Privacy & Legal Statement
The privacy of your personal information is important to us at Hyperclicks. This Statement is therefore designed to provide you with appropriate information, assurance and confidence that we are handling your data in a secure, professional manner, with the respect it deserves. This statement therefore addresses what personal information we collect and how we handle the personal information shared with us. Please read the following carefully to understand our views and internal practices.
For the purposes of the General Data Protection Regulations (GDPR), the data controllers are Hyperclicks Limited, trading as Hyperclicks, with the Data Protection contact being Mike Carter
This statement was most recently reviewed in January 2018. It is subject to regular reviews and may be updated in accordance with changes to legislation or internal processes.
WHAT PERSONAL DATA DO WE COLLECT AND WHY?
We will not collect any personally identifiable information about you unless you provide it to us voluntarily. If you do not want your personal data collected, please do not submit it to us. Some information provided may be legally or contractually required and therefore, if not provided, will limit the services that Hyperclicks are able to provide.
We process personal information to enable us to repair and sell vehicles; maintain our accounts and records; advertise our services; provide financial services leads for the consumer and to support and manage our employees. We also process personal information using a CCTV system to monitor and collect visual images for the purposes of security and the prevention and detection of crime.
We process information only relevant for the above reasons/purposes, which may include:
- Personal Details
- Family Details
- Financial Details
- Employment Details
- Goods/Services Provided
- Visual images and personal appearance/behaviour
- Sensitive data, which may include physical/mental health, racial/ethnic original, lifestyle/social circumstances.
By providing us with your contact details and providing consent, you are confirming that you are happy to receive correspondence from Hyperclicks. In being able to manage the ways we contact you, four key methods will be used; Telephone, Post, Email, Text Message (SMS).
We may also obtain information about you from associated subsidiaries as well as other sources such as companies that provide potential purchasers and current owners’ data. It would be suggested that if you would not like us to obtain your information through third parties, that they are contacted directly in order for them not to supply us with your personal information.
Hyperclicks are likely to also to have to utilise Legitimate Interests as a method of contacting you. In GDPR, Legitimate Interest stipulate that there may be scenarios in which we will contact our customers without their consent to do so. When we process your personal information for our legitimate interest, we make sure to consider and balance any potential impact on you (both positive and negative) and your rights under data protection laws.
HOW DO WE SHARE YOUR PERSONAL DATA?
Hyperclicks may share the information it collects about you with selected third parties. Where necessary or required, we will share information with;
- Business Associates
- Current, past and prospective employers
- Goods/Service providers
- Financial Organisations
- Police Forces
- Suppliers and Central Government
A full listing of companies with whom Hyperclicks may share your information with is available upon request and on our website. Under GDPR, unless there is a legal, contractual or legitimate interest for us to share your information, you have the opportunity for your information to not be provided to third parties.
Hyperclicks have carried out specific vetting of third parties to ensure that they are compliant with GDPR and further ensure that your personal data is handled in a manner required under legislation. Please note that Hyperclicks will never sell your information on.
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA). It may also be processed by staff operating out of the EEA who work for Hyperclicks, associated subsidiary or one of our suppliers on our current list of third parties. By submitting your personal data and agreeing for this to be shared, you agree to this transfer and its associated processing and storing. In some cases, the process will not require your consent as they will be a legally or contractually binding part of your dealings with us. Third parties which share your information outside of the EEA will be vetted accordingly to ensure that your data is being handled appropriately.
HOW CAN YOU BE ASSURED THAT YOUR DATA IS BEING HANDLED APPROPRIATELY?
Hyperclicks have carried out stringent checks throughout the organisation to ensure that your data is handled in a secure manner. Some key security measures that the organisation abides by include;
- A strict clear desk policy which ensures that no personal documentation is ever left unattended as well as lockable cabinets throughout the organisation
- Password protected, security encrypted security systems, including firewalls and antivirus protection systems for additional security
- Subject to external and internal data protection audits
- Restricted use of portable IT methods including USB’s and laptops
- Information Security Policy and Data Protection Policy for internal staff to abide by
- Internal Data Retention Policy and approved shredding contractor for disposal of protected documents.
WHAT ABOUT THE SECURITY OF MY INFORMATION WHEN DEALING WITH YOU ONLINE?
In some cases, we may collect information about you which is not personally identifiable via our website.However, under GDPR, if that information can be linked in some way to a living individual this can now be classified as restricted data. Examples include obtaining your IP address, the type of internet browser you are using and the computer operating system that you are using, as well as the search engine you accessed to locate our website or the associated advertisement that was clicked on a third-party website to link you to our webpage. Although all these are used predominantly for statistical purposes, these do have the potential to be linked to an individual and therefore fall within this statement.
