General Data Protection Regulation (GDPR)

Awareness.

All staff in our organisation are aware that new GDPR is now in force.

The principle contact for GDPR within Spentex is Stephen Spencer, although all our staff are trained to deal with any data query, ensuring that these are promptly dealt with by our GDPR Officer.

Your GDPR rights.

Spentex can upon request, provide you with the details which we hold about you or your company.

You can request that your data is removed from our computer systems/website at any time.

Email communication data can be removed from our systems by automated unsubscribe request, following the link in any marketing email that you receive from us, or by writing, emailing, faxing to Spentex, or by telephone.

Subject data access requests.

You can request access to your data at any time. Spentex have a clear data usage policy which is detailed on the website Privacy Policy page.

Requests to remove data are handled within an agreed time frame, normally within 2 working days, from first request.

We may remove your data from our systems, but may have to archive transactional detail for accounting and tax purposes. We may also keep emails, faxes or written communications.

Data Consent

By ordering goods and services via our website, you consent to Spentex using supplied data for this purpose. Please note, Spentex DO NOT HOLD or have access to any debit or credit card detail. These ares processed by stripe, their privacy and data protect policies are available via this link.

Data breaches

In the unlikely event that we have a data breach, we will communicate details of that data breach directly to you and to the Information Commissioner Office.

We do not hold personal information but do hold business information, this is the information that you provided when you signed into our online store. The information which we hold is limited to:

• Purchasers name
• Purchasing Company name
• Purchasing Company address
• Purchasing Company telephone and email address
• Purchasing company order history

We do not hold any financial information (eg: account details, credit or debit card details).

Children.

Spentex do not provide goods or services to individuals within the UK or the EU. Our services are exclusively for the use of corporate customers. Before accepting any order, Spentex may undertake a credit check. Credit checks clearly establish whether the source of an order is from a legitimate UK based company, and by implication completely rules out any possibility that Spentex  could conduct business with minors or individuals (other than sole traders).

Data Protection by Design, Data Security.

Our website is SSL secured using the latest security algorithms which are regularly updated and renewed. This is to ensure that your data is protected in a safe environment, in addition to having off site payment processing with stripe, who are a PCI/DSS compliant company.

We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your personal information.

We will store all the personal information you provide on our secure (password- and firewall-protected) servers.

Data Protection Officers

Our designated Data Protection officer is Stephen Spencer, who can be contacted by email at  DataProtectionOfficer@spentex.co.uk or by telephone  01977 680697.

International trading

Spentex operates its business within the UK  borders only. All information provided to Spentex is for the sole use of Spentex. That is, Spentex do not disclose any personal data to anyone other than:

• our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors. This is so that we can conduct our business with you.
• as detailed within our Privacy policy section 6.