We take care to protect the privacy of our clients, staff, suppliers and their associates.
This Privacy Notice is a public declaration of how Go Glass applies the Data Protection Principles and Rights afforded to individuals by the General Data Protection Regulation (GDPR), to the personal data that we process. Go Glass is committed to complying with the principles relating to the processing of personal data under GDPR.
This Privacy Notice applies from 25 May 2018, when the General Data Protection Regulation comes into force. It does not give you any contractual rights. We may update this Privacy Notice at any time.
Who is the controller?
Go Glass (Cambridge) Ltd, 127 Cherry Hinton Road, Cambridge, CB1 7BS is the “controller” for the purposes of data protection law. This means that we are responsible for deciding how we hold and use personal data about you.
Our Data Protection Lead is Tracy Saunders. As Data Protection Lead, she is responsible for informing and advising us about our data protection law obligations and monitoring our compliance with these obligations. She also acts as your first point of contact if you have any questions or concerns about data protection.
What is your legal basis for processing my information?
Go Glass process your data on the legal basis of Legitimate interest.
What are the “legitimate interests” being pursued that allow you to process my information?
Go Glass act as a Data Controller of our Buyer and Supplier clients’ data and as Data Processor on behalf of our Buyers’ in respect of their supply chain data.
1. A Controller determines the purposes and means of processing Personal Data.
2. A Processor is responsible for processing personal data on behalf of a controller. Further detailed definition of the controller and processor roles can be found on the ICO website: http://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
The Legitimate interests pursued by Go Glass are;
1. We believe that our customers have a reasonable expectation that we will hold their data in order to offer warranties and technical backup on all products and systems for 2 – 5 years, however this is often extended beyond these periods.
2. We believe that our customers have a reasonable expectation that we will hold their data in order to offer the glass and product replacement service in case of breakdown of product or glass breakage beyond the warranty period.
3. We believe that our customers have a reasonable expectation that we will contact them to arrange deliveries of goods and to follow up with a feedback questionnaire.
4. We believe that our staff have a reasonable expectation that we will hold personal details and employment history (*see business associates)
The method and frequency of communications to buyers and suppliers does not impact vulnerable individuals.
What information are you collecting about me?
We collect and store data for the purposes of supporting the customer registration process.
The categories of personal data that we collect, and process are:
Personal Details: e.g. contact name, address, email, telephone number for your business;
Financial Details: e.g. Bank account, credit card, Direct Debt details of your business;
You have the option to submit personal information to us in order that we might send you further information and email alerts.
Why are you collecting information about me?
By submitting your personal information, you shall be consenting to it being processed in the manner described below by Go Glass:
1. To carry out our obligations arising from any agreements entered between you and us and to provide you with the information, products and services that you request from us.
2. To communicate with you to gain feedback on our products or services in order to improve them;
Who might you share my information with?
We may share your personal information only with third parties directly employed by us in order to support the activities of Go Glass, these will include :
1. Business partners, Suppliers and sub-contractors for the performance of any agreement we enter with them or you.
2. IT Support, who oversee our IT Systems including email.
3. Analytics and search engine providers that assist us in the improvement and optimisation of our site.
Where might you transfer my information outside the UK?
Smart Builder based in NZ have access to our server and personal data.
Our business partners include the following and their own GDPR policies are incorporated within our own.
IT Support Systems
A Head in the Cloud
Catfish Web Design
What rights do I have?
You have the following individual rights. Should you have any enquiries about how we use your data or wish to action your rights please contact us.
Our Data Protection Lead is Tracy Saunders (01223 211041).
As the Data Protection Lead, she is responsible for informing and advising us about our data protection law obligations and monitoring our compliance with these obligations. She also acts as your first point of contact if you have any questions or concerns about data protection.
1. The right to be informed. Go Glass provides fair processing of information by way of this Privacy Notice.
2. The right of access. You have a right to obtain confirmation about how we are processing your personal data and what data we hold about you. You can view this by requesting a copy of it. Should you request a copy of your data, including your personal data, Go Glass will provide this within one month of the request unless there are exceptional reasons for not doing so.
3. The right of rectification. If any information held is inaccurate or incomplete, you have the right to have that information corrected or completed. If other parties have been passed the information, where possible we will inform them of the rectification undertaken. All individual customer data is available to the customer to rectify.
4. The right to erasure (also known as the “right to be forgotten”). You have the right for your information to be erased. We will delete or remove your information on request if there is no compelling reason for us to keep it, such as for the ongoing administration of your account with us including for HMRC and VAT purposes.
5. The right to restrict processing. You have the right to “block” or suppress – this won’t affect the processing done so far, but will stop further processing. When processing is restricted, Go Glass are permitted to store your personal data, but not to process it further. The business can retain just enough information about you to ensure the restriction is respected in the future. For registered customers, exercising this right may prevent you from remaining a member of Go Glass where we are no longer able to process your data to perform our contractual obligations. Where registration has not been completed, exercising this right would block us from processing your data to perform our contractual obligations. Where registration has not been completed, exercising this right would block us from process your data for marketing purposes, and for completion of your registration.
6. The right to object. You have the right to object at any time to processing based on legitimate interest of Go Glass when Go Glass act as Data Controller, or in the performance of a task in the public interest/exercising of official authority (such as a police investigation); direct marketing (including profiling), and processing for purposes of scientific/historical research and statistics.
7. The right to complain. If you wish to discuss your personal data or lodge a concern about the way in which it is handled.
If you would like to exercise any of the above rights, please contact Tracy Saunders at [email protected] or Go Glass, 127 Cherry Hinton Road, Cambridge in writing. Note that these rights are not absolute and in some circumstances we may be entitled to refuse some or all of your request.
If you have any questions or concerns about how your personal data is being used by us, you can contact Data Protection Lead Tracy Saunders 01223 211041.
Please note that you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. Details of how to contact the ICO can be found on their website: https://ico.org.uk