This policy sets out the legal principals and conditions that we follow in the handling, processing, transporting and storing of personal data.
FK Group Limited (including other entities within the group of companies) is committed to the protection of personal data. This policy outlines how we will use personal data and the reasons and steps we take to protect this data.
1. Who we are
We are FK Group, comprised of the following entities: FK Group Limited (company number: 07732053), FK Facades Limited (company number: 02874877), FK Construction Limited (company number: 09890502) and FK Projects Limited (company number: 08222605) each of which have their registered office at Keenan House, 22-26 Stockport Road, Altrincham, Cheshire, WA15 8EX (“FK”, “we”, “our” and “us”) and we may collect and hold personal data about you when you or your business/employer contract or otherwise work with us (or contemplate contracting or working with us), or you or your business/employer interact with us and/or use our website (www.fkgroup.co.uk).
The company within our group that controls your personal data (the “data controller”) will vary depending on how and why we are collecting your data. Where we have entered into a contract with you or your business/employer (or are contemplating doing so) the company in our group who is/will be the party to the contract will generally be the data controller. Where you submit personal data to us through our website the controller will generally be Daniel Halliwell, IT and Process Director.
2. Scope of this policy
We are committed to respecting your privacy and protecting the personal data you share with us and that we collect about you. This policy tells you about how we may use the personal data we collect about you when you or your business/employer works with us, contemplates working with us or uses our website. It also provides more information about your privacy rights and how the law protects you.
3. How do we collect your personal data, what do we collect and what do we do with it?
We have set out below the personal data we may collect from you, how this is collected and how this is used by us.
We may collect your name, email address, phone number, address and job title where we have a business relationship with you or your business/employer, in order to:
- Review this to ensure you have the appropriate qualifications, experience and clearances to carry out any work we/another business are engaging you to carry out.
- Share this with our customers, where necessary/requested.
- Retain this for our own compliance records.
- Use this to contact you as and when necessary in respect of any work you are carrying out.
We collect your name, email address when you register to receive our news and latest information by email, in order to:
- Ensure you receive all the latest news and information about the FK Group.
We collect your name, email address and any other information (including information publicly available on your social media profile, where you interact with us via social media) you include in your message when you send us a message with a comment or question on our website, by post, email, phone or on any of our social media pages (Twitter, LinkedIn or Google+) in order to:
- Deal with your comment/question and contact you about this, if necessary.
We may also collect, use and share data relating to you which is not “personal data”, such as demographic data or details of your typical use of our website. You can’t be identified from this information. We will use this information, for example, to improve our website.
4. Our lawful basis for what we do with your personal data
We will never use your personal data unlawfully. We have set out below our lawful basis for the various ways we use your personal data.
Analysing to verify your suitability to carry out particular work, sharing this with our own customers and contacting you in respect of the work:
- Necessary for our legitimate interests of ensuring we have appropriate personnel carrying out any work on our behalf, carrying out our contracts with our own customers, managing our risk position and keeping our personnel up to date in respect
Storing the data:
- Legal obligation and necessary for our legitimate interests (being, managing our risk and being able to keep accurate records).
Carrying out our business relationship with you or your business/employer:
- Performance of our contract with you, and necessary for our legitimate interests (being, the ability to perform our contract with our customer).
Sending you details of our products and offers by email:
- Necessary for our legitimate interests (being, promoting our business and keeping our customers up to date).
Dealing with your comments/questions (where these are not related to a specific order):
- Our legitimate interests of ensuring we provide the best possible customer service.
Improving and securing our website:
- Legal requirement of preventing fraud and necessary for our legitimate interests of ensuring that our website works effectively and is secure.
Where you have confirmed that you wish to receive marketing messages from us, you can stop us sending you these messages at any time by following the opt-out link in any marketing messages we send to you or by contacting us using the details below. Where you opt-out of receiving these messages, this will not apply to personal data provided to us as a result of us supplying our services to you (we may need to continue to hold this to enable us to perform our contract with you or your business/employer (as applicable) and/or pursuant to a legal obligation).
6. Sharing of Personal Data
We do not sell your personal data to any third parties. We may share your personal data with our group companies (who need to know such information for the purpose of doing business with you or your business/employer) and our carefully selected third party service providers who help us provide our services to you, including:
- Our website hosts.
- Our shredding company.
- Our couriers and similar delivery companies.
- Our professional partners, including our marketing agents.
- Our IT and technical service providers.
In certain circumstances we may also need to share your personal data with our legal advisers, bankers, auditors and insurers and our regulators, including HM Revenue & Customs and with any third parties to who we choose to sell or transfer any part of our business or assets.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third party service providers to use your personal data for their own purposes and only permit them to use your personal data for specified purposes and in accordance with our instructions.
7. Data Security
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such information. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
Our website may include links to third-party websites, plug-ins and apps. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites, are not responsible for their privacy statements and are in no way responsible for the content thereof. When you leave our website, we encourage you to read the privacy notice of every website and app you visit.
8. How long will we keep your information for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.
Where we have entered into a contract with you or your business/employer and are holding your personal data in connection with such contract, we will retain such personal data for six years from expiry of the contract to which the data relates or, where you or your employer/business have any other contracts with us, six years following expiry of all contracts with us.
Where you register to receive details of our latest news and information, we will keep your email address for such time as you wish to continue to receive such updates from us – this will either be until you “opt-out” or if you have not opened or clicked through any of our communications in at least the previous 12 months. We may need to retain your personal data for other purposes, e.g. dealing with any enquiry you have made.
We will retain your name, email address, phone number and any other personal data you have provided to us in connection with a comment/enquiry for two months after we have completed dealing with any enquiry/comment you have made or where this relates to a contract, six years from expiry of the relevant contract.
We will retain any Technical Data for 14 days following collection.
9. Your legal rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data, including the following:
- The right to request access to personal data we are holding about you.
- The right to request that the personal data we are holding about you be updated/corrected.
- The right to request erasure of the personal data we hold about you.
- The right to object to our processing of your personal data on the basis of our legitimate interests.
- The right to object to our processing of your personal data for direct marketing.
- The right to request that we restrict our processing of your personal data.
- The right to request that your personal data be transferred to you or another provider.
- The right to withdraw your consent to our processing (where we are relying on your consent).
- The right not be subject to any decision based solely on automated processing where such decision has legal or other significant effects on you.
You also have the right to make a complaint to your data protection regulator (in the UK, this will be the Information Commissioner’s Office) but please contact us first before escalating your complaint.
10. Contacting us
Our data protection manager is Dan Halliwell who can be contacted at 0161 224 7227.
11. Changes to this Policy
We may change this policy from time to time to reflect how we are processing your personal data so you should review this policy regularly. If we make any significant changes to the policy we will contact you to let you know.