West One Bathrooms Ltd Privacy Notice
This privacy notice lets you know what happens to any personal data that you give to us, or any that we may collect from or about you. It applies to all products and services, and instances where we collect your personal data.
This privacy notice applies to personal information processed by or on behalf of West One Bathrooms Ltd.
Changes to this privacy notice
We may change this privacy notice from time to time by updating this page in order to reflect changes in the law and/or our privacy practices. We encourage you to check this privacy notice for changes whenever you visit our website – www.westonebathrooms.com/privacy.
West One Bathrooms Ltd
We are West One Bathrooms Ltd Unit D Davis Road Industrial Park, Davis Road, Chessington, Surrey, KT9 1TQ. Our Company Registration number is 1356065. We are a data controller of your personal data. This means we determine the purpose and means by which we process your personal data as described below.
Address: Unit D, Davis Road Industrial Park, Davis Road, Chessington, KT9 1TQ
2. What kinds of personal information about you do we process?
Personal information that we will process in connection with all of our products and services, if relevant, includes:
- Personal and contact details, such as title, full name, contact details and contact details history
- Records of your contact with us such as via the phone and if you get in touch with us online using our online services or via our social media
- Products you have purchased from us, as well as have been interested in and have held and the associated payment methods used (e.g. credit, cash payment etc.)
- Marketing to you and analysing data, including history of those communications, whether you open them or click on links, and information about products or services we think you may be interested in, and analysing data to help target offers to you that we think are of interest or relevance to you and/or to send you newsletters and communications about our events.
- Personal information which we obtain from Credit Reference Agencies and Fraud Prevention Agencies (see the section on ‘Fraud Prevention Agencies’ below), including credit information (for example, defaults, County Court Judgements) and shared credit history, financial situation and financial history
- Fraud, debt and theft information, including details of money you owe, suspected instances of fraud or theft, and details of any devices used for fraud
- Information about your health if you are a vulnerable customer (disability for VAT purposes)
- Insights about you and our customers gained from analysis or profiling of customers
3. What is the source of your personal information?
We will collect personal information from the following general sources:
- From you directly, and any information from family members, associates or beneficiaries of products and services
- Information generated about you when you use our products and services such as the information section out in section 2 above
- From other sources such as Fraud Prevention Agencies, Credit Reference Agencies, other lenders, HMRC, DWP, publically available directories and information (for example, telephone directory, social media, internet, news articles), debt recovery and/or tracing agents, other organisations to assist in prevention and detection of crime, police and law enforcement agencies
4. What do we use your personal data for?
We use your personal data, including any of the personal data listed in section 1 above, for the following purposes:
- Processing and managing your order for one of our products and/or services
- Updating your records, tracing your whereabouts for debt recovery purposes
- To improve the operation of our business and that of our business partners
- For management and auditing of our business operations including accounting
- To carry out checks at Credit Reference and Fraud Prevention Agencies pre-application, at application, and periodically thereafter
- To monitor and to keep records of our communications with you and our staff (see below)
- For market research and analysis and developing statistics
- For direct marketing communications, we will send marketing to you by SMS, email, phone, post, social media and digital channels (for example, using Facebook).
- To comply with legal and regulatory obligations, requirements and guidance
5. What are the legal grounds for our processing of your personal information (including when we share it with others)?
We rely on the following legal bases to use your personal data:
- Where it is needed to provide you with our products or services, such as:
a) Processing and managing products you hold with us, such as facilitating deliveries
b) Updating your records, tracing your whereabouts to contact you about your account for debt recovery purposes (where appropriate)
c) All stages and activities relevant to managing the product or service including enquiry, application, administration and management of accounts,
- Where it is in our legitimate interests to do so, such as:
a) Managing your products and services relating to that, updating your records, tracing your whereabouts to contact you about your account and doing this for recovering debt (where appropriate)
b) To follow guidance and recommended best practice of government and regulatory bodies
c) For management and audit of our business operations including accounting
d) To carry out searches at Credit Reference Agencies pre-application, at the application stage, and periodically after that. Where you have been introduced to us by a broker or other intermediary they may do these searches on our behalf
e) To carry out monitoring and to keep records of our communications with you and our staff (see below)
f) For direct marketing communications and related profiling to help us to offer you relevant products and services, including deciding whether or not to offer you certain products and service. We will send marketing to you by SMS, email, phone, post and social media and digital channels (for example, using Facebook)
- To comply with our legal obligations
a) We may share your personal information with regulatory and law enforcement bodies where required to do so by law. For example, where we suspect fraudulent activity
b) We may be required to maintain a record of your personal information in circumstances where we suspect unlawful activity or where an investigation is underway
- With your explicit consent:
a) For some of our processing of special categories of personal data such as about your health, such as disabled VAT form information.
