Ocean Slide5 Limited
1. KEY TERMS
1.1 In this policy:
we or us means Ocean Slide5 Limited (Company Number: 11053897), trading as Ocean5, whose registered office is at Providence House, Providence Place, Islington, N1 0NT (and our will be construed accordingly).
personal information means information relating to an identified or identifiable individual.
personal information: means personal information revealing (i) racial or ethnic origin (ii) political opinions (iii) religious beliefs (iv) philosophical beliefs (v) trade union membership (vi) genetic and biometric data and (vii) data concerning health, sex life or sexual orientation.
2. CUSTOMER PERSONAL INFORMATION
2.1. If you are one of our customers, we may collect and use the following personal information about you:
a) your name and contact information including (without limitation) your email address, telephone number, fax number, delivery address and billing address;
b) information to enable us to check and verify your identity (e.g. your date of birth);
c) your billing information, transaction, VAT (where required) and payment card information;
d) any further relevant delivery information, to enable us to deliver our products to you; and
2.2. This personal information is required to provide our products and services to you. If you do not provide the personal information that we ask for, it may delay or prevent us from providing our products and services to you.
3. SUPPLIER AND MANUFACTURER PERSONAL INFORMATION
3.1. If you are one of our suppliers, we may collect and use the following personal information about you:
a) your name and contact information including (without limitation) your email address, telephone number, company details and forwarding address;
b) the name and contact information of our main point(s) of contact, including (without limitation) their email address and telephone number;
c) the name and contact information of your company directors where necessary, including (without limitation) their email address and telephone number;
d) information to enable us to check and verify your identity (e.g. your date of birth and other information contained in any identification documents that we hold);
e) your billing information, transaction, VAT and payment information;
f) your insurance information and the necessary policies which are specified in our contract with you;
g) information to enable us to undertake credit or other financial checks on you; and
h) information to enable us to collect the relevant supplied products or materials, where applicable.
3.2. This personal information is required by us in order to receive the products, materials and services that are provided by you and to pay you for them. If you do not provide the personal information that we ask for, it may delay or prevent us receiving the relevant products and services, and/or delay or prevent us paying for them.
4. COLLECTION OF INFORMATION
4.1. We collect most of this personal information directly from you i.e. in person, by telephone, text, email and/or via our website. However, we may also collect information:
a) from publicly accessible sources such as Companies House and the websites of our Suppliers and Manufacturers;
b) directly from a third party e.g. our chosen delivery provider and/or PayPal;
c) from a third party with your consent e.g. from professional advisers and/or third party suppliers; and
5. USE OF PERSONAL INFORMATION
5.1. Under data protection law, we can only use your personal information if we have a proper reason for doing so. These reasons include:
a) to comply with our legal and regulatory obligations;
b) for the performance of our contract with you (or to take steps at your request before entering into a contract with you);
c) for our legitimate interests or those of a third party; or
d) if you have given us your explicit consent.
5.2. A legitimate interest is when we have a business or commercial reason to use your information, as long as this is not overridden by your own rights and interests.
5.3 The table below explains what we use/process your personal information for and our reasons for doing so:
|USE OF YOUR PERSONAL INFORMATION||REASON(S)|
|To provide products and services to you or (as applicable) to receive products/materials and
services from you. This may include liaising with, and passing your personal information to, third parties i.e. passing delivery information between our customers and our chosen delivery provider.
|For the performance of our contract with you or to take steps at your request before entering into a contract.|
|To detect and prevent fraud against you or us.||For our legitimate interests or those of a third party i.e. to minimise fraud that could be damaging for us and for you.|
|Conducting checks to identify our suppliers and manufacturers, and to verify their identity. Screening for financial and other sanctions, in relation to our manufacturers and suppliers.
Other processing necessary to comply with legal and regulatory obligations that apply to our business e.g. under health and safety regulations or safe working practices.
|To comply with our legal and regulatory obligations.|
|Conducting checks to verify that sufficient policies of insurance are in place, with regards to the manufacture and supply of our products.||For the performance of our contract with you or to take
steps at your request before entering into a contract.
|Gathering and providing information required by or relating to audits, enquiries or investigations by regulatory bodies.||To comply with our legal and regulatory obligations.|
|Credit reference checks via external credit reference agencies.||For our legitimate interests or those of a third party, i.e.
to ensure that our suppliers and manufacturers are
likely to be able to provide the services to us.
|Ensuring business and regulatory policies are adhered to e.g. policies covering health and safety, security and internet use.||To comply with our legal and regulatory obligations.
