Custom Group Limited - (“CGL”, “we” or “us”) are committed to protecting and respecting your privacy and fully comply with the EU General Data Protection Regulations (GDPR).

For the purposes of the General Data Protection Regulation (GDPR), when we refer to “CGL”, “we” or “us”, we mean the Custom Group Ltd entity that acts as the controller of your information, - Custom Group Limited registered at Unit 8 The Ropewalk, Ilkeston, Derbyshire. DE7 5HX.

What this privacy policy covers

This Privacy Policy explains what personal information CGL collects from you, or that you provide to us, and how it will be used. CGL promises to respect any personal data you share with us, or that we get from other organisations and keep it safe. This Privacy Policy applies to CGL’s website www.custom-group.com and other interactions (e.g. customer enquiries, calls, emails etc.) you may have with CGL. Please read the following Privacy Policy carefully before continuing to access our sites and/or provide any personal data to us.

1. Information given to us or that we may collect

Information given to us

1.1 Information you give to us: If you contact us via phone, email, social media, our website or any other means we may keep a record of your information. This may include:-

1.1.2 Salutation, name, address, telephone number(s), email addresses, source of enquiry and employer.

Information collected by us

1.2 Information we collect about you: When visiting www.custom-group.com we may automatically collect and store information including:

1.2.1 Information about your visit, including the URL clickstream to, through and from our website, pages you viewed and products you searched for, downloads, response times and length of visits to certain pages.

1.2.2 Technical information, including the Internet Protocol (IP) address used to connect your device to the internet, your browser type and version, and your time zone setting.

1.3 When contacting us by telephone we may store Telephone log information, recording of call, your phone number, calling-party number, time and date of calls, forwarding numbers, and duration of calls.

1.4 We obtain information from our third-party credit reference agencies, credit insurers and fraud prevention agencies.

1.5 We obtain information from 3rd party project lead generation companies such as ABI / Glenigan

2. How we use cookies

2.1 Our website www.custom-group.com uses cookies to distinguish you from other users of our sites. This helps us to give you the best possible experience when you browse our sites, and also allows us to improve the design, layout and function aspects of our sites. By continuing to browse our sites, you’re agreeing to our use of cookies. For detailed information on the cookies we use and the purposes for which we use them, see our cookie policy https://www.custom-group.com/cookies

3. Lawful basis for processing

3.1 The GDPR only permits us to process your personal data to the extent that one of the lawful bases set out therein applies to that processing, including:-

3.2 Consent

In specific situations, we can collect and process your data with your consent. (For example, when you tick a box to receive email newsletters). When collecting your personal data, we’ll always make clear to you which data is necessary in connection with a particular service.

3.3 Contractual obligations

In certain circumstances, we need your personal data to comply with our contractual obligations (for example producing and storing an electrical test certificate)

3.4 Legal compliance

If the law requires us to, we may need to collect and process your data. (For example, keeping records of transactional data for HMRC).

3.5 Legitimate interest

In specific situations, we require your data to pursue our legitimate interests in a way which might reasonably be expected as part of running our business and which does not materially impact your rights, freedom or interests. (For example, we may use your purchase history to send you or make available personalised offers.)

Please contact us using the contact details set out below (see section 12 below) if you need details about the specific lawful basis on which we are relying on to process your personal data.

4. How we may use your information

4.1 We may collect, store and use your personal information:

4.1.1 To open an account with us and to manage, operate and maintain that account;

4.1.2 In case we need to check we have carried out your instructions correctly, to resolve issues and queries;

4.1.3 To provide you with information about our products and services that you request from us;

4.1.4 For the prevention and detection of fraud or other illegal or criminal activity;

4.1.5 To ensure we comply with all applicable laws and regulations;

4.1.6 To develop and improve our services, products and business;

4.1.7 To carry out statistical analysis, market research and testing;

4.1.8 For staff training purposes where we may monitor and record conversations;

4.1.9 To verify your identity and the other information you have provided to us, and (if relevant) the identity of your business associates;

4.1.10 To update the records we hold about you;

4.1.11 In connection with the processing, activities set out in this Policy.

5. Who we share your information with

5.1 We may share your information with various third parties, including:

5.2 Across the CGL group of companies, to ensure we can use your information as set out in section 4 of this Policy;

5.3 With the credit reference agencies, credit insurers and fraud prevention agencies (see item 6 below);

5.4 With suppliers and third-party data processors;

5.5 If we are unable to provide you with our products and services, and if you consent, with third-party business partners who may be in a position to provide a solution;

5.6 If we are under a duty to share your personal information in order to comply with any legal obligation;

5.7 With a third party who acquires all or part of our business, or to a successor in interest in the unlikely event of our insolvency, winding up or liquidation;

5.8 With third parties who process your personal information on our behalf who are only permitted to process your personal data in accordance with our instructions.

