top of page

Privacy Policy

.Macbrook Gas Limited is committed to protecting the privacy of your personal information. Our company is registered with the Information Commissioners Office (ICO), in order to make transparent our data handling practices, and complies with the General Data Protection Regulations (GDPR) effective from May 2018.

Good information handling makes good business sense. By doing this we believe we will enhance our business’s reputation, increase customer and employee confidence,

and by making sure personal information is accurate, relevant and safe, save both time and money.

Our organisation act as a Data Controller as we keep or process information about living people and must comply with certain important rules about how we collect and

use personal information.

 

Lawful Basis for Processing

Our business must have a valid lawful basis in order to process a person’s data and be able to demonstrate the processing of data is “necessary” in order to provide our

products and services. There are six lawful bases.

 

Our organisation process on the basis of the following:

CONTRACT – We may have to process information to fulfil our contractual obligations to provide a quotation, or act as credit intermediary in a finance agreement, or provide a warranty. In this instance the processing is necessary for the performance of the contract.

LEGAL OBLIGATION – We may have to process information for health and safety reasons. In this instance Health and Safety is legislation.

LEGITIMATE INTERESTS – In many instances the processing is necessary, for example to ultimately create a finance plan through a lender when acting as a credit

intermediary or carrying out a Customer Survey Report.

CONSENT – We ask person’s to positively opt in if they want to receive further information on an alternative product or service that we market separately.

Collection of Information – Your consent

We may collect personal information from you if you provide it voluntarily. If you do provide personal information to use, we will assume that you have read this Privacy Notice and have consented to us using your personal information in the ways described in this Policy and at the point where you give us your personal information. If, after providing us with personal information, you later decide that you do not want us to use it for particular purposes, then please write to us at the address shown above.

 

Collection of your Information

We may collect and process the following data: Information you provide when buying our products or services; Information you provide to us by filling in our forms; Information collected through correspondence with our Sales and/or Customer Relations teams; Information you provide to us through the recruitment process: Information you provide to us in order to register for alerts; Social Media interaction: Statistical data about your browsing actions and patterns for the administration of your application for employment; We may require you to submit personally identifiable information in order for you to make use of our services. You confirm that any information you enter or provide will be true. We will only request and collect information which is necessary or reasonable in order to provide you with your requested services and to improve the services that we provide. It will not be a requirement to provide any additional information which is not needed to provide the services.

Reasons for Collection of your Information

In the course of our dealing with you we may collect and process certain information about you, including but not limited to your name, date of birth, job title, address, contact details (including your email address and contact telephone number), payment details (where applicable), electronic identifiers (e.g. IP addresses) and other information about you in respect of which services and products may be provided. Your personal information may be used by us, our employees, contractors,

consultants or agents to:

- identify you during any communication between you and us

- assess eligibility for services and products (whether provided by us or on our behalf);

- carry out regulatory checks and meet our obligations to our regulators

- communicate with you to arrange the provision of such services and products

- administer and provide such services and products

- detect and prevent loss, fraud and other criminal activity

- carry out credit reference checks through associated third parties

-  carry out market research and to help us review, develop and improve the services and products we offer; and

- contact you (in accordance with your preferences), by post, telephone, SMS, email and other electronic means with information about products, services, promotions, and offers that may be of interest to you.

- Keep legal certificates and work records relating to the services we have provided to you including details relating to:

Warranty, maintenance and guarantee information:

Any information which we consider may be required by the Health and Safety notice,

product recall or modification

 

Industry Body Documentation and records: Records of Advice given:

If we sell or buy any business or assets, we may disclose personal information held by us to the prospective seller or buyer of such business or assets. If we or substantially all our assets are acquired by a third party, personal information held by us will be one of the transferred assets.

 

Your personal information may also be used by us, our employees or agents if we are under a duty to disclose or share your personal information in order to comply

with any legal obligation, or in order to enforce any agreement we have with or otherwise concerning you, or to protect our rights, property or safety or those of our

customers, employees or other third parties. If you contact us or we contact you, we may ask for certain information from you to

confirm your identity, check our records and deal with your account efficiently and

correctly.

Business Customers only: To prevent fraud, to check your identity and to prevent money laundering, we will ask our credit intelligence partners, including Creditsafe, Business Solutions Limited (and/or such other service providers as we may engage from time to time) to run certain checks on your business. These checks may involve your information being disclosed to credit reference agencies, who may keep a record of that information. Unless you have made an application for credit, your credit rating will be unaffected. In assessing any application for credit, we will also share your information with our credit insurers. We will disclose details of how you conduct your account to such companies. This information may be used by other

credit intelligence companies for making credit decisions about your business, you, and the people with whom you are financially associated, for fraud prevention,

money laundering prevention and occasionally for tracing debtors. Information used for these purposes will include publicly available information such as corporate

accounts and county court judgments.

