Privacy and Cookies Notice
This notice applies to Aurora Kendrick James Limited (Aurora). When we refer to “we”, “our” or “us” we are referring to Aurora Kendrick James Limited of Lindred House, 20 Lindred Road, Brierfield, Nelson, BB9 5SR (Company No. 05425077) and its subsidiaries or any of them as the context so requires.
We regularly review our policies and any changes will be posted on our website. This notice was last reviewed and updated in August 2019.
Any links from our website to other websites are provided merely for your convenience and do not imply our endorsement of the content or the provider. If you follow a link to any of these websites, you do so at your own risk and we do not accept any responsibility or liability for the content of such websites.
Aurora pays a data protection fee under the Data Protection (Charges and Information) Regulations 2018 and our registration number is ZA154556.
By using our websites or by registering for any of the products and services we offer through it, you are confirming to us that you understand and accept that your personal information may be used by us in the manner described below.
2. INFORMATION WE MAY COLLECT ABOUT YOU AND WHY
We will not process more information about you than is necessary. We may process the following data about you:
- your name and contact details, such as your address, telephone number and email address
- employment details such as the name of the company you work for, your work contact details (address, email, phone number) and job title
- account details such as any products and services you have subscribed to and how they are used, contractual agreements, transactional and financial details and passwords
- any information provided when you report a problem with our website
- your communications with us (including email and phone conversations)
- your responses to any surveys you may complete
- details of your visits to our website including, but not limited to, cookie data, traffic data, location data, weblogs and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access
- information used to verify your identity such as photographic ID or data obtained via a credit reference check
Special category data, such as data about your racial or ethnic origin, your physical or mental health or your religious beliefs, and data relating to criminal convictions and offences require additional protection. We try to limit the circumstances in which we collect sensitive personal data of this kind and will only process this type of data with your explicit consent.
The provision of some data is a contractual requirement or a requirement necessary to enter into a contract. You are not obliged to provide this data, but if you do not, then we may be unable to enter into a contract with you or fully perform the contract we have entered into with you. In some cases, it may lead to the termination of your contract with us.
We will collect this information directly from you and from third parties, such as your employer and credit reference agencies.
We can only use your personal data if we have a proper reason for doing so. We will only use your data for one or more of these reasons:
- To fulfil a contract we have with you or take steps in order to enter into a contract with you
- If we have a legal duty to use your data for a particular reason
- When you consent to it
- When it is in our legitimate interests
Legitimate interests are our business or commercial reasons for using your data, but even so, we will not unfairly put our legitimate interests above what is best for you. Where we use your data for market research, training, credit reference and fraud prevention checks, defending or bringing claims and sending some types marketing, we do so because it is in our legitimate interests of developing and running an efficient and effective business.
We may share personal data with prospective buyers in the event that the business is sold, merged, reorganised or similar.
- Uses made of the information
We may use information held about you in the following ways:
- to ensure that content from our website is presented in the most effective manner for you and for your computer
- to provide you with information, products or services that you request from us or which we feel may be of interest to you
- to audit the usage of our website
- to carry out our obligations arising from any contract entered into between you and us or take steps to enter into a contract with you
- for training purposes, quality assurance or to record details about the products and services you order from us
- to satisfy and meet our legal and regulatory requirements
- to allow you to participate in interactive features of our services, when you choose to do so
- to notify you about changes to our products and services
- to carry out credit and fraud prevention checks
- to carry out market research
- to defend or bring claims
We will only retain your personal data for as long as is necessary. The retention period will vary depending on the type of personal data concerned. In order to determine the retention period we take into account the nature of the personal data, the purpose(s) for processing it, your relationship with us, any legal and regulatory requirements and any industry standards and guidelines. Once we no longer need your personal data, it will be securely destroyed.
- Disclosure of your information
Aurora is part of the Daisy Group of companies and we may disclose your personal information to any member of the Daisy Group of companies.
We may disclose your personal information to third parties if we are under a duty to disclose your personal information in order to comply with any legal or regulatory obligation; in order to enforce or apply our terms and conditions and other agreements; or to protect the rights, property, or safety of our customers or others. This includes sharing information with third parties in order to assist with the services and products we are providing to you such as business partners, network operators, customer service providers, credit and fraud protection agencies and payment transaction services. In the event that the business is being sold, merged, reorganised or similar we may disclose your data to prospective buyers.
