Coler Medical PPE – Privacy Policy
Coler Supply Solutions (Intl) Limited (We / Us) are committed to protecting and respecting your privacy.
This privacy notice sets out the basis on which any personal data we collect from you will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
By the to use our website, Coler Medical PPE infer that you’ve read, understood, and agreed with the contents of our privacy policy.
Our website has a HTTPS (security) layer (https://colermedical-ppe.com/). This impacts privacy positively by stopping intruders from intercepting communications between your browser and our website.
GDPR alignment within this privacy policy
Coler Medical PPE has aligned this privacy policy to comply with the GDPR (General Data Protection Regulation), this is a legal requirement effective from 25/05/2018. GDPR is also pivotal in the protection of digital privacy as well as transparent communication of personal data.
For the purpose of the General Data Protection Regulation (GDPR), the data controller is Coler Supply Solutions (Intl) Limited.
Personal data we may collect from you
We collect the following information from customers and suppliers:
- Name
- Job title
- Address
- Email address
- Telephone number
- Bank details (for suppliers)
Why we collect personal data from you and the lawful basis for doing so
Your personal data is processed so that we can conduct business as a provider of safety equipment and corporate workwear. This includes communicating with potential customers and existing customers regarding the supply of services by us, completing transactions and keeping customers informed of our services. Personal data is also used to communicate with our suppliers so that we may purchase goods or services.
We have identified the lawful basis for the above purposes of processing as:
‘processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.’
The legitimate interest identified is that of conducting business as a supplier of safety equipment and corporate workwear.
If you do not provide us with the information we require to complete a transaction, then we will be unable to provide a service to you if you are a customer or to purchase goods or services from you if you are a supplier.
Disclosure of your personal data
Customer and supplier personal data stored on our dashboard system is stored on IT systems hosted by an external provider. Contact details submitted to our website are also stored on IT systems hosted by an external web hosting provider. The company also makes use of document storage and email systems supported by an external provider.
Transaction information including customer and supplier details are managed through specialist accounting software, hosted by an external provider.
Customer details may also be passed to external providers to offer delivery tracking and notification information to customers. Also, customer details may be passed to external providers who offer services for our customers to review their experience with us, with the aim of improving the offerings of Coler Supply Solutions (Intl) Limited.
Transfer to countries outside of the European Union
Company email systems and document storage facilities are provided by an external provider who may store personal data on servers that are geographically located outside of the European Economic Area, typically in the USA.
Similarly, delivery tracking and notification services are provided by external providers who may store personal data on servers that are geographically located outside of the European Economic Area, typically in the USA.
Customer review services are offered by an external provider who may at time store personal data outside of the European Economic Area. The provider states this is only done where adequate safeguards in place, such as the appropriate contractual arrangements with suppliers, or adequacy decisions, depending on the destination country.
How long we will keep your personal data
Your personal data will be kept on our financial accounting and customer service systems for 5 years after our relationship with you ends. Any email correspondence will be kept for 8 years in line with our email retention period.
Your rights as data subjects
The General Data Protection Regulation provides data subjects with certain rights relating to the processing of their personal data. Given the nature of the processing carried out by us, and the lawful basis we have identified for that processing, you have the following rights:
- You may request from us access to the personal data we process concerning you through making a subject access request (or SAR).
- You may request rectification of the personal data we process concerning you where it is incomplete or inaccurate.
- You may request, subject to certain criteria, the erasure of the personal data we process concerning you.
- You may request that we restrict the processing of personal data concerning you. Restriction means that we will only store the personal data and not further process it.
- You have the right to object to your personal data being processed. If we receive such an objection, we will, where required under the General Data Protection Regulation stop processing your personal data.
- You have the right to data portability whereby we will provide your personal data in a structured, commonly used and machine-readable format.
You can make a request expressing your rights by writing to us at the address below, or by using the contact form on our website.
We do not store credit card details nor do we share customer details with any 3rd parties.
Collecting Sensitive Personal Data
GDPR has a number of categories that are classified as personal data categories. Some of these are sub-classified as “sensitive”, these include ethnicity, religion, health history, etc., Coler Medical PPE does not collect or process personal data which is sensitive.
How we use cookies
A cookie is a small file that asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Lodging a complaint with the Information Commissioner’s Office
If you feel that your personal data has been, or is being, processed in an inappropriate manner; or you feel that your rights, as described above have been infringed, you may lodge a complaint with the Information Commissioner’s Office (ICO). The ICO is the UK’s supervisory authority regarding data protection matters and has a responsibility to act on complaints made to it.
Contact details for privacy-related enquiries
For queries, questions, and general clarification about this privacy policy and GDPR do not hesitate to contact us:
By mail:
The Data Protection Officer
Coler Medical PPE
Unit 2, Manor Road Industrial Estate, Atherstone, CV9 1TE
Telephone: +44 (0) 1827 794 294
email: info@colermedical-ppe.co.uk
Last Updated: 29th October 2021