1. Definitions and Interpretation
This means an account required to access and/or use certain areas and/or features of our website;
This means a small text file will be placed on the computer or device you are using by our site when you navigate or visit certain pages and parts of our website and/or when you use certain features of this website. Details of the Cookies used by our website are set out in section 13;
This means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003;
This means any and all personal data collected that relates to an identifiable person who can be directly or indirectly identified from that data captured. In this case, this means personal information that you provide to us via our website. This definition shall, where applicable, incorporate the definitions provided in the EU Regulation 2016/679 – the General Data Protection Act. Regulation (“GDPR”) the Data Protection Act 2018 and regulations made thereunder or following the departure of the United Kingdom from the European Union any national replacement thereto that is enacted or otherwise brought into effect under national laws.
This means Driver Super Market Group Ltd or its trading names a company registered in England under company number 11233225, whose trading address is The Renewal Trust Centre, Unit 2, 3 Hawksworth Street, Nottingham NG3 2EG.
This means our website with a domain name of www.roadriskmanger.com or any sub-domain of the same name.
2. Information About Us
2.1 Our website is owned and operated by Driver Super Market Group Ltd a limited company registered in England under company number 11233225, whose trading address is The Renewal Trust Centre, 3 Hawksworth Street, Nottingham NG3 2EG.
2.2 Our ‘ICO’ Registration Number is ZA542706
2.3 Our responsible officer for matters relating to data protection is Richard Brown (Data Protection Officer) who can be contacted by email at email@example.com, or by post The Renewal Trust Centre, Unit 2, 3 Hawksworth Street, Nottingham NG3 2EG, United Kingdom.
2.4 We are ‘ISO 27001’ certification and the certification is shown on this website. ISO 27001 is the international standard that lays out the specifications for implementing an information security management system (ISMS). An ISMS can be audited by an independent CB (certification body) to assess whether it conforms to the requirements of the standard.
3. What Does This Policy Cover?
3.2. Our Site may contain links to other external websites. We do not check or monitor the content on these external sites and We have no control over how Your data is collected, stored, or used by them. We, therefore, advise You in all cases to check the privacy policies of any such websites before providing any personal information.
4. Your Rights
4.1 As a visitor to our Site (a data subject) you have the following rights under the GDPR, which this Policy and Our collection, storage and the use of your personal information have been designed to acknowledge: –
4.1.1 The right to be informed about Our collection and use of personal information;
4.1.2 The right of access to the personal information we hold about you (see section 12);
4.1.3 The right to rectification if any personal information we hold about You is inaccurate or incomplete (please contact Us if this is the case using the details in section 14);
4.1.4 The right to be forgotten. You have the right to ask us to delete any personal information We hold about You unless there are overriding public grounds which justify retaining the data. Although we only hold your personal information for a limited time, as explained in section 6, if you would like Us to delete it sooner, please Contact Us using the details in section 14);
4.1.5 The right to restrict (i.e. prevent) the processing of your personal information as an alternative to deletion where the processing of the data is unlawful or You consider the data to be inaccurate or;
4.1.6 The right to data portability (obtaining a copy of Your personal information to re-use with another service or organisation);
4.1.7 The right to object to us using Your personal information for particular purposes; and
4.1.8 Rights with respect to automated decision making and profiling.
4.2 If you have any cause for complaint about Our use of your personal information, please contact us using the details provided in section 14 and We will do Our best to solve the problem for you. If we are unable to resolve the matter to Your satisfaction, you also have the right to lodge a complaint with the UK’s supervisory authority, the Information Commissioner’s Office.
4.3 For further information about your rights, please contact the Information Commissioner’s Office or your local Citizens Advice Bureau.
5. What Data Do We Collect?
5.2 business/organisation/company name or identifier;
5.3 job title;
5.4 contact information such as email addresses and telephone numbers;
5.5 any enquiry specific information such as organisation size, number of employees/drivers, type of driver, fleet size, industry type etc.;
5.6 the types and product or service in which you may be interested;
5.7 the geographic location of your organisation or business;
5.8 any preferences expressed;
5.9 the IP address from which the visit or enquiry is made;
5.10 the web browser type and version;
5.11 the operating system used;
5.12 a list of URLs starting with a referring site, any activity on our site, and the site you exit to.
6. How We Might Use Your Data
6.1 All personal information is processed and stored securely, for no longer than is necessary having regard to the reason(s) for which it was originally requested and collected. We will comply with our obligations and safeguard your rights under the GDPR at all times. For more details on security see section 7, below.
6.2 Our use of your personal information will always have a lawful basis, either because:
a) it is necessary for our performance of a formal or informal contract or agreement with you; or
b) because You have consented to our use of Your personal information in order to receive information, services, benefit or advantage (e.g. by subscribing to emails or registering with us to receive news updates); or
c) because it is in Our legitimate interests.
Specifically, we may use Your data for the following purposes:
6.2.1 providing and managing your account;
6.2.2 providing and managing your access to our site;
6.2.3 personalising and tailoring Your experience on our site;
6.2.4 supplying or providing our products and/or services to You where these are requested using the form available on the site (please note that We will require your personal information in order to correspond with you or enter into a contract with you);
6.2.5 personalising and tailoring Our products and/or services for you;
6.2.6 replying to emails from you;
6.2.7 supplying you with email alerts or newsletter services that you have opted into (You may unsubscribe or opt-out at any time by emailing us at firstname.lastname@example.org and using the word “UNSUBSCRIBE” in the subject heading. If you have requested multiple services and wish to withdraw from certain services only, you will need to advise which services you wish to withdraw from. In the absence of specific indication, we will terminate all services;
6.2.8 product and services market research or questionnaires;
6.2.9 analysing your use of our site with a view to improving overall user experience;
6.2.10 gathering feedback;
6.3 With your express and clear permission to do so, we may also use your data for marketing purposes which may include contacting you by email and/or telephone and/or text message and/or post with information, news and offers on our new or upgraded products and/or services. We will not, however, send you any unsolicited marketing or spam and will take all reasonable steps to ensure that we fully protect Your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003.
