+44 (0)1626 358000
de_DEen_GBes_ESfr_FRit_IT
change: case-studies, to this: fallstudien

Privacy Policy

Home Privacy Policy
  1. Who we are

This privacy policy is issued by Centrax Limited (“we”, “us”, “our” or “Centrax”), a company registered in England and Wales with company number 00592720 and registered address at Shaldon Road, Newton Abbot, England, TQ12 4SQ. We are a controller of your personal data and are responsible for ensuring that it is properly protected.

Please see the “How to contact us” section at the end of this privacy policy if you have any questions about this privacy policy or the data we hold about you.

  1. This privacy policy

Please read this privacy policy carefully as it contains important information about who we are and how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have a complaint.

This privacy policy explains how we collect and process information about you if you are:

  • A Website Visitor that is using and engaging with the Centrax website.
  • A Customer Representative whose organisation has purchased goods or services from Centrax.
  • A Supplier Representative whose organisation has supplied goods or services to Centrax.
  • A Site Visitor that has or will visit any site owned by Centrax.

We collect, use and are responsible for certain personal data about you. When we do so we are subject to the UK data protection laws.

Our collection and use of your personal data

Personal data means any information about an individual from which they can be identified, whether directly or indirectly.

How your personal data is collected

We collect personal data about you in different ways, including:

  • Direct interactions. You may give us your personal data when you access our website or contact us including to raise enquiries or liaise with us regarding products or services that we or your organisation offer.
  • Automated technologies or interactions.
    • If you are a Website Visitor, we will automatically collect Technical Data (defined below) about your equipment, browsing actions and patterns. We collect this personal data by using cookies and other similar technologies.
    • If you are a Site Visitor, we may capture footage of you or your vehicle via on-site CCTV and automatic number place recognition (ANPR) cameras.
  • Publicly available sources. If you are a Customer Representative or Supplier Representative, we may collect Identity, Profile and Contact Data (defined below) about you from various publicly available sources for example Companies House, or your social media profiles, for example your LinkedIn profile.

Personal data we collect about you

The personal data we collect about you depends on how and why you engage with us.

If you are a Website Visitor we may collect the following information about you:

  • Identity Data – full name.
  • Contact Data – email address and telephone number(s).
  • Usage Data – data about how you found and use our website.
  • Technical Data – internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.

If you are a Customer Representative or Supplier Representative we may collect the following information about you:

  • Identity Data – full name, title, job title and organisation name.
  • Contact Data – name, postal address, email address and telephone number(s).
  • Usage Data – any survey responses you may provide to us from time to time.

If you are a Site Visitor we may collect the following information about you:

  • Identity Data – full name, title, job title, organisation name, vehicle registration.
  • Contact Data – address, email address and telephone number(s).
  • Photographic Data – static and moving images captured by our surveillance systems which means any devices or systems designed to monitor or record images of individuals or information relating to individuals. The term includes CCTV systems as well as automatic number plate recognition (ANPR) (“Surveillance Systems”).

We do not actively process any Special Categories of Personal Data (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Our Surveillance Systems may incidentally record information which falls within these categories, however we do not actively process this information or use it to identify anyone.

We only process Criminal Offence Data captured by our Surveillance Systems where permitted to do so for the purpose of preventing or detecting unlawful acts.

We may also collect and use Aggregated Data such as statistical or demographic data for our own internal business purposes. Aggregated Data may be derived from your personal data but is not considered personal data in law as it does not include information that can directly or indirectly identify you. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature.

How and why we use your personal data

Under data protection law, we can only use your personal data if we have a lawful basis for doing so, which includes:

  • Legitimate interests: where our use of your personal data is necessary for our legitimate interests or the legitimate interests of a third party (unless there is a good reason to protect your personal data which overrides our legitimate interests), and these can include business interests, individual interests or broader societal benefits;
  • Legal obligation: where our use of your personal data is necessary for us to comply with the law (not including contractual obligations); or
  • Consent: where you have given us clear consent for us to process your personal data for a specific purpose.