We may perform a check on you if you are a company officer, such as a company director. We do this in order to prevent fraud, to check your identity, to prevent money laundering and for account management purposes. Information used for these purposes will include publicly available information such as the electoral roll, county court judgments, assets registered in your name on public registers, such as the Land Registry, bankruptcy orders and repossessions.

 

If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, you could be refused the goods or service or financing that you have requested, or employment. A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us on the details provided on the website.

 

With whom do we share your personal information?

Third parties such as our advisers, the Financial Conduct Authority, finance lenders (where applying for a finance option where we act as a credit intermediary), a finance credit broker, credit reference agencies (who may check the information against other databases, public or private to which they have access), insurers, or fraud prevention agencies. This information may come from your interactions with us or them through applying for finance or other consumer finance product; or ascertain from the way in which the loan is administered and managed.

 

In connection with the above purposes, your personal information may be transferred to or otherwise processed by third party service providers acting on our behalf, our agents and law enforcement authorities (including the police). Ordinarily we will be the party collecting your information directly from you. However, there may be situations where this information is obtained by us from third parties. Examples of this would include from a third-party lead generator, from a third-party data profiling company, where you have given your consent for that company to pass such information on to us (to establish trends), in the case of job applicants, from a third party recruitment agency.

 

Access to Information

The GDPR gives you the right to access information held about you. You have the right to ask for a copy of the personal information held about you. You also have the right to ask for inaccuracies in information to be corrected. Any access request is not subject to a fee unless the requests are unreasonable in which case a fee may be charged and will be disclosed at the time of request. A copy of the information held about you by us can be requested by writing to us at the address shown.

 

Change of Policy

We may occasionally change the Privacy Notice to reflect customer and company feedback. Any changes will be shown on this page.

 

Breach Notification

Our business has the effective processes to identify, report, manage and resolve any personal data breaches.

 

Dealing with Data Protection Complaints

We aim to comply fully with our obligations under the General Data Protection Regulations. If a customer has any questions or concerns regarding our company’s management of personal data including their right to access data about themselves, then they should contact us in writing at Data Protection Unit 8 Focus Business Park Bunns Bank Road Old Buckenham Norfolk NR17 1GY or by emailing us at enquires@macbrookgas.co.uk

 

If our company holds inaccurate information, then the customer should write to our business at the address shown above providing us with any evidence to show what the information should say keeping copies of the correspondence. If after a reasonable amount of time (28 days is recommended) the information has not been corrected, then the customer can make a complaint.

 

There are two courses of action:

- Contact us using the address or email address above.

- If the customer is still dissatisfied, they can go directly to the Information Commissioner, the independent body that oversees data protection and the GDPR. They can be contacted on 0303 123 1113 or their website is www.ico.org.uk.

 

Security

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. Only authorised employees and carefully checked agents, contractors and consultants who provide a particular data processing service for us, are permitted access to your data. These people will only be allowed access to your data for the purposes identified within this Privacy Policy, processing it on our behalf or for IT security and maintenance. Where a third party is processing your data on our behalf, we will take steps to ensure that such third party gives us commitments that it will process your data in line with EU law. If a third party processing your data on our behalf is in a non-EU country that does not have data protection laws equivalent to those in the EU, we will always take appropriate additional steps to ensure that your personal information is kept safe and secure by those processing your data on our behalf. This will generally involve ensuring that such third party agrees to sign up to a formal legal agreement committing such party to comply with standards equivalent to those that would apply where that party to be located within the EU. Whenever fraud prevention agencies transfer your personal data outside of the EU, they impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the European Economic Area. This may also require the recipient to subscribe to “international frameworks” intended to enable secure data sharing.

 

How long we hold your information for

 

The time period for which we keep information varies according to what we use the information for. Unless there is a specific legal requirement for us to keep

information, we will keep your information for as long as it is relevant and useful for the purpose for which it was collected. We will retain your account information for six years in line with relevant tax and contract requirements. In the case of commercial customers, we may retain personal information relating to such individuals within such customers for a different period of time depending on the order and contracting cycles of such customers (e.g. if a customer commonly enters into five-year deals, we would retain such information for a short period beyond the time when we would expect such agreement to be renewed). In the case of unsuccessful job applicants, we will generally hold your CV and supporting documentation for period of three months from the date of application. If you wish for us to hold your CV for longer and be considered for future roles then please just let us know. Fraud prevention agencies can hold your personal data for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years. Where you have given consent to us holding data for a particular purpose, that consent may be withdrawn by you at any time. You may withdraw your consent by contacting us by any method that you wish to communicate with us, including e-mail or in writing. You are entitled to request that we erase your personal information at any time, for example where you cease to be an active customer of ours. Whilst we will generally seek to comply with your request, there will be circumstances where we are entitled to retain such personal information (e.g. in respect of legal claims or to ensure that any activity on your account (e.g. monies owing) may be resolved).

bottom of page