This Privacy Notice informs you of our privacy practices and of the choices you can make and rights you can exercise in relation to your personal data, including information that may be collected from your online activity and interactions you have with us offline. This Privacy Notice applies to Dimple Services (UK) Limited and Dimple Services Limited (collectively “Dimple Glazing”).
Dimple Services (UK) Limited is a Data Controller, a company registered in England with number 06272036 with its registered office address at Unit 17, The Metro Business Centre, Springfield Road, Hayes UB4 0LE, United Kingdom.
Dimple Services Limited is a Data Controller, a company registered in England with number 02660836 with its registered office address at Unit 5 The Argent Centre, Silverdale Road, Hayes, Greater London, UB3 3BS, United Kingdom.
Questions, comments and requests regarding this Privacy Notice are welcomed and should be addressed to our appointed Data Protection Lead:
Data Protection Lead
email@example.com — 020 8813 7272
Dimple Services (UK) Limited, Unit 5 The Argent Centre, Silverdale Road, Hayes, Greater London, UB3 3BS
Dimple Services Limited, Unit 5 The Argent Centre, Silverdale Road, Hayes, Greater London, UB3 3BS
All communications will be treated confidentially. Upon receipt of your communication, our representative will contact you within a reasonable time to respond to your questions or concerns. We aim to ensure that your concerns are resolved in a timely and appropriate manner.
Retaining Your Data
In most circumstances your data will not be retained for more than 11 years from the last point at which we provided any services or otherwise engaged with you and it is our policy to only store your personal data for as long as is reasonably necessary for us to comply with our legal obligations and for our legitimate business interests. However, we may retain data for longer than a 11 year period where we have a legal or contractual obligation to do so, or we form the view that there is otherwise a continued basis to do so, we have a compelling reason to do so, or we are subject to a legal obligation which applies for a longer period.
Disclosure of Your Information
We may disclose your personal information to any member of our group when appropriate, which includes our subsidiaries as defined in section 1159 of the UK Companies Act 2006, only when appropriate and required for legitimate business purposes.
In the event of a sale, merger, liquidation, receivership or the transfer of all or part of our assets to a third party, we may need to transfer your information to a third party. Any such transfer will be subject to the agreement of the third party to this Privacy Notice and any processing being only in accordance with this Privacy Notice.
Data Security and Confidentiality
To prevent loss, unauthorised access, use or disclosure and to ensure the appropriate use of your information, we utilise reasonable and appropriate physical, technical, and administrative procedures to safeguard the information we collect and process. We retain data as required and permitted by law and while the data continues to have a legitimate business purpose. When collecting, transferring or storing sensitive information such as financial information we use a variety of additional security technologies and procedures to help protect your personal data from unauthorised access, use, or disclosure.
You have the right to ask us for a copy of any personal data that you have provided to us or that we maintain about you and to request an explanation about the processing; and to obtain the personal data you provide with your consent or in connection with a contract in a structured, machine readable format and to ask us to transfer this data to another data controller. In addition, you have the right to withdraw any consent previously granted or to request rectification or erasure of your personal data, or to request a restriction on the processing of your personal data.
In certain cases, these rights may be limited, for example if fulfilling your request would reveal personal data about another person or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests to keep this information. You also have the right to object to the processing of your personal data in some circumstances. To exercise your rights, or if you have any questions or concerns about our Privacy Notice, our collection and use of your data or a possible breach of local privacy laws, you can contact or write to our Data Protection Lead (see contact details above).
Complaints and Queries
Dimple Glazing tries to meet the highest standards when collecting and using personal information. For this reason we take any complaints we receive about this very seriously. We encourage people to bring it our attention if they think that our collection or use of information is unfair, misleading or inappropriate. We would also welcome any suggestions for improving our procedures. This Privacy Notice was drafted with brevity and clarity in mind and does not provide exhaustive detail of all aspects of our collection and use of personal information.
If you are unhappy about the way we use your personal data or the way in which we respond to your request to exercise your data protection rights, you can contact the Data Protection Lead at Dimple Glazing but you also have the right to lodge a complaint with a supervisory authority, the Information Commissioner at the Information Commissioner’s Office (ICO), Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
Access to Personal Information
Dimple Glazing tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a 'Data Subject Access Request' under the EU General Data Protection Regulation 2018. If we do hold information about you, subject to verifying your identity, we will: (a) give you a description of it; (b) tell you why we are holding it; (c) tell you who it could be disclosed to; and (d) let you have a copy of the information in an intelligible form. To make a request to Dimple Glazing for any personal information we may hold you need to put the request in writing addressing it to our Data Protection Lead. If we do hold information about you, you can ask us to correct any mistakes by contacting our Data Protection Lead.
