- Who we are and how to contact us
Raeburn Drilling & Geotechnical Ltd (Raeburn, we, us, or our) is the controller and responsible for your personal data. This means that determine the purposes for which, and the manner in which, your personal data is processed. We are registered with the Information Commissioner’s Office with registration number: Z6949550
Raeburn Drilling & Geotechnical Ltd,
Telephone: 01698 711177
For purposes of the applicable data protection laws, including the General Data Protection Regulation (GDPR), Raeburn Drilling & Geotechnical Ltd is the “data controller”. This means that Raeburn Drilling & Geotechnical Ltd determines the purposes for which, and the manner in which, the personal data you provide to us is processed.
- What personal data we process and how we use it
Personal data (or personal information) means any information about an individual from which that person can be identified. It does not include data where the identity has been removed.
It is important that the personal data we hold about you is accurate and up-to-date. Please keep us informed if your personal information changes during your relationship with us.
We only collect, use and store your personal data where we have a lawful basis to do so. We currently collect and process the following types of personal data about you:
- Billing address and delivery address
- Email address and telephone numbers
- Bank account and payment card details
- Details about payments to and from you and details of products you have purchased on our Website
- Profile data, including your username and password for your account, purchases or orders made by you, your interests, preferences, feedback and survey responses
- Technical data, including your internet protocol address, your login data, browser type and version
- Information about how you use our Website, products and services
- Your preferences in receiving marketing from us and our third parties and your communication preferences
Personal data collected from you
Where we have collected personal data directly from you it will usually be obvious what this is, as you will have given it to us. However, we use different methods to collect personal data from and about you including:
- Through direct interactions, including where you:
- create an account on our Website;
- purchase a product from our Website;
- subscribe to our marketing;
- correspond with us by post, phone, email or otherwise;
- fill in forms on our Website;
- enter a competition, promotion or survey; or
- give us feedback or contact us.
- Through automated technologies or interactions. As you interact with our Website, we will automatically collect technical data about your equipment, browsing actions and patterns. We collect this data using cookies and other similar technologies. Please see our Cookies Policy below for further details.
Personal data collected from others
We also obtain information about you from third parties who may sometimes provide us with personal data, as set out below. In some cases you will have previously submitted your personal data to them and given them approval to pass this information on for certain purposes.
- our payment services providers
Such information will only be obtained from reputable sources which operate in accordance with the GDPR.
What the personal data is used for
We have identified four lawful bases which we use to process your personal data. Explanations of each of these are provided below, and beneath the title of each section regarding what the personal data is used for we have listed the lawful basis which is applicable to that purpose.
‘Contract’ – your personal data is needed to perform the contract we are about to enter into or have entered into with you (including where necessary to manage your account, product or service)
‘Legal obligation’ – where we need to comply with a legal obligation or we are required by law to process your personal data e.g. to verify your identity
‘Legitimate interest’ – where processing your personal data is necessary for our legitimate interests (or those of a third party) and on balance, your interests and fundamental rights do not override our legitimate interests
‘Consent´- in some cases we may obtain your consent to use your personal data in a particular way or where the law requires consent to be obtained. For example, if we wish to send you marketing communications.
We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely upon to do so. We have also identified what our legitimate interests are where appropriate.
|Purpose/Activity||Type of personal data||Lawful basis for processing|
|To register you as a new customer||Name, email address||Performance of a contract with you|
|To process your order, including:|
· Processing your order and delivery details;
· Managing payments, fees and charges;
· Managing any refunds and/or returns you may request
|Name, email address, billing address and delivery address, bank account and payment card details, details about payments to and from you||Performance of a contract with you|
|To manage our relationship with you which will include:|
· Asking you to leave a review or take a survey
|Name, email address||Performance of a contract with you|
Necessary for our legitimate interests (to study how customers use our products/services)
|To manage your customer account||Name, email address||Performance of a contract with you|
|To enable you to partake in a prize draw, competition or complete a survey||Name, email address||Necessary for our legitimate interests (to study how customers use our products/services, to develop them and grow our business) or consent when you have provided your consent to receive marketing communications.|
|To administer and protect our business and this Website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||IP addresses||Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)|
|To use data analytics to improve our website, products/services, marketing, relationships and experiences||information collected via cookies including IP addresses||Necessary for our legitimate interests (to define types of customers for our products and services, to keep our Website updated and relevant, to develop our business and to inform our marketing strategy)|
Marketing telephone calls, emails and post
We may contact you about products or services that relate to products that you currently hold with us, products you have held in the past, or products you have expressed an interest in (i.e. obtained a quotation). You will receive marketing communications from us if you have requested information from us or purchased products from us and you have not opted-out of receiving that marketing.
