Our commitment to you
This privacy policy is issued by Safeaid Limited (trading as Signal) (“we”, “our” or “us”) and is addressed to individuals accessing and using our website and our services (“you”, “your”).
We understand the importance of trust in our relationships with you. We therefore take our legal responsibilities regarding your personal data as set out in the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended (PECR) very seriously.
Personal data is any information that identifies you, for example your name, your email address, phone number or IP address.
We want you to understand what personal information we may collect about you when you interact with Safeaid Limited via our website www.signalglobal.co.uk, or by contacting our colleagues via email or telephone.
Please read this privacy policy carefully as it contains important information about who we are, what personal data we collect and how we use it in connection with your interactions with us. It also contains details as to our obligations and your rights.
This privacy policy explains:
Who the Data Controller is;
What personal information we collect about you;
On what basis we use your personal information;
The activities for which we process your personal data;
How long we keep your personal information;
With whom we may share your personal information;
Information about international transfers;
How we protect your personal information;
Your rights regarding your personal information;
What to do if you don’t want to provide us with your personal information;
Methods to contact us if you have any concerns or questions;
Changes to this privacy statement from time to time.
Who is the Data Controller?
Safeaid Limited, with company number 08414761 and registered offices at 16 Arnside Road, Waterlooville, Hampshire, PO7 7UP, is the controller of your personal data.
We are registered as a Data Controller with the Information Commissioner’s Office (ICO) under registration number ZB072919.
What personal information do we collect?
We collect your personal information through your interaction with our colleagues by way of email and telephone, and specifically:
Trade customers when setting up an account on customer portal Mi365:
Identity Data: your full name, your organisation
Contact Data: your email address, your preferred contact number
Communications Data: your reason for the enquiry and any information provided by you in your message to us, this may include individual clothing sizes
Non-trade customers when placing an order:
Identity Data: your full name
Contact Data: your email/billing/delivery address, your preferred contact number
Financial Data: credit / debit card details to the extent that you choose to save your payment details online for future purchases
Communications Data: your reason for the enquiry and any information provided by you in your message to us, this may include individual clothing sizes.
All customers to receive, and confirm delivery of, an order:
Identity Data: your full name
Contact Data: your home address for personal delivery, your personal email address for order confirmation and your preferred mobile contact number to enable our appointed delivery service provider to provide you with delivery updates and to collect proof of delivery signatures from you.
In addition, for all interactions with our website we collect Technical Data such as device and online identifiers as set out in the Cookie Policy https://www.signalglobal.co.uk/cookie-policy .
On what basis do we use your personal information?
To collect, use, store and transfer your personal data, we have to ensure that there is a lawful basis for this. The individual lawful bases that may apply are set out below:
Consent: you have specifically given us permission, provided that we have informed you on what you are consenting to, that your consent is freely given and unambiguous;
Contractual obligations: we require your personal data for the performance of a contract (for example to send you goods purchased via the website);
Legitimate interests: we require your personal data to enable us to run our business, which we can only do where we have assessed that risk to your personal data is limited;
Compliance with legal or regulatory obligations applicable to us: it is important to us that we are able to comply with laws, regulations and guidance, as well as other valid requests or demands for data as set out here.
The activities for which we use your personal data as a Data Controller:
Our day-to-day operations (trade and non-trade customers)
Identity Data, Contact Data, and Communications Data
We have a legitimate interest to process this data to carry out our core business activities, which includes collecting your personal data to send you order confirmations and for our delivery service provider to send you updates and collect proof of delivery. We also rely on contractual obligations to fulfil the contracted goods deliveries and services and to send you statements and invoices. The transactions are typically on a business-to-business basis.
Financial transactions with customers
Financial Data
We rely on our contractual obligations to take payment from our customers. All our website financial transactions are handled through our payment services provider Windcave. You can review the Windcave privacy policy at https://sec.windcave.com/pxmi3/privacy-policy. We will share information with Windcave only to the extent necessary for the purposes of processing payments you make via our website, refunding such payments and dealing with complaints and queries relating to such payments and refunds. Financial Data (e.g. bank account / card details) provided by you via Windcave is not collected by Safeaid Limited, unless you use the option to save your payment details for future purchases.
