MS-RT Privacy Policy | MS-RT

MS-RT Privacy Policy

Who we are

Our website address is: http://www.ms-rt.com.

MS-RT understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all of our customers and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.

  1. 1.0 Information About Us

    MS-RT is a trading style of Edward Davies Commercials Ltd, Registered in England and Wales under company number 0388083 and registered address:

    Wentwood House
    Langstone Business Park
    Langstone
    South Wales
    NP18 2JD

    For any data related concerns please address communications to:

    Data Protection Officer
    MS-RT
    Mamhilad Park Estate, Pontypool,
    NP4 0HZ
    Email: dataprotection@ms-rt.com
  2. 2.0 What Does This Notice Cover?

    This privacy information explains how we use your personal data: how it is collected, how it is held, and how it is processed. It also explains your rights under the law relating to your personal data.

  3. 3.0 What is Personal Data?

    Personal data is defined by Data Protection law ( “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.

    Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information, such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

    The personal data that we use on this site including, online ordering, is set out in Part 5.0, below.

  4. 4.0 What Are My Rights?

    Under the GDPR, you have the following rights, which we will always work to uphold:

    • The right to be informed about our collection and use of your personal data.
    • The right to access the personal data we hold about you.
    • The right to have your personal data rectified if any data is inaccurate or incomplete.
    • The right to have data erased, i.e. you can request that we delete, shred, or otherwise dispose of any of your personal data that we have retained.
    • The right to restrict (i.e. prevent) the processing of your personal data.
    • The right to object to our using your personal data for a particular purpose.
    • The right to data portability. This means that you can ask for a copy of your personal data held by us to re-use with another service or business in many cases.
    • Rights relating to automated decision making and profiling. We do not use your personal data in this way.
    • Rights relating to automated decision making and profiling. We do not use your personal data in this way.

    Further information about your rights can also be obtained from the Information Commissioner’s Office or your local Citizens Advice Bureau.

    If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.

  5. 5.0 What Personal Data Do You Collect?

    Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).

    We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:

    • Identity Data includes name, username or similar identifier, title, date of birth and gender.
    • Contact Data includes billing address, delivery address, email address and telephone numbers.
    • Financial Data includes bank account and payment card details.
    • Transaction Data includes details about payments to and from you and other details of products and services you have purchased from us.
    • Technical Data includes IP address, your login data, browser type and version, operating system and platform and other technology on the devices you use to access this website.
    • Profile Data includes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
    • Usage Data includes information about how you use our website, products and services.
    • Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
  6. 6.0 How Do You Use My Personal Data?

    Under the GDPR, we must always have a lawful basis for using personal data. This may be because the data is necessary for our performance of a contract with you, because you have consented to our use of your personal data, or because it is in our legitimate business interests to use it. We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

    We have set out below, a description of the ways we may use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

    Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.

    Purpose/Activity, Type of data, Lawful basis for processing including basis of legitimate interest.

    1. 1. Purpose: To register you as a new customer.

      Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.

      Data Type: (a) Identity, (b) Contact

      Lawful Basis: Fulfilling a contract with you, Consent

    2. 2. Purpose: To manage how we work with other companies who provide services to our customers and to us.

      Data Type: (a) Identity, (b) Contact

      Lawful Basis: (a) Fulfilling a contract with you, (b) Consent (where you have requested a product/service or information), (c) Necessary for our legitimate interests (to keep our records up to date)

    3. 3. Purpose: To process and deliver your order including: (a) Manage payments, fees and charges, and (b) Collect and recover money owed to us.

      Data Type: (a) Identity, (b) Contact, (c) Financial, (d) Transaction, (e) Marketing and Communications

      Lawful Basis: (a) Fulfilling a contract with you, (b) Necessary for our legitimate interests (to recover debts due to us).

    4. 4. Purpose : To manage our relationship with you which will include:(a) Notifying you about changes to our terms or privacy policy, (b) Asking you to leave a review or take a survey.

      Data Type: (a) Identity, (b) Contact, (c) Profile, (d) Usage, (e) Marketing and Communications

      Lawful Basis: (a) Fulfilling a contract with you, (b) Necessary to comply with a legal obligation, (c) Performance of a contract with you, (d) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)

    5. 5. Purpose: To administer and protect our business and our website (including data analysis, testing, system maintenance, support, reporting and hosting of data)

      Data Type: (a) Identity, (b) Contact, (c) Technical

      Lawful Basis : (a) Necessary for our legitimate interests (for running our business, provision of administration and IT services), (b) Necessary to comply with a legal obligation

    6. 6. Purpose: To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you.

      Data Type: (a) Identity, (b) Contact, (c) Profile, (d) Usage, (e) Marketing and Communications, (f) Technical

      Lawful Basis: Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy)

    7. 7. Purpose: To use data analytics to improve our website, products/services, marketing, customer relationships and experiences.

      Data Type: (a) Technical, (b) Usage

      Lawful Basis: Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business and to inform our marketing strategy)

    8. 8. To make suggestions and recommendations to you about goods or services that may be of interest to you.

      Data Type: (a) Identity, (b) Contact, (c) Technical, (d) Usage, (e) Profile

      Lawful Basis: Necessary for our legitimate interests (to develop our products/services and grow our business)

    9. 9. Purpose: To register you as an applicant in relation to an interest in a job vacancy.