Some links provided in the Hyperclicks website may lead to websites furnished by independent website owners. Using these links may mean that you leave the Hyperclicks website. The information presented therein is the sole responsibility of the site owners. Hyperclicks has no control of responsibility for the content of the independent sites and provides these links for website visitors for their convenience. If you decide to access any of the third-party sites from this website, you do so entirely at your own risk.
WHAT RIGHTS DO YOU HAVE OVER YOUR PERSONAL INFORMATION?
Under GDPR, individuals have by far greater ownership of the way in which they are able to manage their own personal information. There are now eight areas in which you have rights, known as the Data Subject Rights and they are broken down as follows;
Right to Access/Subject Access Requests – The Right to Access provides you with the opportunity to obtain all the information Hyperclicks hold about you as an individual (also known as Subject Access Requests). The GDPR allows Hyperclicks one month to provide you with all the information we hold about you, your vehicle and your address. This will solely be in relation to the person making the request. We will review all our manual and electronic data and provide you with everything accordingly. If your request specifies what documentation you require, this will assist us in responding to your request more quickly.
Right of Rectification – If you believe that the information that Hyperclicks hold about yourself is incorrect, inaccurate or incomplete, the right of rectification ensures that you can contact us and we will update it accordingly. We will provide you with confirmation once the update has taken place.
Right to Erasure – Under GDPR, you have the option for all records of your personal information held by Hyperclicks to be erased. There are however a number of exemptions to this right, given that we may have legal or contractual rights to retain your person information. If, however, it is felt that Hyperclicks hold information about you which is no longer necessary for the initial purpose it was collected, your right to erasure will be granted.
Right to Data Portability - GDPR provides you with the opportunity for your personal information to be provided back to you in a portable format. This means that you can transfer your data to a different provider without the need for you to provide it again to them.
Right to Withdraw Consent – Hyperclicks likes to give you the opportunity to manage the way in which we communicate with you. Under GDPR, this is known as the Right to Withdraw Consent. If for any reason, you would no longer wish for us to contact you, either entirely, or via certain methods, this right can be used. This simply means that Hyperclicks will update your contact preferences within our systems, as well as advising third parties with whom we have supplied your information of your updated preferences also.
Right to be Informed – This right encompasses the need for transparency over how we use your data and is the intention for this entire document. It ensures that Hyperclicks supply appropriate notification about our processing activities and ensure that they are concise, transparent, easily accessible, written in clear, plain language and free of charge.
Right to Restrict Processing – This allows you the opportunity to let us hold your data but not process it for marketing purposes. If you request this right to be actioned, Hyperclicks will place you on a suppression list where it is no longer processed.
Right to Object – Under GDPR you can object to processing based on legitimate interest or a task classified as being in public interest, direct marketing and processing for purposes of scientific/historical research and statistics.
WHAT HAPPENS IF YOUR PERSONAL DATA IS BREACHED?
As detailed throughout this statement, we will endeavour to ensure that your personal information is retained in accordance to legislation. However, if for any reason we discover that your personal information has been breached in anyway, including lost, stolen or hacked, dependant on the level of its severity, we will ensure that the Information Commissioners Officer (ICO) and you, as a customer, are made aware within 72 hours of us understanding that a breach has been made.
Hyperclicks staff have been trained in being able to understand and appreciate whether personal information has been breached, and have a duty of care to ensure that the Data Protection Officer is informed as soon as a breach has been identified.
Action will then be taken to minimise the risk to your personal data as seen fit in accordance to the incident including following guidance from the Data Protection Officer and the ICO. We will also inform you once we are fully aware that the additional security measures have been put in place to further secure your information.
HOW DO YOU CONTACT US REGARDING YOUR PERSONAL DATA AND HOW IT IS HANDLED?
If you wish to contact us regarding;
- the manner in which your personal data is handled
- updating your personal preferences
- utilising your personal rights
- wishing to complain
1) Email us at firstname.lastname@example.org
2) Post your enquiry to The Data Protection Officer, Hyperclicks, 75 Cranston Park Avenue, Upminster, Essex, RM14 3XD
Please note, we may require proof of identity in order to complete some requests. A copy of your driving licence is the most suitable.However other forms of photographic identity are also acceptable.
If you remain unhappy with the manner in which your data is being handled and/or you feel that the response is not sufficient, please contact the Information Commissioners Officer (ICO) using their website www.ico.org.uk who are the supervisory authority for data protection within the UK.