For our legitimate interests or those of a third party, i.e.
to ensure we follow our own internal procedures so that we can deliver the best service to you and improve our relationships with our suppliers and
|Operational reasons, such as improving efficiency, training and quality control.||To comply with our legal and regulatory obligations. For our legitimate interests or those of a third party, i.e. to be as efficient as we can so that we can deliver the best service to you at the best price and/or improve our relationships with our suppliers and manufacturers.|
|Ensuring the confidentiality of commercially sensitive information.||For the performance of our contract with you or to take steps at your request before entering into a contract. For our legitimate interests or those of a third party, i.e. to protect confidential and other commercially valuable information. To comply with our legal and regulatory obligations.|
|Statistical analysis to help us manage our business e.g. in relation to our financial performance, customer base, supplier base, range of available products and services, and/or other efficiency measures.||For our legitimate interests or those of a third party i.e. to be as efficient as we can so that we can deliver the best products and service to you at the best price and/or improve our relationships with our suppliers.|
|Preventing unauthorised access and modifications to our systems.||For our legitimate interests or those of a third party i.e. to detect and prevent criminal activity that could be damaging for us and for you.
To comply with our legal and regulatory obligations.
|Updating and enhancing our records.||For the performance of our contract with you or to take steps at your request before entering into a contract. To comply with our legal and regulatory obligations. For our legitimate interests or those of a third party, e.g. making sure that we can keep in touch you about
the products and services that we provide.
|Statutory returns.||To comply with our legal and regulatory obligations.|
|Marketing our products and services to:
– existing and former customers;
– third parties who have previously expressed an interest in our products or services; and
– third parties with whom we have had no previous dealings.
|For our legitimate interests or those of a third party i.e. to promote our business and any products or services that may be of use or interest to existing/former customers and third parties.|
|External audits and quality checks and the audit of our accounts.||For our legitimate interests or those of a third party, i.e. to maintain our accreditations so we can demonstrate we operate at the highest standards. To comply with our legal and regulatory obligations.|
5.4 The above table does not apply to special category personal information, which we will only process with your explicit consent.
6. MARKETING AND PROMOTION
6.1. We may use your personal information to send you updates (by email, text message, telephone or post) about our services, including (without limitation) exclusive offers, promotions or new products and services.
6.2. We have a legitimate interest in processing your personal information for promotional purposes (see paragraph
5 above, ‘Use of Personal Information’). This means we do not usually need your consent to send you promotional communications.
6.3. However, where your consent is needed, we will ask for your explicit consent separately and clearly.
6.4. We will always treat your personal information with the utmost respect and we will never share it with other organisations for marketing purposes.
6.5. You have the right to opt out of receiving promotional communications at any time by:
a) contacting us at firstname.lastname@example.org; or
b) using the ‘unsubscribe’ link in emails or ‘STOP’ number in texts.
6.6. We may ask you to confirm or update your marketing preferences if you instruct us to provide further services in the future, or if there are any changes to the law or in the structure of our business.
7. INFORMATION SHARING
7.1. We routinely share personal information with:
a) third parties we use to help deliver our products and services to you e.g. sharing information between our chosen delivery provider and customers;
b) other third parties we use to help us run our business, e.g. PayPal, marketing agencies, and website hosting companies and other IT service providers;
c) credit reference agencies;
d) our insurers and insurance brokers; and
e) our bank.
7.2. We only allow our service providers and other third parties to handle your personal information if we are satisfied that they take appropriate measures to protect your personal information.
7.3. We impose contractual obligations on third parties and service providers to ensure they can only use your personal information to provide services to us and to you. We may also share personal information with external auditors e.g. in relation to the audit of our accounts.
7.4. We may disclose and exchange information with law enforcement agencies and regulatory bodies in order to comply with our legal and regulatory obligations.
7.5. We may also need to share some personal information with other parties, such as potential buyers of our business (or any part thereof) or during any restructuring of our business. Usually, the information provided will be anonymous, but this may not always be possible. However, the recipient of the information will always be
bound by confidentiality obligations.
7.6. We will not share your personal information with any other third party.
8. HOLDING INFORMATION
8.1. Information may be held at our offices, on our IT systems and on those of our third party service providers, representatives and agents as described above (see paragraph 7 above, ‘Information Sharing’).