      Data Type: (a) Identity, (b) Contact

    Lawful Basis: (a) Consent (where you have registered an interest in a vacancy or information), (b) Necessary for our legitimate interests (to keep our records up to date)

    You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with any and all obligations under the GDPR and you will always have the opportunity to opt-out.

  7. 7.0 How Long Will You Keep My Personal Data?

    We will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected. By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax and legal purposes.

    Where we have obtained your personal information following a request for information, quotation or any information on any of our products or services, or in relation to vacancies we hold your personal information for 1 year unless we form a relationship with you (e.g. purchase of a product, parts, future employment)

  8. 8.0 How and Where Do You Store or Transfer My Personal Data?

    We do not generally transfer your data outside the European Economic Area (EEA). There may be instances where we or our third-party suppliers have cause to do so. This may be:

    To deal with a request, for example a request from a customer outside the EEA.

    When working with suppliers who provide services to us.

    If it is necessary to transfer information outside the UK and EEA, we will make sure it is protected in a similar way as in the UK and EEA. This is achieved by ensuring transfer is to a country with privacy laws with similar protection as EEA and UK or by putting in place contractual obligations which requires a recipient to protect it to the similar standards as the UK and EEA.

    The security of your personal data is essential to us and we will always strive to protect it. We take a number of important measures, including the following:

    Secure and restricted access to customer data.

    Secure paper record shredding and digital data removal.

  9. 9.0 Do You Share My Personal Data?

    We will share your personal information with third parties, within our corporate group, where required by law, where it is necessary to manage the working relationship with you or where we have a legitimate interest in doing so. We will not sell any of your personal data to any third parties for any purposes. We work closely with our vehicle network authorised dealers, manufacturers and third-party suppliers who fulfil business activities which necessitates the sharing of information. For example, we will share information with network authorised dealers where you enquire about a product through us. These organisations may use your information to provide you with information and to fulfil contracts you may enter into with them.

    We will share your personal information with third parties, within our corporate group, where required by law, where it is necessary to manage the working relationship with you or where we have a legitimate interest in doing so. We will not sell any of your personal data to any third parties for any purposes. We work closely with our vehicle network authorised dealers, manufacturers and third-party suppliers who fulfil business activities which necessitates the sharing of information. For example, we will share information with network authorised dealers where you enquire about a product through us. These organisations may use your information to provide you with information and to fulfil contracts you may enter into with them.

    We may from time to time disclose your information to third parties who handle services on our behalf including our bank, financial services providers, IT supplier, technology provider, legal, insurance and other professional advisers, agents, sub-contractors, credit reference agencies, marketing agencies and consultants.

    In some circumstances, we may be legally required to share certain personal data, if we are ever involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.

    We take steps to ensure that any third-party providers (including network authorised dealers) who handle your information comply with data protection legislation. We only disclose information that is necessary for them to provide a service that they undertake in accordance with a customer request.

  10. 10.0 How Can I Access My Personal Data?

    If you want to know what personal data we have about you, you can contact our Data Protection Officer for details of that personal data and for a copy of it (where any such personal data is held). This is known as a “subject access request”. All subject access requests should be made in writing and sent to the email or postal addresses shown in Part 11.

    There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests), a fee may be charged to cover our administrative costs in responding.

    We will respond to your subject access request within one month from the date the request is received. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request.

  11. 11.0 How Do I Contact You?

    To contact our Data Protection Officer about anything to do with your personal data and data protection, including to make a subject access request, please use the following details:

    C/O Data Protection Officer
    MS-RT
    Mamhilad Park Estate,
    Pontypool,
    NP4 0HZ
    Email: dataprotection@ms-rt.com
  12. 12.0 Cookies

    Cookies are tiny text files stored on your computer when you visit certain web pages.

    If you do not wish to enable cookies, you will still be able to browse the site and use it for research purposes. Most web browsers have cookies enabled but see Managing Cookies for help on how to turn them on or off, should you need to.

    If you would prefer not to accept cookies, most browsers will allow you to: (1) change your browser settings to notify you when you receive a cookie, which lets you choose whether or not to accept it; (2) to disable existing cookies; or (3) to set your browser to automatically reject any cookies. However, please be aware that if you disable or reject cookies, some features and services on our sites may not work as intended.

    Please note that cookies cannot harm your computer. We do not store personally identifiable information such as credit card details in cookies we create.

    We use cookies to:

    • Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third party services which track this information on our behalf.
    • We, along with third-party vendors such as Google, use first-party cookies (such as the Google Analytics cookies.

    Instructions for blocking or allowing cookies in popular web browsing software:

    • Internet Explorer
    • Firefox
    • Google Chrome
    • Apple Safari

    AboutCookies.org

  13. 13.0 Third Party Links

    Occasionally, at our discretion, we may include or offer third party products or services on our website. These third party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

  14. 14.0 Google

    We use Google Analytics (GA) on this website, no data stored in the GA data can identify you as an individual, it collects device data (operating software, screen resolution, browser type and other basic device information) and uses this to track device interaction on the site. This data is used to establish where improvements with site structure and services can be made. We will never share this data with any parties other than Google, whom are only involved as it is the data processor and hosts the platform by which we can access the data.

  15. 15.0 Changes to this Privacy Notice

    We may change this Privacy Policy from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection.

    Any changes will be made available via this page on the website, so please check regularly.

    What personal data we collect and why we collect it:

    • Comments

      When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

      An anonymised string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

    • Media

      If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

    • Contact forms

    • Cookies

      If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

      If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

      When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

      If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

    • Embedded content from other websites

      Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

      These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website