Sargent-Disc Privacy Notice
PRIVACY NOTICE
1.
INTRODUCTION
1.1 This privacy notice (Privacy Notice) sets out the ways in which we, the
Sargent Disc Group comprised of the companies set out in paragraph 2 below
(we,us,our), collect and use your personal data (your personal information) in
connection with our business. It also explains what rights you have to access
or change your personal data.
1.2 Our website is not intended for children. We do not knowingly collect or
maintain the personal information of children under the age of 18. If you are
under the age of 18, please do not access our website at any time or in any
manner. We will take appropriate steps to delete the personal information of
persons under the age of 18.
2. ABOUT
US
2.1 We, the Sargent Disc Group, are comprised of the following
companies:
2.1.1 Sargent Disc Limited, a company registered in England under company
number 02020919, with its registered office at First Floor, St Johns House, 16
Church Street, Bromsgrove, B61 8DN
2.1.2 SD TEC Limited, a company registered in England under company number
04384725, with its registered office at First Floor, St Johns House, 16 Church
Street, Bromsgrove, B61 8DN;
2.1.3 SD Production Services Limited, a company registered in England under
company number 5040725 with its registered office at First Floor, St Johns
House, 16 Church Street, Bromsgrove, B61 8DN; and
2.1.4 Sargent Disc (Ireland) Ltd, a company registered in Ireland under the
company number 593567 with its correspondence address at Molyneux House, Bride
Street, Dublin 8, D08 C8CN.
2.2 You can contact us as follows:
FAO:
Scott Hardy, Chief Information Security Officer
Address:
Sargent-Disc Ltd, 5-7 Baring Road, Beaconsfield, Bucks HP9 2NB, UK
Email:
infosec@sargent-disc.com
Phone
number: +44 (0)1753 630300
3.
INFORMATION WE MAY COLLECT ABOUT YOU
3.1 Information that you provide to us.
3.1.1 We will collect any information that you provide to us when you:
(a) make an enquiry, provide feedback or make a complaint over the phone, by
email or on our website;
(b) submit correspondence to us by post, email or via our website;
(c) order products or services from our website;
(d) create an account to use the website;
(e) update your profile and other account details;
(f) subscribe to our newsletter and mailing lists;
(g) fill in a form, conduct a search, post content on the website, respond to
surveys, participate in promotions or use any other features of the website;
(h) submit reviews and comments on the website;
(i) register to and/or attend an event;
(j) submit a CV;
(k) submit an application to a job vacancy; and
(l)
attend an interview or assessment.
3.1.2 The information you provide to us will include (depending on the circumstances):
(a) Identity and contact data: title, names, addresses, email addresses and
phone numbers;
(b) Account profile data: if you’re registering for an account you may also
provide a username, password, job title/position, language preferences;
(c) Financial Data: If you are using the website to purchase products or
services, you will also provide payment details, which may include billing
addresses, credit/debit card details and bank account details;
(d) Transactional data: we will collect information related to your
transactions on the website, including the date and time, the amounts charged
and other related transaction details;
(e) Employment and background data: If you are submitting a job application,
you may also provide additional information about your academic and work
history, qualifications, skills, projects and research that you are involved
in, references, proof of your entitlement to work in the UK, your national security
number, your passport or other identity document details, your current level of
remuneration (including benefits), and any other such similar information that
you may provide to us;
(f) Survey data: from time to time we might ask if you would be willing to
participate in our surveys; if you agree, we will also collect any information
that you provide as part of that survey; and
(g) Sensitive information: If you are submitting a job application, you may
provide information about your race or ethnicity, religious beliefs, sexual
orientation, health and whether or not you have any disability.
3.2 Information we collect about you:
(a) Information contained in correspondence: We will collect any information
contained in any correspondence between us. For example, if you contact us
using a query button on our website or by email or telephone, we may keep a
record of that correspondence;
(b) Information transmitted on the website: We will collect information that
you upload or post to your website account and/or any correspondence or
interactions that you may have with other website users; and
(c) Website usage data and other technical data: We will also collect certain
information about how you use our website and the device that you use to access
our website, even where you have not created an account or logged in. This
includes your geographical location, device information (such as your hardware
model, mobile network information, unique device identifiers), the data
transmitted by your browser (such as your IP address, date and type of the
request, content of the request regarding the specific site, time zone
settings, access status/HTTP status code, volume of data transmitted, browser
type and version, language settings, time zone settings referral source, length
of visit to the website, date and time of the request, operating system and
interface) number of page views, the search queries you make on the website and
similar information. This information may be collected by a third-party website
analytics service provider on our behalf and/or may be collected using cookies
or similar technologies. For more information on cookies please read paragraph
6 below.
