Data Protection Privacy Notice

Data Protection Privacy Notice

Active Bike Co Ltd is committed to protect your privacy and want to ensure that all of the information we hold about you is correct, relevant and secure. We are bound by data protection legislation and are committed to protecting your privacy. More information about how we do this and how we use your information is set out below.  

In order to best serve your interests in using our services or in contracting with suppliers, parts and contractors, or in connection with a company marketing event that might be of interest to you we will require certain information from you including your contact details.

Please read this Notice on data protection carefully. If you have any questions or requests, then please contact admin@activebike.co or in writing to Active Bike Co Ltd, 3 Elm Park, Bosham, PO18 8PD.

DATA PROTECTION

This Privacy Notice is a “privacy notice” for the purposes of Applicable Data Protection Law, and in particular the European Union’s General Data Protection Regulation (“GDPR“), given by Active Bike Co Ltd when acting in its capacity as a data controller in relation to its collection and use of Personal Data.

References to (a) “we”, “us”, or “our” mean Active Bike Co Ltd, and (b) “you”, or “your” refer to you. References to “your information” includes but is not limited to your personal data.

Purpose of Data Protection

The purpose of data protection legislation is to protect the rights and privacy of individuals (“Data Subjects”) in respect of the Processing of Personal Data concerning them. “Personal Data” is any information relating to an identified or identifiable natural person (known as a “data subject”). A person is “identifiable” if he or she can be identified, directly or indirectly, not only by things such as a name or an identification number, but also by things such as location data or some factor specific to (for example) the physical, physiological or social identity of that person. More common examples of Personal Data include names, identification numbers, contact information, identity documents, medical records and photographic images. “Processing” covers any activity involving Personal Data and includes such things as the collection, recording, storage, adaptation, use, disclosure and destruction of Personal Data.

Active Bike Co Ltd will Process Personal Data in accordance with Applicable Data Protection Law.

Our Policies

We have policies and procedures that aim to ensure that all our staff, contractors and others that we work with and who Process any Personal Data held by us, or on our behalf, wherever in the world, are aware of, and abide by, their duties under Applicable Data Protection Law and as set out in the GDPR, which requires among other things that Personal Data must be:

  1. processed lawfully, fairly and in a transparent manner
  2. collected for lawful purposes that are clearly specified and only further processed for compatible purposes;
  3. relevant and limited to what is necessary for the purposes of the processing;
  4. accurate and kept up to date, with inaccurate Personal Data being erased or rectified without delay;
  5. kept for no longer than is necessary; and
  6. processed in a secure manner, including protection against unauthorised or unlawful      processing and against accidental loss, destruction or damage.

What information do you collect and use about me?

We collect and use the all or some of the following information about you (a) your name, address, phone numbers, email address, nationality, residential address, banking and financial details, and (b) any other information which we reasonably need to comply with our legal obligations. In particular:

Investors, Legal and Beneficial Owners and Beneficiaries We deal with individuals and various types of organisations that are connected with clients, such as owners and investors and beneficiaries,

As a person connected with a potential client and (if applicable) then a client that falls under this paragraph, the Personal Data that we Process about you will include personal and/or professional contact details (addresses, telephone numbers, email addresses), copy identity documents and proofs of address, copy professional and educational certificates and data to facilitate tax information exchange.

Other Client-Connected People: Advisers and Regulators We also deal with those organisations that provide professional advice or services to us or to our clients, those that supervise and regulate us and our clients, those that supply goods and services to us and our past, present and (in the case of job applicants) future staff.

As an “Other Client-Connected” person, the Personal Data that we Process about you may include personal and/or professional contact details (addresses, telephone numbers, email addresses).

Contractor/ Suppliers (and potential contractors/suppliers) As a potential contractor or supplier and then (if applicable) as a contractor or supplier, the Personal Data that we Process will include personal and/or professional contact details (addresses, telephone numbers, email addresses), documents and other proofs of standing and reputation and details of bank accounts and/or other payment details.

Potential employees

If you are an applicant for a job with us (a potential employee), the Personal Data that we Process about you will include:

1. your name, address and contact details, including telephone numbers and email addresses;

2. details of your qualifications, skills, experience and employment history;

3. information about your current level of remuneration, including entitlement to benefits;

4. whether or not you have a disability that we may need to make adjustments for during the recruitment process;

5. information about your entitlement to reside and/or work in the place where you have applied for a job; and

6. equal opportunity monitoring information, including information about your ethnic origin, sexual orientation, health and religion or beliefs.