6.4 Third parties (including those featured in “News and Views”, “Press” and “Events” sections of this site whose content appears on our site may feature links to external websites. Please note that we do not control the activities of such third parties, nor the data they collect and use and therefore advise you to check the privacy policies of any such third parties. Where we are informed or become aware that there is cause to suspect that a linked third-party website breaches the GDPR, we will disable the link and/or remove the item from the site.
6.5 You have a right to withdraw Your consent to Our use of Your personal information at any time, and to request that We delete it. To exercise this right, You can email us at email@example.com and request that we delete Your record. Please ensure that your instructions are clear and that You provide us with sufficient personal information to allow us to identify You and action the request.
6.6 We do not keep Your personal information for any longer than is necessary on the light of the reason(s) for which it was first collected. Data will, therefore, be retained for the following periods (or its retention will be determined on the following bases): –
6.6.1 Newsletter registration – until the request for the service is withdrawn by you or we become aware that emails are being bounced back;
6.6.2 request for quotation – maximum 3 years from the date of receipt;
6.6.3 contact request – maximum 3 years from the date of receipt;
6.6.4 complaint or suggestion – maximum 3 years from the date of resolution;
6.6.5 other – 3 years.
7. How and Where Do We Store Your Data?
7.1 We only keep your personal information for as long as we need to in order to use it as described above in section 6, and/or for as long as we have your permission to keep it.
7.2 Your data will only be stored in the UK on our own secure servers located in our offices except in the case of information used for email broadcasts that may be stored on selected third-party systems (see also section 8 below).
7.3 The GDPR requires us to take security precautions having regard to the nature of the personal information collected, its scope, the reasons for collection and the current state of technology as well as the risk or likelihood of serious harm to the rights and freedoms of individuals if security is breached.
7.4 Data security is high on our list of priorities, and to protect your data we have taken suitable measures to safeguard and secure data collected through our site.
7.5 Steps We take to secure and protect your data include: –
7.5.1 We are ISO27001:2013 certified;
7.5.2 We or our partners will apply software updates and patches as and when these are made available;
7.5.3 Our domain site(s) undergoes annual vulnerability testing by an independent expert third party agency certified to carry out this work. We also conduct our own periodic internal vulnerability testing;
7.5.4 all data collected is stored in our databases on different equipment and is encrypted for security purposes;
7.5.5 Our site(s) uses HTTPS protocol to secure communications between your web browser and our site.
8. Do We Share Your Data?
8.1 Subject to section 8, we will not share any of your data with any other third parties for any reason other than our suppliers Licence Check Ltd.
8.2 We may sometimes contract with third parties to supply other or additional services to you on our behalf or in partnership with us, but only where these are specifically requested or inter-connected with the service(s) requested. Examples include payment processing facilities, specialist assessment and training services, another web-based driver and vehicle applications, services or products and consultancy. We also use externally hosted third party e-mailing and broadcast solutions (such as MailChimp and HubSpot Inc. in order to distribute information and newsletters). Both of these companies are registered in the USA and have EU and Swiss Privacy Shield active status indicating that they satisfy the EU’s requirements in the protection of personal data of EU citizens. Personal data will be limited to name and email address and any preferences that have been identified. In some cases, third parties may require access to some or all of the personal information in order to provide tailored information or a quotation. Where any of your data is required for such a purpose, We will take all reasonable steps to ensure that your data will be handled safely, securely, and in accordance with your rights, Our obligations to you, and the obligations of the third party under the law.
8.3 We may compile statistics about the use of our site including data on traffic, usage patterns, user numbers, sales, and other information. All such data will be anonymised and will not include any personally identifying data, or any anonymised data that can be combined with other data and used to identify you. We may from time to time share such anonymised data with third parties such as prospective investors, affiliates, partners, and advertisers. Data will only be shared and used within the bounds of the law.
8.4 In certain circumstances, we may be legally required to share certain data held by us, which may include your personal information, for example, where we are involved in legal proceedings, where We are complying with legal requirements, a court order, or a governmental authority.
9. Sale or Disposal of Our Business
9.2 In the event that any of your data is to be transferred in such a manner, You will not be contacted in advance and informed of the changes but You will retain Your rights
10. Controlling Your Data
10.1 In addition to your rights under the GDPR, set out in section 4 when you submit personal information via our site, you may be given options to restrict our use of your data. In particular, we aim to give you strong controls on our use of your data for direct marketing purposes (including the ability to opt-out of receiving emails from us which you may do by unsubscribing using the links provided in our emails and at the point of providing your details.
10.2 You may also wish to sign up to one or more of the preference services operating in the UK: The Telephone Preference Service (“the TPS”), the Corporate Telephone. Preference Service (“the CTPS”), and the Mailing Preference Service (“the MPS”). These may help to prevent you from receiving unsolicited marketing. Please note, however, that these services will not prevent you from receiving marketing communications that You have consented to receive.
11. Your Right to Withhold Information
11.1 You may access certain areas of our site without providing any data at all. However, to use all features and functions available on our site You may be required to submit or allow for the collection of certain data.
12. Accessing Your Data
You have the right to ask for a copy of any of your personal information held by us (where such data is held). Under the GDPR, no fee is payable and we will provide any and all information in response to your request free of charge. Please contact us for more details at firstname.lastname@example.org or using the contact details below in section 14.
14. Contacting Us