3.3 “Special categories” of particularly sensitive personal information require
higher levels of protection. Special categories of data include details about
your race or ethnicity, religious or philosophical beliefs, sex life, sexual
orientation, political opinions, trade union membership, information about your
health and genetic and biometric data. Depending on the circumstmances we
will also collect information about criminal convictions and offences as
described in more detail below.
3.4 We need to have further justification for collecting, storing and using
this type of personal information. We have in place an appropriate policy
document and safeguards which we are required by law to maintain when
processing such data. We process special categories of personal information in the
following circumstances:
3.4.1 In limited circumstances, with your explicit written consent;
3.4.2 where we need to carry out our legal obligations or exercise rights in
connection with employment;
3.4.3 where it is needed in the public interest, such as for equal
opportunities monitoring;
3.4.4 where it is needed in relation to legal claims or where it is needed to
protect your interests (or someone else’s interests) and you are not capable of
giving your consent; or
3.4.5 where you have already made the information public.
3.5 If you are an applicant or an employee, we will collect special categories
of information about:
3.5.1 your race, ethnicity, religious or philosophical beliefs and sexual
orientation for the purpose of our diversity and equal opportunities records
(on the basis that it is needed in the public interest, for equal opportunities
monitoring);
3.5.2 your health as necessary for the purpose of arranging your interview if
you are an applicant or supporting your needs and access to our workplace if
you are an employee (on the basis of your explicit consent if you are an
applicant and for compliance with our legal obligations or exercise of
employment rights if you are an employee); and
3.5.3 your criminal record for the purposes of completing background checks
necessary for you to be able to work with children to whom we provide some of
our courses (on the basis such processing is necessary for reasons of substantial
public interest under applicable laws).
3.6 Information we receive from third parties
3.6.1 In certain circumstances, we will receive information about you from
third parties. For example:
(a) Fraud detection agencies: where permitted or required by law, we may
receive information about you, including demographic data or fraud detection
information from third party service providers and/or partners who may be based
inside or outside the EU;
(b) Employers, recruitment agencies and referees: if you are a job applicant we
may contact your recruiter, current and former employers and/or referees, who
may be based inside or outside the EU, to provide information about you and
your application;
(c) Service providers: we will collect personal information from our website
developer, IT support provider, marketing services supplier and payment
services provider
(d) Website security: we will collect information from our website security
service partners, about any misuse to the website, for instance, the
introduction of viruses, Trojans, worms, logic bombs, website attacks or any
other material or action that is malicious or harmful;
(e) Social media plugins: we currently use social media plugins from providers
who are based both inside and outside the EU: Instagram Facebook, Twitter,
LinkedIn. By providing your social media account details you are authorising
that third-party provider to share with us certain information about you; and
(f) Publicly available sources: we currently use publicly available sourcesto
carry out identity and compliance checks.
3.6.2 We might also receive information about you from third parties if you
have indicated to such third party that you would like to hear from us.
4. HOW WE
USE INFORMATION ABOUT YOU AND RECIPIENTS OF YOUR INFORMATION
4.1 We will use your information for the purposes listed below either on the
basis of:
4.1.1 performance of your contract with us and the provision of our services to
you;
4.1.2 your consent (where we request it);
4.1.3 where we need to comply with a legal or regulatory obligation; or
4.1.4 our legitimate interests or those of a third party (see paragraph 4.3
below).
