Privacy Policy

We are committed to protecting and respecting your privacy.
During the course of our activities we will collect, store and process personal information about
our customers, suppliers and other third parties. This policy explains the types of personal data we
may collect from you or that you provide to us and how it will be processed. It will also explain
how we’ll store and handle the data to keep it safe.
Who are we?
The data controller is Christopher Poole – Fine Bronze Harrogate.
16 Granville Road, Harrogate, North Yorkshire, HG1 1BY.
The information we may collect about you
We may collect, use, store and transfer different types of personal information about you,
including:
• Identity Data, such as your name, marital status, title, date of birth, gender, job title and
your employer
• Contact Data, such as your home and work addresses, personal and work email addresses
and personal and work telephone numbers
• Profile Data, such as your username, password, purchases or orders made by you, your
interests, preferences, feedback and survey responses
• Third Party Data, namely Identity Data, Contact Data and Document Data relating to your
business colleagues and other contacts
• Financial Data, such as bank account details
• Transaction Data, including details about payments to and from you, and other details of
services you purchase from us
• Technical Data, including IP addresses, log in data, browser type and version, time-zone
setting and location, browser plug-in types and versions, operating system and platform and
other technology on the devices you use to access our website
• Usage Data, including information about how you use our website, products and services
• Marketing Data, such as your preferences in receiving marketing from us and our third
parties, and your communication preferences.
How we collect your personal information
We may obtain personal information by directly interacting with you, such as:
• Receiving your instructions to provide goods and services and in the performance of those
services
• Corresponding with us by phone, email, letters or otherwise
• Meeting with you in our offices, at events or elsewhere
• Filling in forms on our website
• Participating in social media
• Giving us your business card
• Entering a competition, promotion or survey organised by us, or otherwise providing us with
feedback
• Subscribing to our services or publications, or otherwise requesting marketing material to be
sent to you
We may also obtain personal information via automated technology when you interact with our
website, remote support software or ticket systems by using cookies, server logs and other similar
technologies.
The legal basis for collecting data
We will only use your personal information when the law allows. Most commonly, we will use your
personal information in the following circumstances:
• You have given us consent.
• We need to perform a contract we are about to enter into, or have entered into, with you.
• Where it is necessary for our or a third party’s legitimate interests, in a way which might
reasonably be expected as part of running our business, and your interests and rights do not
override those interests
• Where we need to comply with a legal or regulatory obligation.
Purposes for which we may use your personal information
We use the information you provide to us to:
• Enable us to provide you with goods and services
• Carry out our obligations arising out of any contractual arrangement or terms and conditions.
• To process any orders that you make. This may include passing details to a third party to
supply or deliver products or services.
• Ensure our online content is presented in the most effective manner.
• Provide you with marketing information about us and our services (you may opt out from
receiving such information at any time).
• Notify you about changes to our services.
We will only use your personal information for the purpose(s) for which we collected it, unless we
reasonably consider that we need to use it for another reason and that reason is compatible with
the original purpose. If we need to use your personal information for an unrelated purpose, we will
notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in
compliance with the above rules, where this is required or permitted by law.
It may also be a contractual requirement for you to provide us with certain information. If you do
not provide us with that information, we may be unable to accept your instructions and/or provide
you with the full range of our goods and services.
How we protect your personal data
We take information security seriously. We also know how much data security matters to all our
customers.
All information you provide to us is stored on secure servers.
We will take all steps reasonably necessary to ensure that your data is treated securely, including
taking the following safeguards:
Firewalls and encryption. We apply industry-standard firewall protection and disk encryption
technology. Portable media has appropriate markings for secure transportation of data.
Two factor authentication (2FA) is used wherever possible for both online and on-premise systems.
Electronic access. All data stored electronically is password-protected. Where we have provided an
authorised user with a password, that user is responsible for keeping this password confidential
and is not permitted to share the password with anyone. Staff only have access to data on a need
to know basis.
