Privacy Notice
The General Data Protection Regulation (the “GDPR”) seeks to protect and enhance the rights of data subjects. Wes Futures Ltd (Company Number 5067712) whose registered office is at 4 Arlington Square, South Woodham Ferrers, Essex, CM3 7BF (“the Company’”) is committed to protecting and respecting your privacy. The Company recognises the importance of the correct and treatment of personal information will only use personal information as set out in this Privacy Notice.
This Privacy Notice sets out how the Company collects and uses any information that you give us. The expressions “we”, “us” and “our” refer to the Company.
We may change this Privacy Notice at any time by updating this page, so you should therefore check the Website from time to time to ensure you are aware of any changes. By registering, placing an order or creating a transaction, you consent to the collection, use and transfer of your information and the data you provide, under the terms of this policy unless you expressly inform us otherwise.
It is important that you read this Privacy Notice, together with any terms and conditions of the Company that we may provide on specific occasions when we are collecting or processing personal information about you, so that you are aware of how and why we are using such personal information.
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.
Who are we?
The Company is an Interior fit out contractor firm which trades under the name Wes Futures and provides fit out and building services to its clients.
In what capacity will the Company hold personal information about you?
During providing its services, the Company will compile and hold certain personal information about living individuals for the purposes of providing fit out and building services to its clients. This may include personal information about current and past employees; customers of the Company; suppliers and others with whom we communicate and other third parties. In providing these services, we will act as both a Data Processor and, in some instances, as a Data Controller in respect of your personal information.
How is your personal information collected?
We use different methods to collect personal information from and about you.
Directly from you: Typically, the personal information that we collect about you will be the personal information that is input onto the Website. In some instances, however, it could be provided in other electronic formats, on application forms, or in other communications which may be in writing, by telephone, via the internet and email or by any other means.
From third parties: We will also gather personal information from other sources, including from contacts and their customers, reference agencies and contractors.
What personal information will the Company hold about you?
Personal information means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal information about you, as follows:
- full name and title
- contact information including email addresses and postal addresses (current & previous), telephone numbers and fax numbers
- qualifications and employment history
- criminal convictions
- marital status
- date of birth
- national insurance number
- identification or supporting documents (such as passport, driving license, birth certificate, utility bill etc.)
- gender
- bank details
- customer data
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data).
How will the Company use personal information held about you?
We will only use your personal information when the law allows us to. We will use your personal data where we need to: (a) to meet our contractual obligations under our agreement with you; (b) where it is necessary for our legitimate interests (or those of a third party and your interests and fundamental rights do not override those interests; or (c) where we need to comply with a legal or regulatory obligation. In summary this means we use your personal information to fulfil the provision of the service the person has requested and for other closely related purposes; support the validation of information and data; and provide transactional functionality,
Most commonly, we will use your personal information in the following circumstances and for the purposes of:
| Purpose/Activity | Lawful Basis for Processing |
| Internal record keeping | (a) Performance of a contract with you (b) Necessary to comply with a legal obligation (c) Necessary for our legitimate interests *1 |
| Undertaking checks with third parties | (a) Performance of a contract with you (b) Necessary to comply with a legal obligation |
| Contacting any third parties mentioned by you on your application form/provision of information to obtain further information, references or clarification on the data provided | (a) Performance of a contract with you |
| Prevention and detection of crime (and the prosecution of criminal activities) | (a) Performance of a contract with you (b) Necessary to comply with a legal obligation (c) Necessary for our legitimate interests *2 |
| Identity and credit checks | (a) Performance of a contract with you |
| Providing this information to agents or subcontractors so they can assist us with the website and/or the services | (a) Necessary for our legitimate interests *3 (b)Necessary to comply with a legal obligation |
| Establishing a database | (a) Performance of a contract with you |
| Compliance with applicable laws and regulations | (a) Necessary to comply with a legal obligation |
- To keep our records updated and to study how customers use our products/services
- For running our business
- For running our business, provision of administration and IT services, network security and to prevent fraud
Change of purpose
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Disclosure of your personal information
The Company may share the personal information that it has about you with other companies and with any organisation the other companies may appoint to carry out the services in the future (collectively, the “Relevant Parties”).
