This is the Website Privacy Policy of Sky Printers Ltd who is the data controller and responsible for your personal data (collectively referred to as Sky Printers, ‘we’, ‘us’ or ‘our’ in this privacy policy)

 

Our commitment to you:

We respect your privacy and remain committed to protecting your personal data.  this privacy policy will explain the way in which we collect, store and process the personal data you provide us over our website.  You should read this policy and any other privacy policies we provide when we collect your data, so that you fully understand the ways in which we process your data. All Sky Printer’s privacy policies are intended to supplement one another, not override each other.

The data we collect from you:

The personal data we would like to collect from you is as follows:

When you use our ‘contact us’ form via our website:

  • First name, surname, email address, contact telephone number.

Buy a product:

  • First name, Surname, email address, contact telephone number, billing address and postal address and delivery address

If you choose not to provide your data then we may not be able to offer key products and services to you.

How we process your data and our lawful bases:

We collect and process your data on the following lawful bases:

  • In the performance of a contract: this means we process your data when it is necessary for the performance of a contract with you, or to take steps, at your request, before entering into such a contract.
  • With legitimate interests: this means we process your data in the legitimate interest of our business in order that we may provide you the best service/product and the most secure experience.  We always consider and balance any potential impact on you and your rights before we process your personal data for our legitimate interests.

We will not use your personal data for activities where our interests are overridden by the impact on your (unless we have your consent or are otherwise required or permitted to by law).

You can obtain further information about how we assess our legitimate interests against any potential impact on you, in respect of specific processing activities, by contacting our Data Protection Officer on the details provided in this privacy policy.

In any instance where we’re processing your data based on legitimate interests, you still have the right to object to your data being processed in that manner.  To do this, please contact our Data Protection Officer.

  • To comply with legal or regulatory obligation: this means processing your personal data where it is necessary for compliance with a legal or regulatory obligation.
  • With your consent: this means we’ve asked for your explicit consent to process your data in a certain way, and you’ve provided it.

Purpose limitation:

We will only use your personal data for the purposes we originally collected it.  This is unless we need it for another reasons that we believe is compatible with why we originally collected your data.

Who we share your data with:

  • External parties who are engaged so that our business can function properly. These parties included couriers who we use to deliver our product to you, professional advisors, including lawyers, banks, auditors, insurers, IT service providers, contractors and companies who assist with our marketing.
  • HM Revenue & Customs, regulators and other UK authorities as required by law

We require all third parties to respect the security of your personal data and to treat it in accordance with the law.  We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

Your rights:

We fully support your rights.  If you ever feel this is not the case, please contact our Data Protection Officer or the Information Commissioner’s Office to discuss the matter further.

At any point you can exercise your:

  • Right of access – contact us for a copy of the data we hold about you.
  • Right of rectification – let us know if the data we hold is out of date or inaccurate and we will update it,
  • Right to be forgotten – if you no longer want to use our services, please contact us and we will delete all related data where we are able to.
  • Right to restrict processing – we only ever collect the data we need and actively ensure we never collect anything over and above that we need.
  • Right of portability – we will support reasonable requests to transfer your data to another organization should you require it.
  • Right to object to automated decision making and profiling – we do not currently use any automated profiling of any description. In the event you are ever unhappy with the way we are processing your data, please contact our Data Protection Officer.

Data Security:

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed.  In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are required to do so.

Data retention:

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.

When determining the appropriate retention period for personal date we consider:

  • the amount, nature and sensitivity of the personal data;
  • the potential risk posed to you by unauthorized use or disclosure of the data;
  • the purposes for which we process it;
  • any applicable legal requirements; and
  • whether we can achieve those purposes through other means.

Details of retention periods relating to your personal data can be requested from our Data Protection Officer.  In some circumstances you can ask us to delete your data.

In some circumstances we will anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes.  In these instances, we are able to use this information indefinitely without further notice to you.

Automated Decision Making:

We do not make any decisions about you based on the automated processing of your personal data.

Subject Access Requests:

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable admin fee if your request is clearly unfounded, repetitive or excessive.  Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).  This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.  We may also contact you to ask you for further information in relation to your request to speed up our response.

We try to respond to all legitimate requests within one month.  Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests.  In this case, we will notify you and keep you updated.

Complaints:

To exercise all relevant rights, queries or complaints in relation to this policy or any other data protection matter between you and us, please in the first instance contact our dedicated Data Protection Officer.