4.2 We use your information for the following purposes:
4.2.1 To provide access to our website: to provide you with access to our
website in a manner convenient and optimal and with personalised content
relevant to you including sharing your information with our website hosts and
developers (on the basis of our legitimate interest to ensure our website is
presented in an effective and optimal manner);
4.2.2 To register your account: when you sign up to use our website, we will
use the details provided on your account registration form (on the basis of
performing our contract with you);
4.2.3 To process and facilitate transactions with us: we will use your
information to process transactions and payments, and to collect and recover
money owed to us (on the basis of performing our contract with you and on the
basis of our legitimate interest to recover debts due);
4.2.4 Relationship Management: to manage our relationship with you, which will
include notifying you about changes to our terms of use or privacy policy, and
asking you to leave a review or take a survey (on the basis of performing our
contract with you, to comply with our legal obligations and on the basis of our
legitimate interests to keep our records updated and study how our website and
services are used);
4.2.5 User and customer support: to provide customer service and support (on
the basis of our contract with you or on the basis of our legitimate interests
to provide you with customer service), deal with enquiries or complaints about
the website and share your information with our website developer, IT
support provider, payment services provider as necessary to provide customer
support (on the basis of our legitimate interest in providing the correct
products and services to our website users and to comply with our legal
obgliations);
4.2.6 Prize draws, competitions and surveys: to enable you to take part in
prize draws, competitions and surveys (on the basis of performing our contract
with you and our legitimate interest in studying how our website and services
are used, to develop them and grow our business);
4.2.7 Recruitment:to process any job applications you submit to us, whether
directly or via an agent or recruiter including sharing this with our third
party recruitment agency (on the basis of our legitimate interest to recruit
new employees or contractors);
4.2.8 Marketing:to keep in contact with you about our news, events, insight
articles, new website features,products or services that we believe may
interest you, provided that we have the requisite permission to do so, and
sharing your information with our marketing services provider, Mailchimp
(either on the basis of your consent where we have requested it, or our
legitimate interests to provide you with marketing communications where we may
lawfully do so);
4.2.9 Advertising: to deliver relevant website content and advertisements to
you and measure or understand the effectiveness of the advertising we serve to
you (on the basis of our legitimate interests in studying how our
website/services are used, to develop them, to grow our business and to inform
our marketing strategy);
4.2.10 Analytics: to use data analytics to improve our website,
products/services, marketing, customer relationships and experiences (on the
basis of our legitimate interests in defining types of customers for our
website and services, to keep our website updated and relevant, to develop our
business and to inform our marketing strategy);
4.2.11 Suggestions and recommendations: to share your information with selected
third parties such as suppliers and partners, to enable them to contact you
with information about things that may interest you (where we have your consent
to do so);
4.2.12 Research: to carry out aggregated and anonymised research about general
engagement with our website (on the basis of our legitimate interest in
providing the right kinds of products and services to our website users);
4.2.13 Fraud and unlawful activity detection: to protect, investigate, and
deter against fraudulent, unauthorised, or illegal activity, including identity
fraud (on the basis of our legitimate interests to operate a safe and lawful
business or where we have a legal obligation to do so); and
4.2.14 Compliance with policies, procedures and laws: to enable us to comply
with our policies and procedures and enforce our legal rights, or to protect
the rights, property or safety of our employees and share your
information with our technical and legal advisors (on the basis of our
legitimate interests to operate a safe and lawful business or where we have a
legal obligation to do so).
4.3 Where we refer to using your information on the basis of our “legitimate
interests”, we mean our legitimate business interests in conducting and
managing our business and our relationship with you, including the legitimate
interest we have in:
4.3.1 personalising, enhancing, modifying or otherwise improving the services
and/or communications that we provide to you;
4.3.2 detecting and preventing fraud and operating a safe and lawful business;
and
4.3.3 improving security and optimisation of our network, sites and services.
4.4 Where we use your information for our legitimate interests, we make sure
that we take into account any potential impact that such use may have on you.
Our legitimate interests don’t automatically override yours and we won’t use
your information if we believe your interests should override ours unless we
have other grounds to do so (such as your consent or a legal obligation). If
you have any concerns about our processing please refer to details of “Your
Rights” in paragraph 9 below.
5. WHO WE
MIGHT SHARE YOUR INFORMATION WITH
5.1 In connection with the purposes and on the lawful grounds described above
and in addition to the recipients of your information as described above, we
will share your personal information when relevant with third parties such as:
5.1.1 Website users: Other website users who you use the website to transact,
communicate with and review, who may be based both inside and outside the EU;
5.1.2 Our service providers: Service providers we work with to deliver our
business, who are acting as processors and provide us with:
(a) website development and hosting services based in UK, Ireland and Germany;
(b) website analytics services based in Germany;
(c) software services, IT, system administration and security services based in
UK, Ireland and Germany;
(d) Marketing and advertising services (including the Google Adwords service ,
analytics providers (including Google Analytics and our marketing service
provider (Mailchimp) all of which are based in USA;]
(e) Social media plugin services including Instagram, Facebook, Twitter,
Linkedin, YouTube and Vimeo all of which are based in USA.
