Our contact details are:
Tel: 0203 488 7888 Email: firstname.lastname@example.org
Our commitment to you
We respect your privacy and remain committed to protecting your personal data.
You should read this policy, and any other privacy policies we provide when we collect your data, so that you fully understand the ways in which we process your data. All OneClickPrinter privacy policies are intended to supplement one another, not override each other.
The data we collect from you
We will never collect or process special category data, or data relating to criminal convictions or offences, from you. This website is not intended for children and we do not knowingly collect data relating to children.
How we process your data, and our lawful bases
We collect and process your data on the following lawful bases
- In the performance of a contract
This means we process your data where it is necessary for the performance of a contract with you, or to take steps, at your request, before entering into such a contract.
- With legitimate interests
This means we process your data in the legitimate the interest of our business in order that we may provide to you to the best service/product and the most secure experience. We always consider and balance any potential impact on you and your rights before we process your personal data for our legitimate interests.
We will not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
In any instance where we’re processing your data based on legitimate interests, you still have the right to object to your data being processed in that manner. To do this please contact our Data Protection Officer.
- To comply with a legal or regulatory obligation
This means processing your personal data where it is necessary for compliance with a legal or regulatory obligation.
- With your consent
This means we’ve asked for your explicit consent to process your data in a certain way, and you’ve provided it.
We will not actively seek consent from customers to continue to send marketing emails to them beyond 25th May 2018, when the General Data Protection Regulation comes into effect.
We adopt this approach using the lawful basis of legitimate interests; assuming that you’d benefit from receiving information about offers and promotions. This type of processing is secure and presents a low risk to you. This practice is in line with the Privacy and Electronic Communications Regulation 2003.
If you would like to opt out of these marketing emails, you can do so by:
- Unsubscribing here or directly from any emails you’ve received from us; or
- Contact our Data Protection Officer to unsubscribe.
We will seek explicit consent from new website visitors in order to send marketing emails to them unless a purchase is make or clear interest in our product/services has been demonstrated (for example you have requested a quote or a sample book).
When a new customer purchases from our website, requests a quote or our sample book we will use their email address to send them details of our latest offers and product recommendations. Again, we adopt this approach using the lawful basis of legitimate interests, assuming that you would benefit from receiving such information as an existing customer.
If you do not want to receive these meails, instructions of how to opt out are displayed at the checkout. You may also use the above link or email to opt out or use the unsubscibe link contained within the emails themselves.
We will only use your personal data for the purposes we originally collected it. This is unless we need it for another reason that we believe is compatible with why we originally collected your data.
Who we share your data with
- External parties who are engaged so that our business can function properly. These parties include couriers whose we use to deliver our product to you, professional advisors, including lawyers, banks, auditors, insurers, IT service providers, contractors and companies who assist with out marketing;
- HM Revenue & Customs, regulators and other UK authorities as requires by law;
- Third parties whom we may choose to sell, transfer, or merg parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge wuth them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice;
- Any refer a friend service provider but only with your consent.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
We fully support your rights. If you ever feel this is not the case please contact our Data Protection Officer or the Information Commissioner’s Office to discuss the matter further.
At any point you can exercise your:
- Right of access – contact us for a copy of the data we hold about you.
- Right of rectification – let us know if the data we hold is out of date or inaccurate and we’ll update it.
- Right to be forgotten – if you no longer want to use our services, please contact us and we’ll delete all related data where we’re able to.
- Right to restrict processing – we only ever collect the data we need and actively ensure we’re never collecting anything over and above that need.
- Right of portability – we will support reasonable requests to transfer your data to another organisation should you require it.
- Right to object to automated decision making and profiling- we do not currently use any automated profiling of any description. In the event you’re ever unhappy with the way we’re processing your data please contact our Data Protection Officer.
In the event we ever need to refuse your rights we will provide you with a reason why. You will then have the right to complain to the supervisory authority as outlined below.
We only transfer your data outside of the European Economic Area (EEA) when we utilise the services of carefully selected external third parties based in the United States of America.
Each one of these providers participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S Privacy Shield Framework
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.
We engage a small, trusted group of GDPR compliant data processors. They will only process your personal data on our instructions, they are party to a data processing agreement with us which includes a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are required to do so.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
When determining the appropriate retention period for personal data we consider:
- the amount, nature, and sensitivity of the personal data;
- the potential risk posed to you by unauthorised use or disclosure of that data;
- the purposes for which we process it;
- any applicable legal requirements; and
- whether we can achieve those purposes through other means.
Details of retention periods relating to your personal data can be requested from our Data Protection Officer.
In some circumstances you can ask us to delete your data. In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes. In these instances we are able use this information indefinitely without further notice to you.
Automated Decision Making
We do not make any decisions about you based on the automated processing of your personal data.
Subject Access Requests
You will not have to pay a fee to access your personal data (or to exercise any of the other rights).
However, we may charge a reasonable admin fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.