Privacy Policy

Privacy Policy

Your personal data (any information which identifies you, or which can be identified as relating to you personally for example, name, address, phone number, email address) will be collected and used by us. We’ll only collect the personal data that we need. 

We collect personal data in connection with specific activities such placing an order, becoming an employee, registering for our newsletter or other email updates, or becoming a customer.

Personal data provided by you

  • Personal details (name, date of birth, email, address, telephone, and so on) when you join as a member or supporter
  • Financial information (payment information such as credit or debit card or direct debit details)

How we use your personal data

We’ll only use your personal data on relevant lawful grounds as permitted by the EU General Data Protection Regulation (from 25 May 2018)/UK Data Protection Act and Privacy of Electronic Communication Regulation.

Personal data provided to us will be used for the purpose or purposes outlined in any fair processing notice in a transparent manner at the time of collection or registration where appropriate. If asked by the police, or any other regulatory or government authority investigating suspected illegal activities, we may need to provide your personal data.

Marketing communications 

If you choose to hear from us we may send you information and updates. We’ll only send these to you if you agree to receive them and we will never share your information with companies. However, if you tell us you don’t want to receive marketing communications, then you may not hear about events or other work we do that may be of interest to you.

We may sometimes use third parties to capture some of our data on our behalf, but only where we are confident that the third party will treat your data securely, in accordance with our terms and inline with the requirements set out in  the GDPR.

 

How can I change my contact preferences? 

Please email preferences@dayworthpackaging.co.uk    

 

Retail sales

We process customer data in order to fulfil orders. Your data will be used to communicate with you throughout the process, including to confirm we’ve received your order and payment, to confirm dispatch, to clarify where we might need more detail to fulfil an order or booking, or to resolve issues that might arise with your order or booking.

Recruitment and employment 

In order to comply with our contractual, statutory, and management obligations and responsibilities, we process personal data, including ‘sensitive’ personal data, from job applicants and employees.  

Such data can include, but isn’t limited to, information relating to health, racial or ethnic origin, and criminal convictions. In certain circumstances, we may process personal data or sensitive personal data, without explicit consent. Further information on what data is collected and why it’s processed is given below.

Contractual responsibilities: Our contractual responsibilities include those arising from the contract of employment. The data processed to meet contractual responsibilities includes, but is not limited to, data relating to: payroll, bank account, postal address, sick pay; leave, maternity pay, pension and emergency contacts.

Statutory responsibilities: Our statutory responsibilities are those imposed through law on the organisation as an employer. The data processed to meet statutory responsibilities includes, but is not limited to, data relating to: tax, national insurance, statutory sick pay, statutory maternity pay, family leave, work permits, equal opportunities monitoring.

Management responsibilities: Our management responsibilities are those necessary for the organisational functioning of the organisation. The data processed to meet management responsibilities includes, but is not limited to, data relating to: recruitment and employment, training and development, absence, disciplinary matters, e-mail address and telephone number.

Sensitive personal data

The Act defines ‘sensitive personal data’ as information about racial or ethnic origin, political opinions, religious beliefs or other similar beliefs, trade union membership, physical or mental health, sexual life, and criminal allegations, proceedings or convictions.  

In certain limited circumstances, we may legally collect and process sensitive personal data without requiring the explicit consent of an employee.

(a) We will process data about an employee’s health where it is necessary, for example, to record absence from work due to sickness, to pay statutory sick pay, to make appropriate referrals to the Occupational Health Service, and to make any necessary arrangements or adjustments to the workplace in the case of disability. This processing will not normally happen without the employee’s knowledge and, where necessary, consent.

(b) We will process data about, but not limited to, an employee’s racial and ethnic origin, their sexual orientation or their religious beliefs only where they have volunteered such data and only for the purpose of monitoring and upholding our equal opportunities policies and related provisions.

(c) Data about an employee’s criminal convictions will be held as necessary.

Disclosure of personal data to other bodies

In order to carry out our contractual and management responsibilities, we may, from time to time, need to share an employee’s personal data with one or more third party supplier. 

To meet the employment contract, we are required to transfer an employee’s personal data to third parties, for example, to pension providers and HM Revenue & Customs.

In order to fulfil our statutory responsibilities, we’re required to give some of an employee’s personal data to government departments or agencies e.g. provision of salary and tax data to HM Revenue & Customs.