(f) payment services based in UK;
(g) identity verification, fraud prevention and detection services based in UK;
(h) banking services based in UK Legal services ,accountancy, auditing and
insurance services and other professional advisers based in the United Kingdom;
and
(i) recruitment service providers based in the United Kingdom.
(j) third party suppliers, where an enquiry is made for a good or service not
directly supplied by Sargent-Disc..
5.1.3 Corporate affiliates: the companies of Sargent Disc Group based in the UK
and Ireland;
5.1.4 Regulators and governmental bodies: HM Revenue & Customs, regulators,
governmental bodies and other authorities acting as processors or joint controllers
based in the United Kingdom, who require reporting of processing activities in
certain circumstances;
5.1.5 Marketing parties: any selected third party that you consent to our
sharing your information with for marketing purposes;
5.1.6 Prospective sellers and buyers of our business: any prospective seller or
buyer of such business or assets, only in the event that we decide to sell or
buy any business or assets; and
5.1.7 Other third parties (including professional advisers): any other third
parties (including legal or other advisors, regulatory authorities, courts, law
enforcement agencies and government agencies) based in the United Kingdom and
Ireland where necessary to enable us to enforce our legal rights, or to protect
the rights, property or safety of our employees or where such disclosure may be
permitted or required by law.
5.1.8 Our Parent company or group of companies (Cast & Crew LLC) who are
based in the U.S. and transfers to them are covered by Controller to Controller
agreements and by the controls detailed in section 9.
5.2 We require third parties to maintain appropriate security to protect your
information from unauthorised access or processing.
6.
COOKIES
6.1 We use cookies to ensure that you get the most out of our website. Cookies
are small amounts of information in the form of text files which we store on
the device you use to access our website. Cookies allow us to monitor your use
of the software and simplify your use of the website. For example, a temporary
cookie is also used to keep track of your “session”. Without that temporary
cookie (which is not stored after you quit your browser) you would have to log
on every time you access a new page.
6.2 If you do not wish for cookies to be installed on your device, you can
change the settings on your browser or device to reject cookies. For more
information about how to reject cookies using your internet browser settings
please consult the “Help” section of your internet browser (or alternatively
visit http://www.aboutcookies.org). Please note that, if you do
set your Internet browser to reject cookies, you may not be able to access all
of the functions of the website.
6.3 The names of the cookies used on our website and the purposes for which
these cookies are used are set out in the table below:
|
Cookie |
Purpose |
Type |
Duration |
|
|
ASP.NET_SessionId |
Used to |
Session |
Destroyed |
|
|
osCsid |
To |
Session |
Destroyed |
|
|
_ga |
Used to |
Google |
2 years |
|
|
_gat |
Used to |
Google |
10 |
|
|
_utma |
Used to |
Google |
2 years |
|
|
_utmt |
Used to |
Google |
10 |
|
|
_utmb |
Used to |
Google |
30 mins |
|
|
_utmc |
Not |
Google |
End of |
|
|
_utmz |
Stores |
Google |
6 |
|
|
lang |
Remembers |
Cdn.syndication.twimg.com |
Destroyed |
|
|
PHPSESSID |
To store |
Destroyed |
||
|
Gatgtag_UA_432280_1 |
Used by |
Sargent-disc.com |
Destroyed |
|
|
vuid |
Vimeo |
Vimeo |
2 years |
|
|
VISITOR_INFO1_LIVE |
Tries |
Youtube.com |
179 |
|
|
YSC |
Registers |
Youtube.com |
Destroyed |
|
|
PREF |
Registers |
Youtube.com |
8 |
|
|
Test-cookie |
Used to |
Doubleclick.net |
Destroyed |
|
|
IDE |
Used by |
doubleclick.net |
1 year |
|
|
NID |
The NID |
Google.com |
6 |
|
|
CONSENT |
Cookie |
cookieconsent.com |
365 |
|
6.4 Our website may contain content and links to other sites that are operated
by third parties that may also operate cookies. We don’t control these third
party sites or cookies and this Privacy Notice does not apply to them. Please
consult the terms and conditions and Privacy Notice of the relevant third party
site to find out how that site collects and uses your information and to
establish whether and for what purpose they use cookies.