Where we share your personal data with other organisations, we will take all reasonable measures to make sure it is properly protected, as far as is possible.
- Transfers of data outside of the EEA
In order to provide you with requested products and services we may need to transfer your personal information to service partners based in countries outside the European Economic Area (EEA). This does not diminish your rights. Where such transfers do occur, we will ensure your personal data is protected in a manner that is equivalent to the way it would be protected within the EEA and in accordance with this Privacy & Cookies Notice. We will only make such a transfer where:
- A decision has been made by the European Commission that a place provides adequate protection for your personal data; or
- We have put appropriate safeguards in place to protect your personal data such as standard contractual clauses; or
- We rely on a specific ground for the transfer (called a derogation), such as your consent.
If you would like details of the specific safeguards in place, please contact us using the contact details at the end of this notice.
- IP addresses and cookies
- IP addresses
We may collect information about your computer, including where available your IP address, operating system and browser type for system administration. This is statistical data about our users’ browsing actions and patterns, and does not identify any individual.
Cookies are small pieces of information in the form of text files that are sent to your browser from our web server and are stored on your device.
We do not store any personal information in the cookie; they are designed only to collect information of an anonymous nature. We will not combine such anonymous information with your personal details.
- To gather information which allows us to identify your platform and record enquiries so we may improve customer experience and identify issues on the website
- To help ensure you are provided with correct and useful information during your visit to our website
- To collect data which allows us to improve our services based on your purchases and website usage
- Cookies in use
The cookies we use can be split into different functions as explained in the table below:
The cookies we use, the reason for using them and the duration for which they are stored, are as follows:
We may from time to time, via secure means, upload data into Google. The data is ‘hashed’ so that it is an anonymous data sequence.
We may from time to time add different cookies to test systems to make your user experience better. We will not use or keep any of the data captured during these trials.
If you click ‘accept’ you are providing your consent to those cookie settings and unless and until you change your settings, you’ve agreed to them. Additionally, if you change the settings using your browser settings, you are giving your consent to our use of those cookies which you have not disabled.
- How to reject and manage cookies
You can choose to opt out of cookies on the notice provided on our website or in your browser settings. How you do this will depend upon the browser you are using. More information on cookies, their use and how to accept or reject them can be found at www.allaboutcookies.org.
To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout
As our cookies are largely aimed at improving the user experience on the website, you may find that if you block certain cookies you may experience deterioration in the service you receive.
- Your rights and how to contact us
Data protection legislation provides you with the following rights regarding your personal data:
- The right to access a copy of the personal data we hold about you (commonly known as a subject access request (SAR))
- The right to rectify the personal data we hold about you where it is inaccurate or incomplete
- The right to have the personal data we hold about you deleted (commonly known as the right to be forgotten)
- The right to restrict the way we use your personal data
- The right to data portability e.g. to get your personal data from us in a commonly used and machine readable format or ask us to transfer it to another organisation
- The right to object to the way we process your personal data
You can access and amend some data and opt out of marketing by using our privacy centre or logging into your account.
In addition to these rights, if you gave us consent to use your data e.g. so that we can send you marketing emails, you can withdraw your consent at any time and free of charge. Information on how to do this is on each marketing email you receive as well as the preference centre.
Often, how we deal with data subject rights will be through our business as usual processes. There are some rights that we will always comply with, such as an objection to receiving direct marketing. However, we are not obliged to comply with all requests we receive. If there is a legitimate reason why we cannot comply with a request you make, for example a legal requirement may mean we have to keep your data even if you have requested that we delete it, we will let you know. We aim to respond to you within one month of receiving your request. However, we are permitted to extend this timeframe by an extra two months, where necessary. If this is the case, we will let you know within a month of receiving your request.
We will not charge you for exercising your rights, unless the request is manifestly unfounded or excessive, in which case we may charge a reasonable fee for our administrative costs or refuse to act on your request. We may also charge a reasonable fee for additional copies of data. We may require identification from you before we can consider your request. If identification or a fee is required or we are refusing to act on your request, we will let you know without undue delay.
If you have any queries about this notice or would like to exercise any of your rights you can contact our Data Protection Officer at firstname.lastname@example.org or at Lindred House, 20 Lindred Road, Brierfield, Nelson, BB9 5SR.
Whilst we always endeavour to resolve your concerns, you also have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner. Please visit the Information Commissioner’s Office’s website for more information on how to do this – www.ico.org.uk