GDPR Policy

Data Breach Policy Data Retention Policy Information Security Incident Management Policy

Information Security Policy Subject Access Request (‘Sar’) Procedure

The term ‘Fine Cut Group Limited [‘Fine Cut’, ‘we’ or ‘us’] refers to the business whose registered office is The Courtyard, Shoreham Road Upper Beeding, Steyning, West Sussex, BN44 3TN

Security

We are committed to ensuring that your personal data and information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect.

Our systems use data encryption and password protection for maximum security.

If under any circumstances you are unsure about the security of our website or your private information, please send us an email to info@finecut.co.uk or telephone us on  +44 (0) 1903 751666

GDPR Compliance

The European Union General Data Protection Regulation (GDPR) is a data privacy regulation that applies to all companies processing and holding the personal data of data subjects residing in the European Union. This article describes the GDPR compliance status of Fine Cut.

If your company needs to ensure it is GDPR compliant, it also needs to ensure its providers are also GDPR compliant. Fine Cut is GDPR compliant and strictly enforces the regulations to protect the user data we store.

The following principles are complied with when processing personal data:

  • Data is processed fairly and lawfully
  • Data is processed only for specified and lawful purposes
  • Processed data is adequate, relevant and not excessive
  • Processed data is accurate and, where necessary, kept up to date
  • Data is not kept longer than necessary
  • Data is processed in accordance with an individual's consent and rights
  • Data is kept secure
  • Data is not transferred to countries outside of the European Economic Area (‘EEA’) without adequate protection

Lawful Basis of Processing Data

The lawful basis of processing of data will always be determined prior to any data being processed. Fine Cut processes personal data under one, or more, of the following Lawful Bases:

  • Consent – the individual has given their Consent to the processing of their personal data
  • Contractual – processing of personal data is necessary for the performance of a contract to which the individual is a party, or for Fine Cut to take pre-contractual steps at the request of the individual
  • Legal Obligation – processing of personal data is necessary for compliance with a legal obligation to which Fine Cut is subject
  • Legitimate Interests – processing of personal data is necessary under the Legitimate Interests of Fine Cut or a Third Party, unless these interests are overridden by the individual’s interest or fundamental rights

Type of Personal Data Being Processed

The type of personal data being processed may include: 

  • Name
  • Address 
  • Email address 
  • Job Title
  • Telephone number
  • Business name
  • Social media profiles
  • IP address
  • Demographic information such as postcode

How Personal Data is collected

Personal data is obtained from one or more of the following:

  • Visits and use of the above Fine Cut websites, and Company Portals 
  • Use of Fine Cut social media
  • Use of Google Analytics
  • Attendees of corporate seminars and webinars
  • Subscribers to Company updates
  • Parties entering into agreements with Fine Cut
  • Requests for information about products and services offered by Fine Cut, and/or quotes 
  • Employment enquiries

Why Personal Data is collected

Personal data is collected to provide legitimate business services which include: 

  • For Marketing purposes
  • For us to review and reply to your enquiry
  • To provide an opinion for a service you have requested
  • To meet our statutory monitoring and reporting responsibilities
  • To handle and communicate orders, billings and payment, delivery of products and services 
  • To improve Fine Cut services and product offering

However, where indicated, some of the information is optional and you can choose not to complete.

How Personal Data is used

Personal data may be used to:

  • process orders, process a request for further information, to maintain records and to provide pre and after-sales service.
  • pass to another organisation to supply/deliver products or services you have purchased and/or to provide pre or after- sales service;
  • carry out our obligations arising from any contracts entered into by you and us;
  • carry out security checks (this may involve passing your details to our Identity Verification partners, who will check details we give them against public and private databases - this helps to protect us from credit risk and both you and us from fraudulent transactions);
  • comply with legal requirements;
  • assist third parties to carry out certain activities, such as processing and sorting data, monitoring how customers use our site and issuing our emails for us;
  • seek your views or comments on the services we provide;
  • notify you of changes to our services;
  • send you communications which may be of interest to you. These may include information about product updates, newsletters, events, webinars;
  • inform you of various promotions, goods and services that may be of interest to you. You may be contacted by post, email, telephone, SMS or such other means with carefully selected marketing communications we deem relevant to send to you in the legitimate interests of Fine Cut as an Industrial Manufacturer. Each marketing communication sent to you by us will provide you with the option to unsubscribe and manage your data profile and communication preferences from Fine Cut at any time;
  • process a job application;
  • create a profile of your interests and preferences so that we can contact you with information relevant to you. We may make use of additional information about you when it is available from external sources to help us do this effectively.

