Privacy Policy

Introduction

Gary Harris Cycles is committed to all aspects of data protection and takes its duties seriously under GDPR legislation.

This privacy policy is designed to help you understand what information we collect, why we collect it and how you can update, manage and delete your information.

Effective 25th May 2018

Data Protection overview

GDPR describes how organisations must handle and store personal data. To comply with the law, personal information must be stored safely and not disclosed unlawfully.

Further information can be found at: https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/

Things you create or provide to us

When you use our services or purchase items you may provide us with contact details that are stored securely in our electronic database, including your name, contact details and details of bikes you own.

Information provided by others

We may be provided with your name and contact details by third party click and collect merchants you have used to fulfill purchase orders.

Information we collect as you use our services

As we carry out our services, notes are created and stored during the processing of a job and may include personal data collected (such as alternative contact details, availability, images of work done, and communications between parties). These assist with the completion of the work required and any warranty queries that may occur.

As with all internet servers, as you use our website, your IP address is stored along with standard information such as browser, screen resolution and operating system type.

Purposes for which we use and process your information and the grounds for doing so

We use your contact details to notify of updates to any orders or work you have commissioned or send queries regarding the work or order. We do this under a legitimate interest and contractual basis to provide regular communication about developments to the job or order and reduce unnecessary delays in obtaining authorisation to proceed with work or order.

We use your details for the purpose of managing bike and equipment hire and warranties. This is done under a contractual basis.

IP addresses are stored in server access logs for the purpose of detecting unauthorised use or attempts to breach our servers as required under GDPR as part of our data breach protection and detection policy.

Sharing of your information

We may share your data with other third parties where we are legally obliged to do so, or with a debt recovery agency.

None of the data we process is transferred outside of the EEA.

How long we keep your data

We only keep personal data as long as necessary and for the purposes it was collected.

While you hold a business interest with us, or have outstanding payments due, we will store your contact details and history of previous work.

Contact details relating to work carried out will be retained for the purpose of warranty claims. This is usually 12 months but may vary depending on the nature of the work carried out.

Personal data relating to financial transactions will be retained for 7 years for our tax records.

Managing and updating your information – your rights

You have the right to request a copy of the information we hold about you. If you would like a copy of some or all of the information we hold please contact us.

We want to ensure that your information is correct and up to date, so you are also entitled to ask us to update or remove information which you think is inaccurate.

You have the right to request that we remove your information from our records, or stop using it for particular purposes. We will do this wherever possible unless:

    It would prevent us providing a service to you and you still wish to receive the service

    Where we have a legal obligation to retain the information

    Where you have outstanding balances to be paid

    Other technical reasons that do not allow us to remove your data entirely

Keeping your personal data safe

We take the security of your data very seriously and employ several technical and organisational measures to protect your data from being accidentally lost, altered, or accessed in an unauthorised way.

Changes to the Policy

We review and update our policies regularly, and any update will be made available on our websites.