Privacy Policy

Introduction

Gary Harris Cycles is committed to all aspects of data protection and takes its duties seriously under GDPR legislation.

This privacy policy is designed to help you understand what information we collect, why we collect it and how you can update, manage and delete your information.

Effective 25th May 2018

Data Protection overview

GDPR describes how organisations must handle and store personal data. To comply with the law, personal information must be stored safely and not disclosed unlawfully.

Further information can be found at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/

Things you create or provide to us

When you use our services or purchase items you may provide us with contact details that are stored securely in our electronic database, including your name, contact details and details of bikes you own.

Information provided by others

We may be provided with your name and contact details by third party click and collect merchants you have used to fulfill purchase orders.

Information we collect as you use our services

As we carry out our services, notes are created and stored during the processing of a job and may include personal data collected (such as alternative contact details, availability, images of work done, and communications between parties). These assist with the completion of the work required and any warranty queries that may occur.

As with all internet servers, as you use our website, your IP address is stored along with standard information such as browser, screen resolution and operating system type.

Purposes for which we use and process your information and the grounds for doing so

We use your contact details to notify of updates to any orders or work you have commissioned or send queries regarding the work or order. We do this under a legitimate interest and contractual basis to provide regular communication about developments to the job or order and reduce unnecessary delays in obtaining authorisation to proceed with work or order.

We use your details for the purpose of managing bike and equipment hire and warranties. This is done under a contractual basis.

IP addresses are stored in server access logs for the purpose of detecting unauthorised use or attempts to breach our servers as required under GDPR as part of our data breach protection and detection policy.

Sharing of your information

We may share your data with other third parties where we are legally obliged to do so, or with a debt recovery agency.

None of the data we process is transferred outside of the EEA.

How long we keep your data

We only keep personal data as long as necessary and for the purposes it was collected.

While you hold a business interest with us, or have outstanding payments due, we will store your contact details and history of previous work.

Contact details relating to work carried out will be retained for the purpose of warranty claims. This is usually 12 months but may vary depending on the nature of the work carried out.

Personal data relating to financial transactions will be retained for 7 years for our tax records.