If your application for a job with us is unsuccessful, we will retain your Personal Data for 6 months after the date on which we inform you (or any recruitment agency through which you have applied to us) that your application was unsuccessful, unless you ask us to retain your details on file for a longer period. We will delete any Personal Information no longer required and will do so in an appropriate and secure manner.

If your application for a job with us is successful, our retention of your Personal Data will be governed by our separate policy on staff Personal Data, which will be made available to you by our HR department as part of your becoming a member of staff.

Enquirers and visitors to our website

You may give us Personal Data by filling in a contact form on our website or by corresponding with us by email. In each of the above cases, the Personal Data that we Process will include personal and/or professional contact details (addresses, telephone numbers, email addresses) and, if you leave a voicemail message with us, that message may be Processed in a similar manner to email and postal correspondence. If you have stated contact preferences for service and/or jurisdiction updates and/or events that we may organise or participate in, we will also Process that information.

We will also automatically collect certain information each time you visit our website. This includes:

1. technical information including the Internet Protocol (IP) address used to connect your computing device to the Internet, your browser type and version, time zone setting, operating system and platform;

2. information about your visit which may include the pages viewed, page response times; and

3. your country of location by reference to a look-up of your IP address against public sources.

4. our website also uses cookies and/or similar technologies to collect and store certain information about your interaction with our website.

How do you collect my information?

We collect information about you in a number of ways (a) information you provide to us through the process of obtaining a quote, (b) information you provide through communications with us in the process of purchasing any of our products or services (c) contracting with suppliers and contractors and (d) from third parties to verify for due diligence purposes.

How do you use my information?

We will process your information to:

(a) commission a search to verify your identity and due diligence where applicable. The legal basis for this processing is for our compliance with a legal obligation to which we are subject;

(b) identify, develop or improve our products and services. The legal basis for this processing is our legitimate interests, namely the proper administration and operation of our business as well as to monitor our business, products and services;

(c) carry out, monitor and analyse our business. The legal basis for this processing is our legitimate interests, namely the proper administration and operation of our business;

(d) identify, prevent, detect or tackle fraud, money laundering, terrorism and other crimes. The legal basis for this processing is for our compliance with a legal obligation to which we are subject;

(e) design and hosting of our software by our software provider. The legal basis for this processing is our legitimate interests, namely the proper administration and operation of our business;

(f) share your applicant information, and personal data, application and your search results with other firms, organisations or persons we use. The legal basis for this processing is our legitimate interests, namely the proper administration and operation of our business, the collection of payments or the provision of a product or service on your behalf;

(g) operate and manage your file and manage any sale/purchase or brokerage, agreement or other contract and/or correspondence you may have with us. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract;

(h) create a limited profile of you as an individual as part of your family or business or other transaction we are assisting with. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract; and to identify, develop or improve our products and services

(i) carry out market research (e.g. surveys), business and statistical analysis (e.g. develop statistical models). The legal basis for this processing is our legitimate interests, namely the proper administration and operation of our business as well as to monitor and improve our business;

(j) provide information to independent external bodies such as governmental departments and agencies and similar to carry out research. Where we are legally compelled to provide the information, the legal basis for this processing is for our compliance with a legal obligation to which we are subject. Where we are not legally compelled to provide the information, the legal basis for this processing is our legitimate interests, namely to provide information that can be highly useful to such external bodies and beneficial to society at large;

(k) carry out audits. The legal basis for this processing is our legitimate interests, namely the proper administration and operation of our business as well as to monitor and improve our business and services;

(l) perform other administrative and operational purposes. The legal basis for this processing is our legitimate interests, namely the proper administration and operation of our business;

(m) trace your whereabouts.The legal basis for this processing is our legitimate interests, namely the proper administration and operation of our business and to communicate with you;

(n) retain, store and archive the information. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract and our legitimate interests, namely the proper administration and operation of our business, to comply with our legal and regulatory obligations, and the protection and assertion of our legal rights, your legal rights and the legal rights of others.

(o) to delete it when the information is no longer retained by us. The legal basis for this processing is our legitimate interests, namely the proper administration and operation of our business and our compliance with a legal obligation to which we are subject;

(p) a successor in interest as part of a corporate re-organisation or purchase of our business or company or in the unlikely event of an insolvency event such as a liquidation, insolvency, bankruptcy or administration. In the case of an insolvency event, our customer database may be sold separately from the rest of our business, in whole or in a number of parts. It could be that the purchaser’s business is different from ours too;

(q) any firm, organisation or person to whom we sell or transfer (or enter into negotiations to sell or transfer) our business or any of our rights or obligations under any agreement we may have with you. If the transfer or sale goes ahead, the transferee or purchaser may use your information in the same way as us. However, use of your personal data will remain subject to this Notice

(r) when and to the extent necessary to comply with our legal and regulatory obligations; and

(s) (where necessary) for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.