Where Personal Data is Stored

If a web form is completed on any of the above websites, information is stored on the Company’s CRM system. Previous browsing history on the Fine Cut websites is available to our employees only to determine your interests in order that Fine Cut can engage with you more effectively and improve our site. If Cookies are switched-off then your previous browsing history is no longer available to Fine Cut (See “Cookies” below). If you do not wish for us to have your personal information, please do not fill out any of the web forms on these sites.

As part of any services offered via the Fine Cut websites, the information you provide may be transferred to countries outside the European Economic Area (‘EEA’) i.e. our servers, or third party servers that are used to provide Fine Cut services, that are located in a country outside the EEA. By submitting your personal data, you consent to the transfer, storage and/or processing of your data wherever it be stored. However, if your data is transferred outside the EEA, steps will be taken to ensure appropriate security measures are in place to ensure your privacy rights continue to be protected as outlined in this Policy.

How long Personal Data is stored

We review our retention periods for personal data on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations. We will hold personal data on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.

Please review our data retention policy for full details

Who has access to Personal Data

Only Fine Cut employees are granted access to customer data. This is ensured by the use of strict operational processes and procedures.

Staff are trained on security systems and relevant processes and procedures which are reviewed regularly for ongoing effectiveness and suitability for purpose. All employees are kept up-to-date on the Fine Cut security and privacy practices. Employees are notified and/or reminded about the importance we place on privacy, and what they can do to ensure that customer information is protected.

All IT systems are kept in a secure environment with appropriate access control. 

Non-sensitive details (your email address and other requested information) are transmitted normally over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where we have given (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

We will not sell or rent your information to third parties.

Individuals’ Rights

Your rights relating to GDPR are enforced and include the below:

  • Right to be informed: we clearly inform our customers about the data we collect and how we will use that data
  • Right of access: you can contact us to obtain access to your personal data that we store
  • Right of rectification: simply contact us and we'll update our records
  • Right of erasure: you can also contact us at any time and we'll handle your erasure queries
  • Right to restrict processing: we don't process the data of our customers (or our customers end-users)
  • Right to data portability: our users may contact us anytime if they would like an export of their data
  • Right to object: we handle all requests on this matter from our customers
  • Right not to be subject to automated decision-making including profiling: we don't do that (and never will)

The accuracy of personal data is imperative. We aim to keep it updated at all times. The personal data we hold on you is available upon request by contacting info@finecut.co.uk. You can request that your data is updated and/or deleted at any time, unless Fine Cut can justify that it is retained for legitimate business or legal purpose. When updating your personal data, you may be asked to verify your identity before your request can be actioned.

You can change your marketing preferences at any time by emailing info@finecut.co.uk, or by clicking on the “Unsubscribe” link at the bottom of any of Fine Cut e-shots.

Links to other websites / from other websites

Fine Cut websites may contain links to other websites run by other organisations. Fine Cut Privacy Policy only applies to Fine Cut websites and you are encouraged to read the Privacy Statements on the third party websites that you visit such as Google. Fine Cut is not responsible for the Privacy Policies and practices of other websites even if they were accessed via a Fine Cut website. Equally, if you link to a Fine Cut website from a third party site, Fine Cut is not responsible for the Privacy Policies and practices of that third party site.

Children - 16 or Under

We do not offer services to children under the age of 16.

If you are aged 16 or under‚ please get your parent/guardian's permission before making contact and/or providing us with personal information.

Questions, Complaints and Subject Access Requests (SARs)

Any questions or Subject Access Requests (SARs) should be sent to: info@finecut.co.uk.

You have a right to lodge a complaint in the event that you believe that Fine Cut has not upheld the rights, obligations and responsibilities set out in this Privacy Policy. Please send any complaints to: info@finecut.co.uk.

Data Protection by Design and Data Protection Impact Assessments

Whenever Fine Cut develops a new system, security and the protection of your data comes first when designing the architecture of our systems.

Data Protection Officers

Our Data Protection Officer is Adam Tyler he can be reached via:

Email: info@finecut.co.uk

Phone: +44 (0) 1903 751666

Address: Fine Cut Group Limited, 46 Marlborough Road, Lancing Business Park, Lancing, West Sussex. BN15 8UF England

International

Fine Cut, a company registered in England & Wales, is located in the UK and, thus, our supervisory authority is based in the UK.

Review of this Policy

This Policy is regularly reviewed.

Notification of changes

We reserve the right to make changes to our GDPR policy at any time, however if we do so any changes will be posted on this page immediately so that you are always aware of what information we collect, how we collect it, and where it is kept.