Password management. Passwords for systems are centrally managed via a secure password vault
with granular level of controls for exposure of passwords to staff.
Training. We ensure all our employees are trained in the importance of data security.
Secure transfer of data. Where appropriate, we will send sensitive information such as passwords,
ID or banking details by secure online system to reduce the risk of data interception.
Overseas transfers. Whenever we transfer your personal information outside the United
Kingdom, we ensure a similar degree of protection is afforded to it by ensuring that we apply
appropriate safeguards (either by transferring data only to recipients in the European Economic
Area, to recipients in countries approved by the European Commission, to recipients that are party
to the EU-US Privacy Shield, or by using specific contracts approved by the European Commission).
Cookie policy
Cookies are small text files that are placed on your computer, smartphone or other device when
you access the internet.
Our website uses cookies to distinguish you from other users of our website. Cookies let users
navigate around the site and help us to provide you with a valuable browsing experience.
We use the following cookies:
Google Analytics, which uses cookies to help us analyse how our visitors use the site. Find out
more about how these cookies are used on the Google privacy site
How long will we keep your personal data?
Whenever we collect or process your personal data, we’ll only keep it for as long as is necessary
for the purpose for which it was collected.
For example, where we use or store your data because it is necessary for the performance of the
contract between you and us we will use or store your data for as long as it is necessary for the
performance of the contract between you and us.
Where we use or store your data because you have given us your specific, informed and
unambiguous consent we will use or store your data until you ask us to stop.
At the end of that retention period, your data will either be deleted completely or anonymised.
Your rights
You have various legal rights in relation to the information you give us, or which we collect about
you, as follows:
• You have a right to access the information we hold about you free-of-charge
• The correction of your personal data when incorrect, out of date or incomplete.
• You have the right to ask us to erase the information we hold about you (the ‘right to be
forgotten’). Please note that this right can only be exercised in certain circumstances and, if
you ask us to erase your information and we are unable to do so, we will explain why not.
• You have the right to ask us to stop using your information where: (i) the information we
hold about you is inaccurate; (ii) we are unlawfully using your information; (iii) we no longer
need to use the information; or (iv) we do not have a legitimate reason to use the
information. Please note that we may continue to store your information or use your
information for the purpose of legal proceedings or for protecting the rights of any other
person.
• You have the right to ask us to transmit the information we hold about you to another person
or company in a structured, commonly-used and machine-readable format. Please note that
this right can only be exercised in certain circumstances and, if you ask us to transmit your
information and we are unable to do so, we will explain why not.
• Where we use or store your information because it is necessary for our legitimate business
interests, you have the right to object to us using or storing your information. We will stop
using or storing your information unless we can demonstrate why we believe we have a
legitimate business interest which is more important than your interests, rights and
freedoms.
• Where we use/store your data because you have given us your specific, informed and
unambiguous consent, you have the right to withdraw your consent at any time.
• You have the right to object to us using/storing your information for direct marketing
purposes.
Direct marketing
You have the right to stop the use of your personal data for direct marketing activity through all
channels, or selected channels. We must always comply with your request.
Checking your identity
To protect the confidentiality of your information, we will ask you to verify your identity before
proceeding with any request you make under this Privacy Notice. If you have authorised a third
party to submit a request on your behalf, we will ask them to prove they have your permission to
act.
Opting out of receiving marketing communications
At any time you can ask us to stop sending you marketing communications by contacting us via
email to: christopherpoole1@yahoo.co.uk or by writing to the address at the top of this policy.
Automated decision-making
We do not use any automated decision-making processes.
Changes to our policy
If we make any changes to our policy in the future we will post the updated policy on our website
and, where appropriate, notify you by email or via social media. Please check our website frequently
to see any updates or changes to our policy.
Contact
Any questions or comments in relation to this policy should be sent to us in writing to the address
at the top of this policy, or by emailing us at: christopherpoole1@yahoo.co.uk