Privacy Notice for our Customers
Workwear World Limited (“We”) are committed to protecting and respecting your privacy.
This Privacy Notice (together with our terms of use and any other documents referred to on it) explains how we process any personal data we collect from you, or that you provide to us.
Please read the following information carefully to understand our practices regarding personal data and how we’ll treat it. By using our website (www.pencarrie.com) you are accepting the content of this privacy notice.
For the purpose of the General Data Protection Regulation (GDPR), the data controller is:
Workwear World 441-445 Honeypot Lane Stanmore HA7 1JJ
If you have any questions regarding our GDPR processes, please contact us at the above address or by email: info@workwearworld.net
What information we may hold about you
We may collect and process the following data about you:
Information you give to us collected by
Filling in forms
Posting your profile on our website
Corresponding with us by phone*, email, post or otherwise
When does this happen?
When you register to use our website
When you subscribe to our service
When you open an account with us
When you participate in discussion boards or other social media functions on our website, or other third party social media platforms
When you enter a competition, promotion or survey
When you report a problem with our website
What sort of information does this include?
Your name, address, email address and phone number
Your financial and payment card information
Personal description, work history and photograph
Our lawful basis for processing this information is identified and recorded in our Information Asset Register.
Information we collect from you
We may collect information about how you’re interacting with Workwear World on each of your visits to our website. This helps us to improve your experience.
What sort of information may be collected?
Technical information, including:
o The Internet Protocol (IP) address used to connect your computer to the Internet
o Your login information, browser type and version
o Time-zone setting
o Browser plug-in types and versions
o Operating system and platform
Information about your visit, including:
o The full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time)
o Products you viewed or searched for
o Page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page
o Any phone number used to call our customer service number
Our lawful basis for processing this information is identified and recorded in our Information Asset Register.
Information we receive about you from other sources
We may receive information about you from other users of our website and from third parties such as our partners in our Subscriber Benefits Scheme.
Cookies
Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good online experience and also allows us to improve our website.
For detailed information on the cookies we use and the purposes for which we use them see our Cookie policy.
How will we use your information?
We use information held about you in the following ways:
Information you give to us
We’ll use this information to:
Carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us
Provide you with information about other services we offer that are similar to those that you have already purchased or enquired about
Provide you or permit selected third parties* (please see ‘Who do we share your information with?’ section below) to provide you information about goods or services we feel may interest you.
Notify you about changes to our service or other service-related information
Facilitate your access to and use of any of our Subscriber Benefits (whether provided by us or a third party)
*Where we permit selected third parties to use your data, we (or they) will contact you by electronic means only if you have consented to this by selecting the appropriate option when giving us your information.
Information we collect about you
We will use this information to:
Administer our website and for internal operations, data analysis, testing, research, statistical survey purposes and troubleshooting
Improve our website to ensure that content is presented in the most effective manner for you and your devices
Ensure that content from our website is presented in the most effective manner for you and your devices
Allow you to participate in interactive features of our service when you choose to do so
Help keep our website safe and secure
Measure or understand the effectiveness of marketing communications we serve to you and others, and to deliver you relevant and better marketing communications
Make suggestions and recommendations to you and other users of our website about goods or services that may interest you or them
Information we receive from other sources
We may combine this information with information you give to us and information we collect about you.
We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
Where will we store your personal data?
Most of the information you provide to us will be stored on our secure servers, any Payment Card Information (PCI) is stored with a secure third party and any PCI information given over the telephone will be obfuscated in the phone call recordings.
What about password security?
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Is information secure over the Internet?
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website. Any transmission is therefore at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
What about data going outside the European Economic Area?
If the data that we collect from you is transferred to, and stored at, a destination outside the European Economic Area (EEA), then we will take all steps reasonably possible to confirm with any third party involved that they are processing the data to the same standards so as to be compliant with the GDPR.
How long will we keep your personal data?
All Personal Data is stored in accordance with our Retention Policy. This means we’ll only keep it for as long as is necessary for the purpose for which it was collected.
When the Personal Data reaches the end of its retention period, it will be removed/deleted from our systems.
Some Personal Data will be stored beyond its initial retention period if it’s needed for any legal proceedings.
What rights do you have?
1. The right to be informed
You have the right to be informed about what Personal Information we process and how we do so. This Privacy Notice is one way in which we convey this information.
2. The right of access
You have the right to know what and have access to your Personal Information that we hold and process, you can get this access by submitting a Subject Access Request to us.
A Subject Access Request (SAR) would need to be raised in writing (by post or email), please see the ‘Contact’ section for where to send your SAR to.
In some circumstances we are not obliged to fulfil a request, for example if it is excessive. We would however write to you first to confirm this.
In some circumstances we can make a charge for fulfilling the request, for example if we have to incur particularly high administration costs. We would however write to you first to confirm this.
In some circumstances we can reject a request, we would however write to you first to explain why, and you would have the right to complain to the Regulatory Authority about that decision if you felt it was unjust.
3. The right to rectification
You have the right to have inaccuracies in your Personal Information rectified, please get in touch with us to request this if you are not able to do it from your account page.
4. The right to erasure (deletion)
You have the right to have your Personal Information erased, if we are holding it after the end of its retention period and there is no legal requirement for retaining it.
Please get in touch with us in writing to make your request.
We can refuse to erase the PI if it is needed for the exercise or defence of legal claims.
5. The right to restrict processing
You have the right to restrict the processing of your Personal Information if:
You contest the accuracy of the personal data and want to restrict the processing until accuracy of the personal data has been verified
You object to the processing (where it was necessary for the purpose of legitimate interests), and thus consideration needs to be given to whether the organisation’s legitimate grounds override yours
The processing is unlawful and you oppose erasure and request restriction instead.
If the personal data is no longer needed but you require the data to establish, exercise or defend a legal claim. If this data has been disclosed to a third party, then they will be informed [if possible and reasonable] of the restriction. Upon lifting the restriction, you (the Data Subject) will be informed.
7. The right to object
You have the right to object to:
Processing based on legitimate interests
Direct marketing on grounds relating to your particular situation
If you object, then we will stop processing the Personal Information for that purpose.
How do you change or withdraw your consent?
We keep a record of what you’ve opted into or unsubscribed from. If you’ve unsubscribed, please allow up to 28 days for the request to be implemented.
As a customer, you can change your Consent preferences in your Account page.
You can also submit a request to withdraw consent, in writing using the information in the ‘Contact’ Section of this Privacy Notice.
How do we keep your data secure when making changes?
We have a Data Privacy Impact Assessment (DPIA) process. This documents any risks to data privacy as well as any mitigating actions that may be appropriate, before any changes to processes or tools that could affect your personal data, are made.
How do we register personal data breaches?
We have a breach reporting process that we will follow in the event of a personal data breach being identified. This would document the key information and show whether we need to report it to the ICO, and/or you as a data subject.
Complaints
If you are unhappy with the way your data is being handled, please get in touch with us ( see the ‘Contact’ section ) and we will be happy to rectify any issues.
Changes to our privacy notice
Any changes we may make to our privacy notice in the future will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our privacy notice.