The table below explains what we use your personal data for and why, as well as what our legitimate interests are where we are relying on our legitimate interests as the lawful basis to process your personal data:

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest and any additional processing conditions
For all individuals, to manage our relationship with you which will include responding to queries you may raise. (a) Identity

(b) Contact

(c) Usage

 Necessary for our legitimate interest (to set up and manage our relationship with you)
Where you are a Customer Representative or a Supplier Representative, to provide our services to your organisation, including to:

(a)   fulfil or place orders;

(b)   process and manage payments; and

(c)   to collect and recover money owed to us.

 (a) Identity

(b) Contact

 

 Necessary for our legitimate interests (to recover debts due to us and provide services to or receive services from, and manage our relationship with, your organisation) and the legitimate interests of your organisation in receiving or supplying services from or to us
For all individuals, to administer and protect our business and ensure compliance with legal obligations (such as record keeping obligations), export control and customs, customer compliance screening obligations and our policies or industry standards.

Where you are a Website Visitor, also to administer and protect our website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data).

 (a) Identity

(b) Contact

(c) Technical

 (a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise)

(b) Necessary to comply with a legal obligation
Where you are a Website Visitor to improve our website using data analytics (a) Technical

(b) Usage

 (a) Necessary for our legitimate interests (to keep our website updated and relevant and understand how and why people engage with us)

OR

(b) Consent
Where you are a Customer Representative, to promote our services to your organisation. (a) Identity

(b) Contact

 

 (a) Necessary for our legitimate interests (for growing and promoting our business)

 
Where you are a Site Visitor:

(a)   to prevent crime and protect buildings and assets from vandalism;

(b)   for the personal safety of staff, visitors and other members of the public;

(c)   to support law enforcement bodies in the prevention, detection and prosecution of crime;

(d)   to ensure the health and safety of employees, service users and visitors to the sites; and

(a)   to assist in the effective resolution of disputes.

 

 (a) Photographic (collected via our Surveillance Systems) Necessary for our legitimate interests (to prevent crime, protect our business and our staff, visitors and members of the public and to effectively resolve disputes)

 

Sometimes our Surveillance Systems may capture information relating to a criminal offence, which means that we are then processing Criminal Offence Data. We only process Criminal Offence Data where permitted to do so for the purpose of preventing or detecting unlawful acts.

 

 

 

  1. Who we share your personal data with

We sometimes share personal data with our group companies in the EEA, the US, Tunisia and Russia, who may receive Customer Representative and Supplier Representative information for the purpose of us and our group companies managing our customer and supplier relationships. This information will only be shared with personnel within group companies if it is necessary for them to have access to this information in connection with their job role.

We also routinely share personal data with the following external service providers:

  • Those we use to help provide our services to you, e.g., our ERP systems that we use to store Customer Representative and Supplier Representative information.
  • Those we use to help us run our business, e.g. our email and document processing provider, our document management system, and software to help manage information about Site Visitors.

We only allow our service providers to handle your personal data if we are satisfied they take appropriate measures to protect your personal data. We impose contractual obligations on service providers to ensure they can only use your personal data to provide services to us and to you.

We may from time to time disclose your personal data to:

  • External professional advisors, e.g. our lawyers, accountants or insurance companies.
  • Law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.

We may also need to share personal data with other third parties, such as potential buyers of some or all of our business or during a business re-structuring. Alternatively, we may seek to acquire other businesses or merge with them. Usually, data will be anonymised but this may not always be possible. The recipient of the personal data will be bound by confidentiality obligations.  

  1. Transferring your personal data out of the UK

To provide products and services to you, it is sometimes necessary for us to share your personal data outside the UK, for example, with our affiliates and third party service providers that are either located outside the UK, or that transfer personal data outside of the UK.

Transfers of personal data outside of the UK are subject to special rules under UK data protection law. This is because non-UK countries do not have the same data protection laws as the UK.

We will ensure that any transfer of personal data outside of the UK as applicable, complies with data protection laws and that all personal data will be secure.