8.2. Some of these third parties may be based outside the European Economic Area (EEA). For more information, including on how we safeguard your personal information when this occurs, see paragraph 9 below, ‘Data Transfers’.
8.3. We will keep your personal information while we are providing any products or services to you, or (as applicable) receiving any products/materials or services from you. Thereafter, we will keep your personal information for as long as is necessary:
a) to respond to any questions, complaints or claims raised or made by you (or on your behalf);
b) to show that we treated you fairly;
c) to keep records as required by law.
8.4. We will not retain your personal information for longer than necessary for the purposes set out in this policy.
8.5. Different retention periods apply for different types of personal information:
a) Customer data will be held for 6 years following the end of our contractual relationship with you.
b) Potential customer data will be held until the potential customer changes their marketing preferences or where the potential customer exercises their rights to ‘object’ or ‘to be forgotten’.
c) Supplier and Manufacturer data will be held for 6 years after the end of the relevant contract.
d) Company records and data (i.e. statutory books, board minutes, company resolutions etc) will be held for 10 years from the date of the creation of such records or data.
8.6. When it is no longer necessary to retain your personal information, we will either delete the information or make the information anonymous.
9. DATA TRANSFERS
9.1. We do not routinely transfer your data outside of the European Economic Area (EEA). However, there may be some circumstances when it is necessary for us to do so, in order to deliver services to you, for example:
a) when relevant third parties (including customers, suppliers or service providers) are located or operate outside the EEA;
b) where website servers (or other items of IT hardware) are located outside the EEA;
c) if you are based outside the EEA; or
d) where there is an international dimension to the services we are providing to you.
9.2. These transfers are subject to special rules under European and UK data protection law.
9.3. Non-EEA countries do not have the same data protection laws as the United Kingdom and the EEA. We will, however, ensure that any such transfer of data complies with applicable data protection law and that all personal information is secure. Our standard practice is to use template data protection clauses, that have been approved by the European Commission, in our contracts with the relevant third parties.
9.4. If you would like further information, please contact us (see paragraph 15 below, ‘Contact’).
10.4. Our legitimate interests (or, as applicable, those of a third party), for using cookies, are so that we can distinguish you from other users of our website, which helps us to provide you with a better user experience when you browse our website, and also allows us to improve our website.
11. YOUR RIGHTS
11.1. You have the following rights, witch you van exercise at no cost:
|Access:||The right to be provided with a copy of your personal information (the right of access).|
|Rectification:||The right to require us to correct any mistakes in your personal information.|
|To be forgotten:||The right to require us to delete your personal information, in certain situations.
NB: we are not required to delete your personal information if this is held (i) for the
performance of a contract (during the term of the contract) or (ii) to comply with a legal
|The right to require us to restrict the processing of your personal information in certain
circumstances e.g. if you contest the accuracy of the personal information.
|Data portability:||The right to receive the personal information you have provided to us, in a structured,
commonly used and machine-readable format, and/or to transmit that personal
information to a third party, in certain situations.
|To object:||The right to object:
– at any time to your personal information being processed for direct marketing
|Not to be subject
|The right not to be subject to a decision which is based solely on automated
processing (including profiling) and that produces legal effects concerning you or
otherwise significantly affects you.
11.2. For further information on each of these rights, including the circumstances in which they apply, please contact us or see the guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
11.3. If you would like to exercise any of these rights, please:
- a) email, call or write to us (see paragraph 15 below, ‘Contact’);
- b) let us have enough information to identify you (e.g. your full name, address and any applicable reference/reference number);
- c) let us have proof of your identity and address (e.g. a copy of your driving licence or passport and a recent utility bill); and
- d) let us know what right you want to exercise and the information to which your request relates.
12.1. We have implemented appropriate security measures to prevent your personal information from being lost or used/accessed unlawfully. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
12.2. We also have procedures in place to deal with any suspected data security breach. We will notify you, and any applicable regulator, of any suspected data security breach where we are legally required to do so.
13.1. Should you have a complaint about our use of your personal information, please contact us (see paragraph 15 below, ‘Contact’).
13.2. We hope that we can resolve any query or concern that you may raise about our use of your personal information. However, the General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of the relevant data protection laws has occurred.
13.3. The supervisory authority in the UK is the Information Commissioner who can be contacted at
https://ico.org.uk/concerns or 0303 123 1113.
15.2. Our contact details are: