Last updated: (31 December 2019)
We are committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified, and then you can be assured that it will only be used in accordance with this privacy statement.
We may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.
Information Collection And Use
Drift-In conducts business with a range of different 'customer types' listed below.
As a minimum, we will collect an individual's name, telephone number, e-mail address and home address for each customer type listed because there is a legitimate interest in holding this information in each instance, which we go on to explain below.
We will only retain personal data for as long as is necessary. How long is necessary can depend on a variety of factors.
In order to successfully and informatively respond to any potential court or insurance claim arising from dealings with any of customer types, as a commercial interest we will retain data for at least six years from the end of our business relationship as this is the maximum period of time an individual or company can submit a monetary court claim. We may choose to hold the information for longer should we see fit, however.
In any case, Money Laundering Regulations 2017 state that we must retain the records of Purchasers, Vendors, Purchasers' Solicitors and Vendors' Solicitors for a period of five years.
Additionally, the Limitation Act 1980 states adults have 3 years from the date of an incident (children have 3 years from their 18th birthday) in order to bring a personal injury claim to light, so data is retained for this period of time partly due to this legal ruling.
Cookies are files with small amount of data, which may include an anonymous unique identifier. Cookies are sent to your browser from a web site and stored on your computer's hard drive.
Like many sites, we use "cookies" to collect information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Site.
We use Google Analytics cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we hold. This includes secured web databases and electronic software, as well as locked files where paper-based documents may be held.
Data that is provided to us is stored on our secure servers
Our servers that allow data capture use encrypted URLs with valid SSL certificates, meaning the data you share with us electronically is as safe as reasonably possible at the time of drafting this policy. Where we have given you (or where you have chosen) a password so that you can access certain parts of our site, you are responsible for keeping this password confidential.
Links to other websites
General Data Protection Regulations (GDPR) gives individuals the following rights;
- • The right to be informed
- • The right of access
- • The right to rectification
- • The right to erasure
- • The right to restrict processing
- • The right to data portability
- • The right to object
- • Rights in relation to automated decision making and profiling
You will find more information on your rights on the Information Commissioner's Office (ICO) website.
If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to us or emailing our Data Protection Officer at firstname.lastname@example.org.
Under the Data Protection Act 1988 and General Data Protection Regulations you may request details of personal information which we hold about you by making a subject access request to our Data Protection Officer at email@example.com or by writing to us at Drift-In , 104 Salisbury Road, Cathays, Cardiff, CF24 4AE.
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.
You may request that any information we hold about you is deleted and we will do so unless there is a legal basis for us to retain that information.