Graham Roofing (Scotland) Limited is committed to safeguarding the privacy of our website visitors and service users. The details on this page have been designed to answer the key questions you may have regarding Personal Data or Security. However, if you would like any further clarification, please get in touch with us by calling 0141 946 4488 or by emailing firstname.lastname@example.org.
The term ‘GRS’ or ‘us’ or ‘we’ refers to the owner of the website – Graham Roofing (Scotland) Limited
The term ‘you’ refers to the user or viewer of our website.
This policy is effective from 1st May 2018. However, we may update this policy from time to time and would recommend that you visit this page periodically to ensure that you are happy with any changes.
Our Role as the Data Controller
The Data Controller is a person or organisation who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.
We are the sole Data Controllers for this website. With respect to the personal data of our website users, we determine the purposes and means of the processing of that data.
Intended Website Users
This website is directed at business consumers, with the aim of informing them about our Company and the services we offer. The site and its content are therefore directed at adults over the age of 16. While those under the age of 16 can view the site and its content with the consent of a parent or legal guardian, users of our services are consumers above this age.
What Personal Data is Collected?
Any Personally Identifiable Information (PII) given to us while using our website is only shared with our trusted data processors.
Data is collected in the following ways:
Any information submitted through our contact forms, such as name, telephone number and email address will be held securely on our servers. Clear consent must be given to this Policy when submitting any data through our contact forms. All data will be stored until such point as the relevant enquiry and any associated work has been completed.
Contact form information may also be held in a backup of the website. Backups are stored for 30 days, after which they are deleted permanently. GRS will honour all rights of data subjects regarding their personal data, including the right to be forgotten. When a data subject asks to be forgotten, we will delete their personal data from the relevant production system within 28 days if there are no legal grounds for processing it further.
Analytics & Tracking
What are Cookies and how do we use them?
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. However, please be aware that this may prevent you from taking full advantage of the website.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
What we do with the information we gather?
Any Personally Identifiable Information (PII) that we gather from the website is used for internal record keeping, to better understand your needs and provide you with a better service. For clarity, our Contact Forms may collect the following personal data: company name, email address, first name, last name and phone number. We may also use the information to customise our website according to your interests. We will never use your information to contact you with marketing or promotional emails, unless you have expressly provided your consent beforehand.
Where is the Data held and processed?
We will sometimes be required to share data with trusted Third Parties who act as Data Processors on our behalf. Data will only be processed for the purposes of operating our website, providing our services, marketing (if consent is given), security, back-ups and communicating with you.
Data Processors are a person or organisation who deals with personal data as instructed by the controller for specific purposes and services offered to the controller that involve personal data processing.
To keep your data safe and protect your privacy, we have a strict policy with these organisations:
- The only data given to the Processor will be what they need to perform their specific services.
- We only give them permission to use the data for the exact purposes we agree in our contract with them.
- We only use trusted Data Processors with clear terms and conditions and policies to ensure full compliance with privacy legislation.
We will never share your data with third parties for their own purposes unless you have given explicit consent for us to do so.
This website is hosted on servers located in the United Kingdom. However, our trusted Data Processors may be required to transfer data outside of the EEA when acting on our behalf to provide services. This would only take place as a contingency measure in the event of a catastrophic loss of data, and thorough checks are carried out to ensure that any organisations used are all GDPR compliant for data transfer outside the EEA.
The following measures have been put in place to keep this website secure:
- All security is handled at three distinct levels: server level, platform level and 3rd party plugin level
- The website is scanned regularly for Malware, which is removed immediately if found
- Login attempts are limited at both site and server level, to protect against brute-force attacks
- Intelligent IP blocking detects intruders and blocks them across all sites on the servers within seconds
- All core updates are handled automatically by our hosting provider to ensure the site is running the most up-to-date and secure version of the system
- All backups are stored off-site and are encrypted
Controlling your personal information
You may choose to restrict the collection or use of your personal information in the following ways:
- If you wish to access, transfer or delete the data held on this website about you, please let us know. Once notified we can then initiate the process required
- If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at email@example.com
- You can also choose to accept or decline cookies using your browser settings.
Further information or questions?
If you have any questions about this policy, your data, how it is used and protected or deletion of this data, please contact us by calling 0141 946 4488 or by emailing firstname.lastname@example.org.