Subject access rights

If you would like further information on your rights or wish to exercise them, please email us on: preferences@dayworthpackaging.co.uk

You will be asked to provide the following details:

  • The personal information you want to access;
  • Where it is likely to be held;
  • The date range of the information you wish to access

We will also need you to provide information that will help us confirm your identity. If we hold personal information about you. Once we have all the information necessary to respond to your request we’ll provide your information to you within one month.  This timeframe may be extended by up to two months if your request is particularly complex. 

What to do if you’re not happy

In the first instance, please talk to us directly so we can resolve any problem or query. You also have the right to contact the Information Commissions Office (ICO) if you have any questions about Data Protection. You can contact them using their help line 0303 123 113 or at www.ico.org.uk.

Cookies and links to third party websites

Cookies 

Cookies are small text files stored on your computer when you visit certain websites. We use first party cookies (cookies that we have set, that can only be read by our website) to personalise your online experience. We also use third party cookies (cookies that are set by an organisation other than the the owner of the website) for the purposes of website measurement and targeted advertising. You can control the use of cookies via your browser.

Links to other websites

Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we don’t accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites. This privacy policy applies solely to the personal data collected by Dayworth Packaging T/A Bags4Caddies.  

Keeping your information

We will only use and store your information for as long as it is required for the purposes it was collected for. How long it will be stored for depends on the information in question, what it is being used for and, sometimes, statutory legal requirements. 

How we secure your data 

We use encrypted systems and software to store your data. Access to your data is governed on a case-by-case basis and only appropriate staff and appropriate levels will have access to your information. We will never share your data without your content, and we take every effort to protect ourselves and our infrastructure from malicious threat.

Our staff complete mandatory information security and data protection training on employment and as legislation changes thereafter.

Disclosing and sharing information

We do not sell or share your personal information for other organisations to use.

Personal data collected and processed by us may be shared with the following groups where necessary:

  • Dayworth Packaging Ltd T/A Bags4Caddies employees
  • Third party cloud hosting and IT infrastructure and support providers who host the website and provide IT support for the business.

Also, under strictly controlled conditions:

  • Contractors
  • Service Providers providing services to us
  • Advisors
  • Agents

We may also disclose your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of use or cookie policy and other agreements; or to protect the rights, property, or safety of Dayworth Packaging T/A Bags4Caddies, our members, supporters and visitors. This includes exchanging information with other companies and organisations for the purposes of fraud protection.

Storage of information

Dayworth Packaging T/A Bags4Caddies operations are based in the UK and we store most of our data within the European Union (EU). Some of our systems are provided by US companies and whilst it is our policy that we prefer data hosting and processing to remain on EU-based solutions, it may be that using their products results in data transfer to the USA.  However we only allow this when we certain it will be adequately protected. (e.g. US Privacy Shield or Standard EU contractual clauses).  

Payment card Security

Dayworth Packaging T/A Bags4Caddies has an active PCI-DSS compliance programme in place. This is the international standard for safe card payment processes. As part of our compliance to this very stringent standard, we ensure that our IT systems do not directly collect or store payment card information; for example the full 16 digit number on the front of the card or the security code on the back.

Our online payment solutions are carried out using a 'payment gateway' (e.g. Stripe/Shopify/ PayPal|). This means that when you input card data into the payment page, you are communicating directly with the bank or payment provider, this means that your payment card information is handled by the bank and/or provider, and not processed or held by us.

CCTV

Our premises have Closed Circuit Television (CCTV) and you may be recorded when you visit.

CCTV is used to provide security and protect both our members and visitors and Dayworth Packaging T/A Bags4Caddies. CCTV will be only be viewed when necessary (e.g. to detect or prevent crime) and footage is stored for set period of time after which it is recorded over.  Dayworth Packaging T/A Bags4Caddies complies with the Information Commissioner’s Office CCTV Code of Practice and we put up notices so you know when CCTV is used. 

Changes to this privacy policy

We’ll amend this privacy policy from time to time to ensure it remains up to date and reflects how and why we use your personal data and new legal requirements. Please visit our website to keep up to date with any changes. The current version will always be posted on our website. 

This privacy policy was last updated on 4th April 2018.