information to be used by anybody for direct marketing purposes.
What we do with the personal data we process
We are only collecting information we need and are going to use. We use the ‘personal data’ generally for carrying out our business as a manufacturer and stockist of seals and gaskets with specialised knowledge in the supply of precision seals.
For example, to provide a quotation, answer enquiries, create delivery notes, communicate information relating to the company and our business or to improve our website.
We do not use your information for a particular purpose other than to carry out our business and communicate with you where appropriate, nor do we collect personal data by observation or draw inference from any individual’s behaviour. We will not share any data with third-parties for marketing purposes.
We may, however, use the data provided by an existing customer to provide a quotation, to send them information on a related product or service that we think may be beneficial to them. This would only be done in a reasonable way, and in a manner that they would expect.
How long we keep personal data
We have specific retention times for each category of data which are set out in our Record Logs.
Who will your data be shared with
Data will only be shared with external third parties when there is a specific business need, for example we might share data if we were to outsource an aspect of work, or employee data will be shared with the pension provider.
To cover this sharing of data, we have agreements in place with all the suppliers that may come into contact with any of the personal data we hold, to ensure the supplier is compliant with GDPR, and recognise their responsibilities when processing our data.
All reasonable steps are being taken to ensure data security both organisationally and technologically. We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect and manage.
What will be the effect of this on the individuals concerned?
There should be no impact on the individual as a result of our processing. We aim to always be fair, transparent and ensure that people know how their information will be used. Data security is a key consideration and we do everything we can to protect the data we hold. This applies whether the personal data was obtained directly from the data subjects or from other sources.
Is the intended use likely to cause individuals to object or complain?
Our use of data will not have any unjustified adverse effects on individuals. We are only using information in a way which they would expect. There are no adverse consequences of not providing information to us – for example, non-receipt of a benefit.
The Lawful Bases of our data processing
The lawful bases for our data processing activity are Legitimate Interest & Contract for activities relating to staff, suppliers, existing customers and other stakeholders, and Consent for marketing communications purposes to new prospects.
In general terms, purpose of processing information is to enable us to provide, to support and manage our employees, promote and advertise our products and services, and maintain our own accounts and records.
- Legitimate Interest is appropriate to most of our processing activity, in order to conduct our business as outlined above.
- Contract – the processing is necessary for a contract we have with an individual, or we haven’t yet got a contract with an individual, but they have asked us to do something as a first step (eg provide a quote) and we need to process their personal data to do what they ask. It may be necessary to share limited customer information ie customer delivery requirements outside of the EU to fulfil global orders.
- Consent is the most appropriate legal basis for the processing of new prospect information. We would obtain consent in order to provide communications relevant to commercial requirements.
We will always make it clear when requesting Consent what the data will be used for and have clear, simple ways for people to withdraw consent. We will not transfer personal data outside the EU without the individual’s consent unless it is in relation to delivering a global order (fulfilment of a contract).
We will explain our lawful basis for processing personal data when we answer a ‘subject access request’.
Who the Data Controller / DPO is
Although we are not required to formally designate a Data Protection Officer (DPO), our Managing Director takes full responsibility for data protection compliance.
Individuals have the right to request access to the data we hold on them by submitting a request to do so addressed to our Managing Director, who will provide details on any information retained by us as outlined in our Data Protection Policy.
Data Protection by Design and Data Protection Impact Assessments
We aim to adopt a privacy by design approach and will carry out a Privacy Impact Assessment (PIA), also referred to as ‘Data Protection Impact Assessments’ (DPIA), as part of our GDPR compliance system in situations where data processing is likely to result in high risk to individuals, for example:
- where a new technology is being deployed;
- where a profiling operation is likely to significantly affect individuals; or
- where there is processing on a large scale of the special categories of data.
If a DPIA indicates that the data processing is high risk, and we cannot sufficiently address those risks, we will consult the ICO to seek its opinion as to whether the processing operation complies with the GDPR.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
The Right to Complain
Contact us if you have any questions about this privacy policy or our treatment of your personal data, please write to us by email via privacy@mantek.co.uk or by post to: Managing Director, Mantek (Manufacturing) Ltd, Unit G, Holder Road, Aldershot, GU12 4RH
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.
Data Controller
The Data Controller is Mantek (Manufacturing) Ltd, Unit G, Holder Road, Aldershot, GU12 4RH.
We always seek to treat an individual’s data fairly, however, individuals have the right to complain to our Managing Director, who will investigate and respond accordingly within one month. Complaints should be sent addressed to:
Mantek (Manufacturing) Ltd, Unit G, Holder Road, Aldershot, GU12 4RH or emailed to privacy@mantek.co.uk
Should the response not be resolved to the satisfaction of the complainant, the individual can also take up their issue with the Information Commissioner’s Office (the ICO) at the following address:
The Information Commissioner’s Office,
Wycliffe House, Water Ln, Wilmslow SK9 5AF