We will never contact you about products that are not similar, and if you receive calls or post that you do not wish to receive, you can ‘opt-out’ at any point, by clicking the unsubscribe option at the bottom of all of our emails.
- Who we share your personal data with
When processing your personal data, we may share it with other people or organisations in certain circumstances for the purposes set out above. Examples of who we may need to share it with are:
- Service providers that help us to run and maintain our Website and provide IT and administration services, such as hosting providers;
- Payment service providers, to enable you to pay for the products purchased from retailers;
- Professional advisers, including lawyers, bankers, auditors and insurers who provide professional services to us;
- HM Revenue and Customers, regulators and other authorities, who require reporting of processing activities in certain circumstances; and
We’ll treat the information we hold as confidential and may share information with the above who are also required to keep your information confidential, safe and secure.
- Transfers of your personal data
The personal data that we collect from you will not ordinarily be transferred to, or stored at, a destination outside of the United Kingdom or the European Economic Area (EEA).
However, if we do need to transfer your personal data outside of the UK or the EEA we will take all steps reasonably necessary to ensure that any such transfer is made securely and that there is adequate protection in place in order to protect your personal data.
Please contact us if you wish to find out more; if we ever transfer your Personal Data outside the UK or the EEA you can ask us for a copy of the relevant safeguards implemented in relation to the transfer.
- How long we will keep information about you
We will only retain your personal data for as long as is necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may keep your personal data for longer than usual in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
We will also retain data in an anonymous form for statistical and analytical purposes after this date, without further notice to you.
If you require further information relating to the timescales in which we hold your information please contact us using the details at the bottom of this page.
- Keeping personal data secure
We will use technical and organisational measures to safeguard your personal data, for example:
- access to your account is controlled by a password and a user name that is unique to you.
- we store your personal data on secure servers.
- payment details are encrypted using SSL (Secure Sockets Layer) technology. Typically you will see a lock icon or green address bar (or both) in your browser when we use this technology.
We are certified to PCI DSS. This is the Payment Card Industry Data Security Standard which is a family of standards that helps us manage your personal data and keep it secure.
Technical and organisational measures include measures to deal with any suspected data breach. If you suspect any misuse or loss or unauthorised access to your personal data, please let us know immediately by contacting us via this e-mail address: firstname.lastname@example.org.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
- Your rights in relation to your personal data
You have various rights in relation to your personal data. If you seek to exercise your rights we will explain to you whether or not the right applies to you as the rights do not apply in all circumstances.
- Right to access– the right to request access to the personal data we hold about you at any time. If we provide you with access to the information we hold about you, we will not charge you for this, unless your request is “manifestly unfounded or excessive”. Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will tell you the reasons why.
- Right to correct– the right to have your personal data rectified or updated if it is inaccurate or incomplete.
- Right to erase– the right to request that we delete or remove your personal data from our systems.
- Right to restrict our use of your personal data– the right to “block” us from using your personal data or limit the way in which we can use it.
- Right to data portability– the right to request that we move, copy or transfer your personal data.
- Right to object– the right to object to our use of your personal data including where we use it for our legitimate interests.
To make enquiries, exercise any of your rights set out above, or withdraw your consent to the processing of your personal data (where consent is our legal basis for processing your Data), please contact us via this e-mail address: email@example.com.
It is important that the Data we hold about you is accurate and current. Please keep us informed if your Data changes during the period for which we hold it.
- Links to other websites
- How to complain
If you would like further information or you are unhappy with any way we are using your personal data, you should first contact us so we can understand your query and try and resolve it. You can contact us using the details below, or you can contact our Customer Care department on 01698 711177.
Raeburn Drilling & Geotechnical Ltd,
Telephone: 01698 711177
You also have the right to lodge a complaint with the Information Commissioner’s Office (the ICO). You can contact the ICO directly, and their details are listed below:
Information Commissioner’s Office
Tel: 0303 123 1113 / 01625 545 745
Fax: 01625 524 510