As a result, when we transfer personal data outside of the UK we will ensure that the transfer complies with data protection laws by following one of the below steps:

  • Confirming that the recipient is located in a country which has been recognised as having an adequate level of protection for personal data (for example EEA countries).
  • Putting in place safeguards (such as approved standard contractual clauses) so that you have enforceable rights and effective legal remedies.
  • Confirming that a specific exception applies under data protection law.

For more information about our international transfers, please contact us using the information below.

  1. Cookies and other tracking technologies

A cookie is a small text file which is placed onto your device (e.g. computer, smartphone or other electronic device) when you use our website. We use cookies on our website. Cookies help us recognise you and your device and store some information about your use of our website.

For further information about cookies and how to disable them, please see our Cookies Policy.

  1. Marketing

Where you are an existing Customer Representative, we may use your personal data to communicate updates about our services, including exclusive offers, promotions or information about new services. Typically we will do this over the phone.

We have a legitimate interest in using your personal data in this way as we are contacting you on behalf of your corporate organisation. We therefore do not need your consent to contact you.

You always have the right to opt out of receiving further promotional communications by contacting us using the contact details below.

Please note that we may also send you other communications in relation the services that we provide or in order to respond to queries you have raised, such communications are service communications and are not considered a form of marketing communication.

  1. Your rights

You have the following rights, which you can exercise free of charge:

Access The right to be provided with a copy of your personal data (the right of access)
Rectification The right to require us to correct any mistakes in your personal data
To be forgotten The right to require us to delete your personal data—in certain situations
Restriction of processing The right to require us to restrict processing of your personal data—in certain circumstances, e.g. if you contest the accuracy of the data
Data portability The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations
To object The right to object:

—at any time to your personal data being processed for direct marketing (including profiling);

—in certain other situations to our continued processing of your personal data, e.g. processing carried out for the purpose of our legitimate interests.
Not to be subject to automated individual decision making The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

 

For further information about your rights please contact us or see the guidance provided by the UK ICO on individuals’ rights.

If you would like to exercise any of your rights, please:

  • Email us — see the “How to contact us” section at the end of this policy.
  • Let us have enough information to identify you g. your full name and address and details of the nature of your relationship with us, for example whether you are a Website Visitor, Customer Representative, Supplier Representative or Site Visitor.
  • Let us have proof of your identity if requested.
  • Let us know which right you want to exercise and the data to which your request relates.
  1. How long your personal data will be kept

We will not retain your personal data for longer than necessary for the purposes set out in this privacy policy. Different retention periods apply for different types of personal data.

When it is no longer necessary to retain your personal data, we will delete or anonymise it.

As an indication, if you purchase products or services from us on behalf of your organisation, we will keep your personal data whilst we are providing those products or services. Thereafter, we will keep your personal data for as long as is necessary:

  • To respond to any questions, complaints or claims made by you or on your behalf.
  • To show that we treated your organisation fairly.
  • To keep records required by law.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

If you are a Site Visitor, footage recorded from our Surveillance Systems will be retained for no longer than 4 weeks after the date of recording, unless required in connection with a complaint, incident or legal proceedings, in which case we will securely erase it once it is no longer needed for these purposes.

You can request further details of retention periods for different categories of your personal data by contacting us.

  1. Keeping your personal data secure

We have appropriate security measures to prevent personal data from being accidentally lost, or used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your data will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

  1. How to complain

Please contact us if you have any query or concern about our use of your data (see below “How to contact us”). We hope we will be able to resolve any issues you may have.

You also have the right to lodge a complaint with the ICO. The ICO may be contacted at https://ico.org.uk/make-a-complaint or telephone: 0303 123 1113

  1. How to contact us

You can contact us using the contact details below if you have any questions about this privacy policy or the data we hold about you, to exercise a right under data protection law or to make a complaint.

Contact email address:

Changes to this privacy policy

This privacy policy was last updated in August 2024. We keep our privacy policy under regular review to make sure it is up to date and accurate. If we change our privacy policy from time to time, we will post the details of any changes on our website. We may also take reasonable steps to notify you if such changes affect how your personal data is processed.