Personal Data Definition
The law defines “personal data” as any information that can be used to identify an individual.
Personal Data Held
The personal data Central Tyre holds about you relates to the data you input into the website including: your name, your address, your vehicle, your appointments, where your vehicle was seen and by whom, when and why your vehicle was seen, value spent, type of payment method used and relevant related comments.
Personal Data Storage
Central Tyre holds personal data in approved secure data centres within the EEA. Information is stored in a protected repository where data is collected from sectors of the Organisation and processed in line with the Company policies and current data laws.
Personal Data Usage
Where consent has been gained Central Tyre uses personal data whilst applying searches and algorithms to predict future business, identify business opportunities, marketing, assess risk factors etc., and under certain circumstances links that data to other in-house data sets.
Personal Data Reporting
Personal data is used to report on the performance of the Organisation including statistical information, customer satisfaction and audits.
Personal Data Legal Compliance
Personal data is collected, processed and stored in accordance with all current Data Regulations.
Where possible and practical, personal data is processed with the consent of the person concerned, however, there are times when there is a legal obligation, public interest or legitimate business interest in collating and processing personal data which overrides an individual’s wishes. Examples include for tax and law enforcement requirements.
1) Data Controller contact details
Central Tyre (Commercial) Limited, ETEL House, Avenue ~One, Letchworth Garden City, Hertfordshire, SG6 2HU
2) Data Protection Officer contact details
3) Purpose of the processing
Computerised searches of some or all of our records to identify vehicles that are due MOTs, warranty and service update, product (and safety) recalls and other bespoke conditions may mean your vehicles records are amongst those searched. This is known as “risk stratification” and sometimes carried out by linking our records with other records. The results of these searches are produced using approved and contracted services to provide the most appropriate advice, investigation opportunities and marketing communications.
4) Lawful basis for processing
The legal basis for this processing is:
5) Recipient or categories of recipients of the shared data
Appropriate data will be shared for processing only with those who have a legitimate and contracted business reason. Approved individuals have access to your personal and vehicle information applicable to fulfilling their roles.
6) Rights to object
You have the right to object to the processing where it might result in a decision being made about you. That right is based on implied consent under the Common Law of Confidentiality, Article 22 of GDPR (automated individual decision-making, including profiling)
You have the right to object to some or all of the information being shared under certain circumstances but the organisation have the overriding responsibility to comply with the law.
You should be aware that this is a right to raise an objection, which is not the same as having an absolute right to have your wishes granted in every circumstance.
7) Right to access and correct
You have the right to access the data about you that is being shared (subject access request) and have any inaccuracies corrected. The subject access request should be in writing (i.e. written word or email) and once the appropriate due diligence identification checks have been verified with the Data Protection Officer, collation of the information requested will be performed, redacted where appropriate and forwarded in a format agreed with the requestor in accordance with data law requirements.
8) Retention period
Data will be retained for active use during the processing of your contract and thereafter according to the organisations retention policy and data laws.
9) Right to make a query and or complaint.
Should you have a query and or complaint relating to the handling of your personal identifiable data, in the first instance please forward your concerns to:
Thereafter if you believe the Organisation has not addressed your complaint related to the management of your personal data you have the right to complain to the Information Commissioner’s Office, you can use this link https://ico.org.uk/global/contact-us/
or calling their helpline Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate)
Responsible Author: V.Penn
Version: 1 Date: May 2018