6. Credit reference agencies, credit insurers and fraud prevention agencies

6.1 We use credit reference agencies, credit insurers and fraud prevention agencies to make fair and informed decisions on whether to offer our products and services to you. This is standard procedure for most businesses providing credit account facilities.

6.2 We use them as part of our application process and ongoing monitoring on the account.

6.3 We do not perform a credit check on the individual, therefore a credit check footprint will not be left on your personal credit file. The credit reference agencies may, however, leave a footprint to show an agency has looked at your personal record.

6.4 If you breach the terms of your credit account we may have to report this to our credit insurers, who may pass this information to other organisations or credit reference agencies

6.5 If you give us false or inaccurate information or if we suspect fraud we may record this and may also pass this information to fraud prevention agencies and other organisations involved in crime and fraud prevention including law enforcement agencies.

6.6 We and other organisations may access and use this information in order to prevent fraud, money laundering or other criminal activity.

6.7 If you require any more information about our credit reference agencies and fraud prevention agencies, you can contact them directly:

6.7.1 Creditsafe, Bryn House, Caerphilly Business Park, Van Road, Caerphilly, CF83 3GR or call 02920 886 500 www.creditsafe.com

6.7.2 Coface, Egale 1, 80 St Albans Rd, Watford, Hertfordshire WD17 1RP call 0800 0856848 enquiries@cofaceuk.com

7. Where we store your information

7.1 We process data and store it primarily electronically on servers based at our Derbyshire headquarters, although small amounts of data are stored on hosted third party servers within the EEA. All servers have limited personnel access and are protected by multiple access controls and/or encryption. Some documents are also stored in paper format at our Derbyshire headquarters, which has secure access controls

7.2 We try to ensure that we do not send data outside the EEA, however, this is not possible in all cases. In relation to a very small number of our suppliers or data processors, the data that we collect from you may be transferred to, and stored at, a destination outside the EEA as well as processed by staff operating outside the EEA who work for them. However, by submitting your personal data, you consent to this transfer, storing or processing. We will ensure that suitable safeguards are in place before personal information is transferred outside the EEA and we will ensure that your data is treated securely.

7.3 We will do our best to protect your personal data, however, the transmission of information via the internet can never be 100% secure. We cannot guarantee the security of your data transmitted to us and so any transmission is at your own risk.

8. Data retention

8.1 Custom Group Ltd will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, tax or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us by contacting us at markj@custom-group.com

9. Your rights

9.1 Individuals from the European Economic Area and individuals located in the EEA have statutory rights in relation to personal data. Subject to any exemptions provided by law, you have the right to be informed, request access to information, as well as to seek to update, delete or correct this information, alongside the right to restrict processing, to object and request the portability of the data (i.e. requesting that we move, copy or transfer your personal information to another organisation). If you wish to exercise any of these rights, please contact us at markj@custom-group.com

9.2 The Act gives you the right to access personal information held about you through a subject access request.

9.3 There is no charge relating to this request, however, if the request is deemed as excessive and manifestly unfounded we may charge you a reasonable fee. We may also charge a reasonable fee if you request more than one copy of the information requested.

9.4 All requests to access your personal information we hold made in writing is a subject access request. Should you wish to access your personal information, please email markj@custom-group.com or send your request to ‘The Data Protection Officer’, Custom Group Ltd, Unit 8 The Ropewalk, Ilkeston, Derbyshire. DE7 5HX.

9.5 We will respond to your request within 30 days providing either;

9.6 All your personal information we hold or;

9.7 A request for a 2-month extension period allowing us to collate all of your personal information where requests are complex or numerous. We then have 2 months from the extension request date to provide all of your personal information we hold.

10. Accuracy of personal data

10.1 If at any time you believe that any personal data we are holding about you is inaccurate, out-of-date or incomplete, please notify us by emailing markj@custom-group.com as soon as possible. We will promptly correct or delete any data found to be incorrect or provide you with reasonable means to correct such data which we hold about you.

11. Changes to our privacy policy

11.1 Any changes we may make to our privacy policy in the future will be posted on our website.

11.2 Changes may also where appropriate, be notified to you by e-mail. Please check back frequently to see any updates or changes to our privacy policy.

12. Contacting us

12.1 Any questions, comments and requests regarding this privacy policy are welcomed and should be addressed to markj@custom-group.com

13. Complaints

13.1 If you are not satisfied with our response to any queries or complaints you raise with us or believe we are not processing your personal data in accordance with the Data Protection Laws you have the right to lodge a complaint at the Information Commissioner’s Office (www.ico.org.uk)/