Our day-to-day operations (suppliers)
Identity Data, Contact Data, and Communications Data
We have a legitimate interest to process this data to carry out our core business activities. We also rely on contractual obligations to fulfil the contract with our suppliers. The transactions are typically on a business-to-business basis.
Responding to your enquiries or requests for a quote submitted by you via our sales@signalglobal.co.uk email address.
Identity Data, Contact Data, and Communications Data
We have a legitimate interest to ensure that we can handle your request in a way that meets your expectations. We may also rely on our contractual obligations if your enquiry is in relation to a contract with us.
Recruitment
Identity Data, Contact Data, and Communications Data
We have a legitimate interest to ensure that the recruitment process is followed and that we can grow our business.
Marketing
Marketing Data
We may send marketing materials to you and process your marketing preferences on the basis of your consent or our legitimate interests. Please note that you can at all times unsubscribe from any of our newsletter that you have subscribed to by clicking the link at the bottom of the newsletter or by contacting: compliance@signalglobal.co.uk.
To customise, administer and improve our website, troubleshoot and analyse data of website visits
Technical Data
We have a legitimate interest to provide our website visitors with the best possible user experience.
To comply with valid requests from regulators or other official bodies of authority, and for litigation case management and evidentiary purposes.
All types of data as described above
To comply with our legal and regulatory obligations, including but not limited to HMRC and for our legitimate interests to manage legal proceedings and to defend us against possible civil claims or regulatory enforcement action.
We may need to share your personal data with members of our group and third parties in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency. In such cases information will be anonymised where possible and only shared where necessary.
Identity Data, Contact Data, Marketing Data, Communications Data
Depending on the circumstances:
To comply with our legal and regulatory obligations, including but not limited to the Companies Act 2006 and TUPE, as relevant.
In other cases, for our legitimate interests or those of a third party, i.e. to protect, realise or grow the value in our business and assets.
Protecting the security of systems and data
Technical Data
To comply with our legal and regulatory obligations, including but not limited to PECR.
We may also use your personal data to ensure the security of systems and data to a standard that goes beyond our legal obligations, and in those cases our reasons are for our legitimate interests or those of a third party, and to protect systems and data and to prevent and detect criminal activity that could be damaging for you and/or us.
Protecting our premises for the purpose of crime prevention by way of the use of Closed Circuit Television (CCTV)
Identity Data
We have a legitimate interest to ensure the safety and welfare of our colleagues and to protect the assets of our business.
How long will we keep your personal information?
We adhere to the principles of data avoidance and data economy. Therefore, we only store your personal data for as long as is necessary to achieve the purposes stated herein or as provided for by various storage periods provided for by law. After discontinuation of the respective purpose or expiration of these deadlines, the corresponding data will be routinely and in accordance with the statutory provisions blocked or deleted.
In connection with legal action or a regulatory investigation involving Safeaid Limited we will always keep your personal information for the period required by law and where we need to do so. Otherwise, we keep your personal information where you have contacted us with a question or request, for as long as necessary to allow us to respond to your question or request.
Taking into consideration all our legal obligations to retain information for contract, audit, regulatory and tax purposes, we also regularly review the length of time we retain your personal data and consider the purpose or purposes for which we hold it.
Sharing your personal information
We may share your personal data with any of our employees, officers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes as set out in this privacy policy.
In addition, where permitted or required by law, we may share your personal information with trusted third parties such as:
Professional advisers - Insurers, legal advisers
To enable us to resolve a claim made by you or in which you have been involved
Service providers - Payment processor Windcave, delivery service provider DPD
To enable us to process your payment for our goods and services; to enable us to send you the ordered goods.
Auditors - Annual statutory accounts auditor
To enable auditors to verify authenticity of information provided
Third parties in connection with re-organisation of our business - Prospective buyer
To share customer information to enable us to continue services during and after corporate transaction
Law Enforcement Authorities - Police
For any vital interest to address health concerns or to prevent crime
In the event that your personal data is shared with third parties, we ensure that this is shared safely and securely, and that it is limited to the personal data that is strictly required for the purpose.
Where you submit personal information for publication on our website, we will publish and otherwise use that information in accordance with the licence you grant to us.
We will not, without your express consent, provide your personal information to any third parties for the purpose of direct marketing.
International transfers
We are based in the United Kingdom (UK), and we typically do not transfer your personal data outside the UK and EEA.