Your information may also be used for other purposes for which you give your permission, where we are permitted to do so by law, or it is in the public interest to disclose the information or is otherwise permitted under the terms of the Data Protection Act 1998 and other applicable laws such as the General Data Protection Regulation.

With whom do you share my information?

We may share information about you with: (a) any firm, organisation or person who provides us with products or services or who we provide products and services to and organisations such as information cloud storage and IT. These providers have limited access to your information to perform these tasks on our behalf and are contractually obligated to use it consistently with this Notice (b) government or regulatory authorities when ordered or required to do so in order to identify, prevent, detect or tackle fraud, money laundering, terrorism and other crimes – this is to ensure our compliance with our legal and regulatory obligations (Article 6(1)(c), General Data Protection Regulation), (c) any firm, organisation or person to whom we sell or transfer (or enter into negotiations to sell or transfer) our business or any of our rights or obligations under any agreement we may have with you. If the transfer or sale goes ahead, the transferee or purchaser may use your information in the same way as us, (d) regulatory and governmental authorities, ombudsmen, or other authorities, including tax authorities where we are requested by them to do so.  We do not sell or otherwise pass on your contact details to any third party for marketing purposes.

Transfer of Information, Security & Retention

We may transfer your information to a supplier/contractor in a country outside the European Economic Area (EEA) but will ensure that there is adequate protection as required by applicable data protection laws. We take appropriate technical and organisational measures to guard against unauthorised or unlawful processing of the information we hold about you and against accidental loss or destruction of, or damage to, such information.  

We take appropriate technical and organisational measures to guard against unauthorised or unlawful processing of the information we hold about you and against accidental loss or destruction of, or damage to, such information.

This section sets out our data retention policies and procedures, which are designed to help ensure that we comply with our legal and regulatory obligations in relation to the retention and deletion of personal data. Information that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.

We will retain your information for two years or as long as we are required by law. During the aforementioned periods your data is kept on-line and with a cloud provider in the UK. At the end of the period of retention your data is deleted. No paper versions of your data are collected or retained for any period. However, we may retain your information where such retention is necessary for our compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of others.

Your information may also be used by us to meet legal, regulatory or administrative obligations. We may transfer your information to to supervisory or judicial authorities dealing with, financial control, the fight against money-laundering, the financing of terrorism and the application of financial sanctions.

Your information will be processed electronically by us. Your telephone conversations with staff may be monitored and recorded to improve the quality of our service to you. Your information may be communicated by us to subcontractors and duly authorised partners for the sole purposes of implementing the aims stated above. Your information may be transferred to subcontractors established in countries not members of the European Economic Area (EEA). In this case we will, in order to ensure the security and confidentiality of your information, determine the terms and conditions for working with these subcontractors within a detailed contractual framework.

Your rights

In this section, we summarise the rights that you have under applicable data protection laws. Some of the rights are complex, and not all of the details have been included in our summaries below. Accordingly, you should read the applicable data protection laws and guidance from the UK Information Commissioner for a fuller explanation of these rights. You can do so by using this link https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/.

You have the right to require that we:

· provide you with certain personal information we hold about you. This is called a data subject access Request.

· correct errors in your personal information and/or erase it, if you think that information we hold about you is inaccurate, incomplete or simply out of date.

· delete personal information we hold about you, if you think that holding such information is no longer justified.

· restrict the processing of your personal information e. g. you no longer want to be contacted about our products or services or the products or services of our selected partners.

· provide you with a copy of the personal information we hold about you or transfer it to a third party you tell us about.

· Advise your right to complain to the UK Information Commissioner: If you consider that our processing of your personal data infringes the applicable data protection laws, you have a legal right to lodge a complaint with the UK Information Commissioner (www.ico.org.uk) which is the UK data protection regulatory body.

In order to exercise your rights, please contact us by writing to admin@activebike.co or at the address given above.

Changes

We regularly review this Data Protection Privacy Notice to make sure that we continue to serve your privacy interests. We may make changes to it from time to time. However, we will notify you only of major changes. Such a major change could be a change in the law that affects your rights or we make changes to the list of companies that we share your information we use.

We intend to rely on this Notice for the services we provide. If you do not understand any point, please ask for further information