GDRP Customer Privacy Notice

This page explains how we use the personal information we collect and how it is managed.

What personal information do we collect?

  • Name
  • Address
  • Email address
  • Telephone number
  • Credit/debit card details, BACS details – telephone payments only. Online payments are processed securely by our payment provider

Why do we collect it?

  • To process orders
  • To provide after sales care
  • To provide a record for tax inspectors
  • To provide stock information and product updates

How long do we keep it?

  • 7 years

Security of data

Data is held on a password protected computer.  Paper data is stored in a locked office which is only accessed by authorised personnel and is never left unlocked and unattended.  The building has cameras and an Intruder Alarm which is connected to a monitoring centre.

Disposal of paper documents is via shredder on site.

Incoming payments

We accept payments by credit/debit card, BACS or cheque.  If a card payment is made over the telephone, the vendor copy is stored in paper format only with no other identifying personal information in a stand-alone file in the locked office.  Mission Cycles hold a certificate of validation with First Data for the card reader.

Sales Ledger

Invoices are held on a password protected computer and in paper format in a locked office.  It is a requirement of HMRC to retain invoices and sales data.

Website

Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information.  This information is used to track visitor use of the website and to compile statistical report on website activity. Cookies are also used to remember any items you have placed in your basket as you move from page to page.  For further information visit ‘www.aboutcookies.org’ or ‘www.allaboutcookies.org’.

Third parties

We will not share any personal information with third parties unless required to do so by law.

Access to information and correction

Everyone has the right to request a Data Subject Access Request.  If you would like a copy of some or all your personal information, please contact us.  We should respond to this request within a reasonable amount of time.  We will ensure the identification of the person requesting it and ensure the data is only passed to that person using a secure method.

Changes to our policy

This policy will be kept under regular review and an impact assessment should be carried out whenever a new technology or processing system is proposed.  Updates will be placed on this page and customers will be informed of changes either by email or post.  This policy was last updated on 21 May 2018.

You can get further information on how your information is used, how we maintain the security of your information and your rights to access information we hold on you by contacting us.