Depending on computer systems utilised by third parties with whom your personal data may be shared from time to time, your personal data may be transferred to organisations and stored in countries outside of the UK or EEA. We have appropriate contractual arrangements in place with relevant third parties to ensure that in case of such transfers of your personal data to countries outside the UK or EEA, your personal data is protected to the same high standard as required under the UK GDPR and Data Protection Act 2018.
Protecting your personal information
We use a variety of technical and organisational security measures such as secure password- and firewall- protected servers to help protect your personal information from unauthorised access, use, disclosure, alteration or destruction in line with applicable data protection and privacy laws. All electronic communications between you and us via our website will be encrypted using SSL technology.
Before we share your personal information with third parties, we will put in place a written agreement which commits the third party to keep your information confidential, and to put in place appropriate security measures to keep your information secure.
In addition, we have relevant internal policies and procedures in place and our colleagues are aware and ensure that that your personal data is handled safely and securely.
Please note that the transmission to us of information via the internet or a mobile phone network connection may not be completely secure and any transmission is at your own risk.
You are responsible for keeping your password and user details confidential. We will not ask you for your password (except when you log in to the website).
Your rights regarding your personal information
You have several rights regarding the processing of your personal data. You have the right:
- To withdraw consent: If you have consented to receive email alerts from us with news and updates or have engaged in any other activity with us for which we have asked you for your consent, you have the right to withdraw your consent at any time. In respect of the news and update email alerts, you can withdraw your consent by using the “Unsubscribe” option in the email or you can contact us on compliance@signalglobal.co.uk to notify us of any withdrawal of consent.
- Of access to your personal data: You have a legal right to see a copy of the personal data that we keep about you, subject to certain exemptions.
- To rectify inaccurate or incomplete personal data: You can ask us to correct any data which is inaccurate or incomplete.
- Of erasure of your personal data: you can ask us to delete your personal information (with the exception of us being required to keep it to comply with a legal obligation).
- To restrict processing of your personal data: We will retain enough information to enable the restriction but will not process any further personal data, until and unless we lift the restriction (of which you will be informed).
- To object to processing of your personal data: you can stop or prevent us from using your data (in cases where we are using it with your consent or for our legitimate interests).
- To move, copy or transfer your personal data (data portability): Please contact us if you would like us to transfer your personal data electronically to another organisation.
Please note that the above-mentioned rights, with the exception of the right to withdraw your consent (in general) and to object to processing of your personal data (for the purpose of email alerts), are not absolute. Under certain conditions, we may refuse to comply with your request to exercise the above-mentioned rights. If we refuse your request, you will be informed of the reasons for refusal.
In accordance with applicable data protection legislation, we follow security procedures when we process your personal data. We may therefore request proof of your identity before disclosing certain information to you or acting on any rights requests.
We will respond to your rights request within one calendar month of receipt of all documents required to fulfil your request (for example valid ID). In cases where the request is complex or if you make several requests, we may require up to two additional months but we will ensure that we will inform you of this within the first month of a validly received rights request.
What if you do not want to provide us with your personal information?
Where you are given the option to share your personal information with us, you can always choose not to do so.
If you object to the processing of your personal information, or if you have provided your consent to processing and you later choose to withdraw it, we will respect that choice in accordance with our legal obligations. This could mean that you may be unable to make use of the services and products offered by us.
Complaints
You always have the right to lodge a complaint with the Information Commissioner’s Office (“ICO”) if you have any concerns with regard to the way in which we process your personal data. Their contact details can be found on their website www.ico.org.uk or by telephone: 0303 123 1113.
We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Contact Us
If you have any questions or requests regarding this privacy policy, or if you would like to exercise your rights, please contact Safeaid Limited using the contact information below:
16 Arnside Road, Waterlooville, Hampshire, PO7 7UP
Tel +44 (0)23 9225 4442
Email: compliance@signalglobal.co.uk
Updates to this privacy policy
This privacy policy was last updated on 7th August 2024 and may be amended again in whole or in part, at any time and without prior notice. You should review this Privacy Policy (including the Cookie Policy) regularly as we may amend it from time to time, and as you are bound by any changes we make to this policy from the date of the change. We will post any amendments on our website to keep you up to date.