Your personal information may also be disclosed to the following parties:
- employees of the Relevant Parties;
- affiliates of the Relevant Parties;
- group companies of the Relevant Parties;
- successors in title to the business of the Relevant Parties;
- providers of IT solutions to the Relevant Parties;
- third party consultants, contractors or other service providers who may access the personal information when providing services to the Relevant Parties (including but not limited to IT support services);
- government bodies, law enforcement agencies, regulatory bodies, legal societies, trade associations and in response to other legal or regulatory requests from similar third parties;
- legal advisers, auditors, contractors or other advisers auditing, assisting with or advising on any of the business purposes of the Relevant Parties.
If you give us personal information regarding another person, you are confirming they have given you permission to provide their personal information to us to be able to process their personal information and that you have advised them that their personal information will be passed to the Company.
Will your personal information be transferred to other countries?
We may need to share personal information with third parties in both the UK and internationally for a variety of reasons. We require third parties to respect the security of your personal information and to treat it in accordance with the law. We may transfer your personal information outside the EU. If we do, you can expect a similar degree of protection in respect of your personal information.
We may transfer the personal information we collect about you to countries outside the EU in order to process your personal information on one of the grounds listed above. It is possible that the European Commission will have deemed such countries adequate. This means we can transfer your personal information to those countries as they will provide an adequate level of protection for your personal information.
However, not all countries to which we may transfer your personal information will be deemed adequate by the European Commission. To ensure that your personal information does receive an adequate level of protection we will put in place standard contractual clauses approved by the European Commission with those third parties wherever necessary. This ensures that your personal information is treated in the same way.
What happens if you choose not to provide us with personal information or are unable to provide us with personal information?
If you fail to provide certain personal information when requested, we may not be able to perform the agreement we have entered with you, or we may be prevented from complying with our legal obligations. If you are unable or not willing to provide personal information this may also impact our ability to progress with your employment or project if work related.
Data Subject Rights
The Company has processes in place to ensure that it can facilitate any request made by an individual to exercise their rights under data protection law. All staff have received training and are aware of the rights of data subjects. Staff can identify such a request and know who to send it to.
All requests will be considered without undue delay and within one month of receipt as far as possible.
Subject access: the right to request information about how personal data is being processed, including whether personal data is being processed, and the right to be allowed access to that data and to be provided with a copy of that data along with the right to obtain the following information:
- the purpose of the processing
- the categories of personal data
- the recipients to whom data has been disclosed or which will be disclosed
- the retention periods
- the right to lodge a complaint with the Information Commissioner’s Office
- the source of the information if not collected direct from the subject, and
- the existence of any automated decision making
Rectification: the right to allow a data subject to rectify inaccurate personal data concerning them.
Erasure: the right to have data erased and to have confirmation of erasure, but only where:
- the data is no longer necessary in relation to the purpose for which it was collected, or
- where consent is withdrawn, or
- where there is no legal basis for the processing, or
- there is a legal obligation to delete data
Restriction of processing: the right to ask for certain processing to be restricted in the following circumstances:
- if the accuracy of the personal data is being contested, or
- if our processing is unlawful but the data subject does not want it erased, or
- if the data is no longer needed for the processing but it is required by the data subject for the establishment, exercise or defence of legal claims, or
- if the data subject has objected to the processing, pending verification of that objection
Data portability: the right to receive a copy of personal data which has been provided by the data subject and which is processed by automated means in a format which will allow the individual to transfer the data to another data controller. This would only apply if the Company was processing the data using consent or on the basis of a contract.
Object to processing: the right to object to the processing of personal data relying on the legitimate interests processing condition unless the Company can demonstrate compelling legitimate grounds for the processing which override the interests of the data subject or for the establishment, exercise or defence of legal claims.
If you have any concerns or wish to exercise any of your rights, then you can contact the data protection lead in the following ways:
Name: Westley Hood
Address: 4 Arlington Square, South Woodham Ferrers, Essex, CM3 7BF
Email: westleyhood@wesfutures.com
Telephone: 01245 327448
How long will the Company retain your personal information for?
We will only retain your personal information for the duration of our agreement with you and for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements. In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such personal information without further notice to you.
Security
We have put in place measures to protect the security of your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.
However, the internet is not a secure medium, but we are committed to ensuring that your personal information is secure. To prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the personal information we collect. We will use our best efforts to ensure that no unauthorised parties have access to any of your personal information and we restrict access to non-public information about you to those individuals and entities that need to know the personal information to be able to provide products and services to you.
Monitoring and review
This policy was last updated on 20th November 2018 and shall be regularly monitored and reviewed, at least every two years.