Sidney Graham (Business Supplies) Ltd General Data Protection Regulation Statement

How we use personal data about you in accordance with the General Data Protection Regulation.

Sidney Graham Ltd take data privacy seriously and under EU GDPR we have adopted a robust approach to both monitoring and protecting our clients data, ensuring we take organisational, technical and administrative measures to keep your data secure.

Sidney Graham Ltd will be the ‘Controller’ of the personal data you provide to us. We only collect basic personal data about you which does not include any special categories of personal information about you. This does however include name, address, e-mail, telephone number, financial information (payment information).

We need to know your basic personal data to;

  • provide goods and services to you
  • process your orders
  • provide you with marketing information
  • tell you about our products and services.
We will not collect any personal data from you we do not need to provide and oversee this service to you.  We only ever use your personal data with your consent.
We may process personal information for certain business purposes, which include some or all of the following;
  • where the processing enables us to enhance, modify, personalise or otherwise improve our services/communications for the benefit our customers
  • to identify and prevent fraud
  • to better understand how people interact with our websites
  • to provide postal and e-mail communications which we think will be of interest to you
  • to determine the effectiveness of promotional campaigns advertising.
Whenever we process data for these purposes we will ensure that we always keep your personal data rights in high regard and take account of these rights at all times. When we process your data, we will make sure that we consider and balance any potential impact on you, and your rights under data protection laws. You have the right to object to this processing if you wish, and if you wish to do so please contact our Customer Service team. Please bear in mind that if you object this may affect our ability to carry out tasks above for your benefit.

We are based in the UK and we store our data within the EU. Some organisations which provide services to us may transfer personal data outside of the EU, but we will only allow them to do if your data is adequately protected.

We will only use and store information for so long as it is required for the purposes it was collected. How long information will be stored depends on the information in question and what it is being used for. For example, if you ask us not to send you marketing e-mails, we will stop storing your e-mail address for marketing.

We continually review what information we hold and delete what is no longer required. We will not retain your data for any long than necessary and the longest time that we will hold your data will be seven years.

We want to ensure that you remain in control of your personal data. Part of this is making sure you understand your legal rights, which are as follow:
  • the right to confirmation as to whether we have your personal data, if we do, to obtain a copy of the personal information we hold
  • the right to have your data erased 
  • the right to have inaccurate data rectified
  • the right to object to your data being used for marketing purposes
  • where technically feasible, you have the right to personal data you have provided to us which we process automatically based on your consent or the performance of a contract. This information will be provided in a common electronic format.