APF BUSINESS PRIVACY STATEMENT
Last Updated on 21st December 2022
This privacy statement (together with any other documents referred to in it) sets out the basis on which any personal data we collect from you or that you provide will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
APF Business will process your personal data, in the pursuit of our legitimate business interests (for example, providing services to our Customers and compliance with a contract), in compliance with the General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) (the “Regulation”), where applicable, the UK Data Protection Act (DPA) 2018, and the UK GDPR.
WHAT INFORMATION WE COLLECT, AND HOW
We may collect and manage the following data about you:
Information you give us. You may give us information about you by filling in forms on our website, by corresponding with us by phone, e-mail or otherwise, or by placing contractual business with us. The information you give us may include your name, address, e-mail address, phone number and details relevant to your specific interaction.
Information we may receive about you. Third-party companies with which you have a contractual relationship may provide your personal contact information to allow us to deliver services on their behalf.
Information we collect about you. When you visit any of our websites or portals, we may automatically collect the following information:
• Technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
• Information about your visit, including the full Uniform Resource Locators (URL) you visited; products and services you viewed or searched for; length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
Your preferences and use of e-mail updates are recorded by both website interaction and e-mails we send you (if you have provided us with your e-mail address). If you wish to receive communications from us, please tick the ‘Yes’ box when entering your personal details on the relevant form. You may unsubscribe later if you wish – see the ‘Your rights’ section below.
WHAT WE DO WITH YOUR INFORMATION
We use information held about you in the following ways:
Information you give us and information we may receive about you. We will use this information:
• To respond to any enquiries, you make regarding further details on our services or requesting any marketing literature.
• To respond to any enquiries you make or to engage with you concerning your employment or potential employment with APF Business or concerning you providing or potentially providing services to APF Business.
• to carry out our obligations arising from any contracts entered into between you and us and to provide you with the information and services that you request from us regarding APF Business’s legitimate business operations;
• to carry out our regulatory obligations;
• to provide you with information about other existing and new services we offer that we feel may be of interest to you;
• to notify you about changes to our services; and
• Ensure that content from our website is presented in the most effective manner for you and your computer.
Information we collect about you. We will use this information:
• To administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
• to improve our website to ensure that content is presented most effectively for you and your computer; as part of our efforts to keep our website safe and secure;
• to make suggestions and recommendations to you and other website users about services that may interest you or them.
SHARING YOUR INFORMATION
We may share your information with selected third parties where it is in the pursuit of our legitimate business interests, including:
Employees and service partners of APF Business, in order to provide or receive services to/from you or our customers or partners.
Analytics and search engine providers that assist us in the improvement and optimisation of our website;
We may also disclose your personal information to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal obligation or to protect the rights, property, or safety of APF Business or our employees and to protect the rights and freedoms of other data subjects.
WHERE WE STORE YOUR PERSONAL INFORMATION
APF Business makes use of Cloud-based IT systems and storage. APF Business also uses external partners to provide specific business services, such as HR administration and legal and accounting services. The data that we collect from you may, as a result, be transferred to, and stored at, a destination outside the UK. It may also include a destination outside the European Economic Area (“EEA”), where it may be processed by staff operating outside the EEA who work on our behalf.
By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and following this privacy statement and relevant UK legislation.
Once we have received your information, we will use strict procedures and security features to manage and protect your information under our Data Protection Policy and associated policies and procedures.
APF Business expects that its external suppliers will have their own data retention policies and will apply these to personal data held by them. APF Business reserves the right to audit its suppliers in this respect.
HOW WE DISPOSE OF YOUR PERSONAL INFORMATION
Your information will be stored by APF Business or relevant third parties only as long as it is needed or as required under the statute.
APF Business uses a variety of methods to delete personal data, including but not limited to manual deletion, system scripts, incineration or recycling/shredding/disposal of paper documents, and disposal of old/faulty company devices via certified IT Asset Disposal providers. The disposal of personal information and IT assets are governed by APF Business’s Data Destruction Policy.
APF Business’s nominated GDPR Owner will instruct process and data owners annually to review the personal data they are responsible for and to delete/dispose of it in line with the APF Business Data Protection Policy and Data Destruction Policy. Compliance with these policies is subject to internal and external audits.
Right to rectification – It is your right to have updates applied to your personal information by emailing precise details of your request to [email protected].
Right to object to processing – It is your right to change your mind and to stop receiving future marketing communications. To do this, e-mail [email protected] with “Unsubscribe” in the subject line, confirming which channels you wish to unsubscribe from (e-mail, telephone, post, ALL). We will then suppress your data from our direct marketing.
Right of erasure – Under certain circumstances, it is your right to have personal information deleted – for example, if the data was collected for a purpose that is no longer necessary or if we relied on your consent as the lawful basis for holding your data, and you withdraw this consent. It is also called the “right to be forgotten”. If you wish to exercise this right, you can request to do so by emailing your precise requirements to [email protected].
Right of access – It is your right to see a copy of the information we hold about you. It is also called a Data Subject Access Request. Simply e-mail [email protected] with your request.
Right to Restrict Processing – Under certain circumstances, it is your right to restrict the processing of your personal information, where you have a particular reason for wanting such a restriction. If you wish to exercise this right, you can request to do so by emailing your precise requirements to [email protected].
Right to Data Portability – You can request a copy of the personal data you provided to us in a structured, commonly used and machine-readable format. You also have the right to request that we provide a copy of such data directly to another data controller on your behalf. If you wish to exercise this right, you can request to do so by emailing your precise requirements to [email protected].
If you contact us to make any of the above requests, we will respond to you without delay and within 28 calendar days.
Under most circumstances, we will not charge a fee for responding to your request. If a fee may be applicable, we will notify you of this and explain the reasons.
All APF Business websites and portals are covered by this Privacy Statement and APF Business’s Data Protection Policy and associated policies. Any other websites our website may link to are subject to their policy, which may differ from ours.
CHANGES TO OUR PRIVACY STATEMENT
Any changes we may make to this privacy statement in the future will be posted on this page. Please check back frequently to see any updates or changes to this privacy statement
Questions, comments and requests regarding this privacy statement are welcomed and sent to [email protected] or APF Business Ltd, 72 Hopwood Road, Middleton, M24 6HY, by post.
MAKING A COMPLAINT
If you have any concerns about our use of your personal information, you can make a complaint to us at [email protected].
You can also complain to the ICO if you are unhappy with how we have used your data or responded to your query.
The ICO can be contacted at:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
APF Business is registered with the ICO as follows:
Organisation Name: APF Business Ltd
Reference number: ZB207394