If we modify our Privacy Notice, we will post the revised statement on our website, with an updated revision date. This Privacy Notice was last updated on 25th May 2018.
Website Contact Forms
Information entered voluntarily into Dimple Glazing website contact forms (typically enquiries about products, services or employment opportunities), will be directed to the appropriate company representatives in order for them to respond. If you contact us, we may send you an automatic acknowledgement of your request and we may keep a record of this correspondence. If you report a problem with one of our websites, we may contact you for further information about the reported problem. This information is not processed by or shared with any third parties.
Order Details and Payment Information
When customers (businesses and individuals) place orders with Dimple Glazing, this information is processed in the UK.
Visitors and Employees at our Business Premises
Visitors to Dimple Glazing business premises may be required to sign-in upon arrival and sign-out upon departure, so that in the event of a fire evacuation we have a record of visitors on-site in accordance with our Health and Safety at Work Act 1974 Section 3 statutory duty to ensure so far as reasonably practicable, the health, safety and welfare at work of all who are not in our employment but who may be affected by the activities of our undertaking, including visitors. The information we process includes the name and company of the visitor, the employee name or department whom they are visiting, and the date and time they sign-in and out.
Recorded CCTV Video Footage
CCTV recording cameras and equipment are installed at Dimple Glazing business premises, internally for the legitimate business interest of ensuring a safe working environment, and externally for the legitimate business interest of preventing (as a deterrence) and detecting crime (including identifying individuals engaged in criminal activity such as theft), a risk reduction control required by our insurers. The CCTV data is used and kept only to fulfil this original purpose, stored securely. Individuals have the right to request a copy of any CCTV footage in which they are in focus and/or clearly identifiable, they will need to provide details of which camera, location, date and times in order for the CCTV operator to locate the recording requested. CCTV data is retained for 3 months, except in the event of a security or health and safety incident when relevant records are then retained indefinitely as evidence.
Personal information of job applicants processed as part of our recruitment process, a legitimate business purpose, includes name, contact details, date of birth, employment history, education history, details of qualifications and skills, identity information including VISA and right-to-work information, contact details of references, personal information relating to hobbies, interests and pastimes volunteered by the applicant, equal opportunities information. Depending on the specific positions advertised we may at our discretion choose to advertise available roles using third party recruitment companies, for example, those which target specific subject areas of specialism. Before you express interest in an advertised position or submit an application to an advertised position using a third party website, please note that these companies have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Personal information processed as part of a statutory obligation includes names, addresses, and contact details of company directors, secretaries, shareholders, and copies of shareholder agreements.
Current and Former Employees
Personal information processed of employees includes individual name, home address, telephone number, birth date, next of kin information including contact details for them, their initial application form, references and medical questionnaire/declaration, identification papers, residence and work permits, employment contracts, terms and conditions of employment, employee agreements, training records, grievances, discipline, leaver information, security clearances, disclosure and barring service checks, job titles, photographs (for health and safety needs), and details of car insurance cover for business purposes. Information used for the purpose of preparing wage slips, payment of salaries and arranging employment benefits pursuant to the contract of employment includes: bank details, National Insurance identification number, tax and employment benefit details, workplace pension arrangements, holiday booking, sickness and attendance records. Personal mobile and home telephone numbers are stored confidentially on the corporate phone system for use upon the invocation of our disaster recovery procedures. This information is kept strictly protected and held securely and may only be accessed by authorised persons.
Mobile Device Management
Mobile device information including telephone number (if applicable) for corporately owned and issued mobile devices is processed along with the employee name, and shared with the mobile telephony network operator for the duration the device is assigned to the employee. This is a contractual requirement imposed by the network operator which applies to all employees who are issued with a mobile device. This information is used for the legitimate business purpose of itemised billing.
Occupational Health Monitoring
Dimple Glazing employees, depending on the risks involved in their designated workplace and role, may be subject to Occupational Health Surveillance in accordance with our Health and Safety at Work Act 1974 duty to ensure so far as reasonably practicable, the health, safety and welfare at work of all employees. We have a compelling reason to retain employment records, training and qualification records, and occupational health monitoring records for these employees, for at least 40 years following termination of employment, to act in any insurance claims that may arise any time in the future in connection with the employee or their work. We need to be able to process these records as required by insurers to either defend or prosecute claims. We may also be required to share some of these records with the Health and Safety Executive (HSE).