6. When do we share your personal information with other organisations?
We may share information with the following third parties for the purposes listed above:
- Governmental and regulatory bodies such as HMRC.
- Other organisations and businesses who provide services to us such as debt recovery agencies, back up and server hosting providers, IT software and maintenance providers, document storage providers and suppliers of other back office functions
- Credit Reference and Fraud Prevention Agencies (see below)
7. How and when can you withdraw your consent?
Where we are relying upon your consent to process personal data, you can withdraw this at any time by contacting us. We currently do not rely on consent to collect, store and use personal data. Where we start relying on consent we will provide you with a clear method of providing your consent for the specified use of your personal data. You will also be able to withdraw your consent at any time by communicating your withdrawal to us on any of the above contact details.
8. Is your personal information transferred outside the UK or the EEA?
We’re based in the UK but sometimes your personal information may be transferred outside the European Economic Area. If we do so we’ll make sure that suitable safeguards are in place, for example by using approved contractual agreements, unless certain exceptions apply. In the absence of suitable safeguards we will obtain your explicit consent before the said transfer.
9. How do we share your information with credit reference agencies?
To process your application, we will perform credit and identity checks on you with one or more credit reference agencies (CRAs). To do this we will supply your personal information to CRAs and they will give us information about you. This will include information from your credit application and about your financial situation and financial history. CRAs will supply to us both public (including the electoral register) and shared credit, financial situation and financial history information and fraud prevention information.
We’ll use this information to:
- Assess your creditworthiness and whether you can afford to take the product
- Verify the accuracy of the data you have provided to us
- Prevent criminal activity, fraud and money laundering
- Manage your account(s)
- Assess payment methods available to you
- Trace and recover debts
- Make sure any offers provided to you are appropriate to your circumstances
We will continue to exchange information about you with CRAs while you have a relationship with us. We will also notify the CRAs about your settled accounts. When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders.
10. What should you do if your personal information changes?
11. Do you have to provide your personal information to us?
We are unable to provide you with our products or services if you do not provide certain information to us. In cases where providing some personal information is optional, we will make this clear.
12. Do we do any monitoring involving processing of your personal information?
In this section monitoring means any: viewing of, intercepting of, or taking and keeping records (as the case may be) of calls, email, text messages, social media messages, in person (face to face) meetings and other communications.
We may monitor where permitted by law and we will do this where the law requires it, or to comply with regulatory rules, to prevent or detect crime, in the interests of protecting the security of our communications systems and procedures and for quality control and staff training purposes. This information may be shared for the purposes described above.
13. For how long is your personal information retained by us?
Unless we explain otherwise to you, we will hold your personal information based on the following criteria:
- For as long as we have reasonable business needs, such as managing our relationship with you and managing our operations
- For as long as we provide goods and/or services to you and then for as long as someone could bring a claim against us which is six years under the Limitation Act 1980;
- Retention periods in line with legal and regulatory requirements or guidance; and/or
- Where we use your personal data to send you marketing communications, we will store your personal data for this use until you unsubscribe or object to this use of your personal data.
14. What are your rights under data protection laws?
Here is a list of the rights that all individuals have under data protection laws. They do not apply in all circumstances. If you wish to use any of them, we will explain at that time if they are engaged or not.
- The right to be informed about the processing of your personal information
- The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed
- The right to object to processing of your personal information
- The right to restrict processing of your personal information
- The right to have your personal information erased (the “right to be forgotten”)
- The right to request access to your personal information and to obtain information about how we process it
- The right to move, copy or transfer your personal information (“data portability”)
- The right to not be subject to automated decision making which has a legal effect or otherwise significantly affects you (including profiling)
- You have the right to complain to the Information Commissioner’s Office, which enforces data protection laws, if you are not happy with the way we use your personal data: https://ico.org.uk/.
You can lodge your initial complaint to us by contacting us on any of the above contact details.
15. Your right to object
You have the right to object to certain purposes for processing, in particular to data processed for direct marketing purposes and to data processed for certain reasons based on our legitimate interests. You can contact us by using any of the contact details set out above.
Whenever you are asked to fill in a form on the website, look for the tick box to indicate that you do not want the information to be used by us for direct marketing purposes.
16. What are your marketing preferences and what do they mean?
We may use your home address, phone numbers, email address and social media or digital channels (for example, Facebook, Google and message facilities in other platforms) to contact you according to your marketing preferences. You can stop our marketing at any time by contacting us using the details above or by following the instructions in the communication.
Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore you are advised to read the Privacy Policies of each website that you visit.