7. HOW WE
LOOK AFTER YOUR INFORMATION AND HOW LONG WE KEEP IT FOR
7.1 We operate a policy of “privacy by design” by looking for opportunities to
minimise the amount of personal information we hold about you. We use
appropriate technological and operational security measures to protect your
information against any unauthorised access or unlawful use, such as:
7.1.1 ensuring the physical security of our offices and other sites;
7.1.2 ensuring the physical and digital security of our equipment and devices
by using appropriate password protection;
7.1.3 maintaining a data protection policy for, and delivering data protection
training to, our employees; and
7.1.4 limiting access to your personal information to those in our company who
need to use it in the course of their work.
7.2 We will retain your information for as long as is necessary to provide you
with the services that you have requested from us or for as long as we
reasonably require to retain the information for our lawful business purposes,
such as for the purposes of exercising our legal rights or where we are
permitted to do. We operate a data retention policy and look to find ways to
reduce the amount of information we hold about you and the length of time that
we need to keep it. For example,
7.2.1 we archive our email and paper correspondence regularly and destroy
information when no longer required;
7.2.2 we retain information relating to orders, refunds and website user
queries until it is no longer required;
7.2.3 we maintain a suppression list of email addresses of individuals who no
longer wish to be contacted by us. So that we can comply with their wishes we
must store this information permanently.
8. HELP
KEEP YOUR INFORMATION SAFE
8.1 You can also play a part in keeping your information safe by:
8.1.1 choosing a strong account password and changing it regularly;
8.1.2 using different passwords for different online accounts;
8.1.3 keeping your order references and passwords confidential and avoiding
sharing your login with others;
8.1.4 making sure you log out of the website each time you have finished using
it. This is particularly important when using a shared computer;
8.1.5 letting us know if you know or suspect that your account has been
compromised, or if someone has accessed your account without your permission;
8.1.6 keeping your devices protected by using the latest version of your
operating system and maintaining any necessary anti-virus software; and
8.1.7 being vigilant to any fraudulent emails that may appear to be from
us. Any emails that we send will come from an email address ending in
‘@sargent-disc.com’.
9.
INTERNATIONAL TRANSFERS OF YOUR INFORMATION
9.1 Our company is located in the UK.
9.2 Our servers are situated in the UK and Germany and all of the data we
collect though our site or when you correspond with us is stored on these
servers.
9.3 Some of our external third parties are based outside the European Economic
Area (EEA) so their processing of your personal data will involve a transfer of
data outside the EEA.Whenever we transfer your personal data out of the EEA, we
ensure a similar degree of protection is afforded to it by ensuring at least
one of the following SSL, TLS transfer solutions are implemented:
9.3.1 We will transfer your personal data to countries that have been deemed to
provide an adequate level of protection for personal data by the European Commission:
Adequacy of the protection of personal data in non-EU countries;
9.3.2 Where we use certain service providers in countries other than
those in 9.3.1, we may use specific contracts approved by the European
Commission which give personal data the same protection it has in Europe. For
further details, European Commission:
Model contracts for the transfer of personal data to third countries; and
9.3.3 Where we use providers based in the US, we may use the specific contracts
described in 9.3.2 or we may transfer data to them if they are part of the
Privacy Shield which requires them to provide similar protection to personal
data shared between the Europe and the US. For further details, see European Commission:
EU-US Privacy Shield.
9.4 The countries outside of the EEA to which we may transfer your personal
information are the USA and Canada.
9.5 Please contact us using the contact details at the top of this Privacy
Notice if you want further information on the specific mechanism used by us
when transferring your personal data out of the EEA.
10. YOUR
RIGHTS TO THE INFORMATION WE HOLD ABOUT YOU
10.1 You have certain rights in respect of the information that we hold about
you, including:
10.1.1 the right to be informed of the ways in which we use your information,
as we seek to do in this Privacy Policy;
10.1.2 the right to ask us not to process your personal data for marketing
purposes;
10.1.3 the right to request access to the information that we hold about you;
10.1.4 the right to request that we correct or rectify any information that we
hold about you which is out of date or incorrect;
10.1.5 in certain circumstances, the right to ask us to stop processing
information about you; and
10.1.6 the right to lodge a complaint about us to the UK Information
Commissioner’s Office (https://ico.org.uk/).
10.1.7 in addition to your right to lodge a complaint about us to the UK
Information Commissioner’s Office (https://ico.org.uk/), you will also be able to lodge
a complaint with the relevant authority in your country of work or residence;
10.1.8 the right to withdraw your consent for our use of your information in
reliance of your consent (refer to paragraph 4 to see when we are relying on
your consent), which you can do by contacting us using any of the details at
the top of this Privacy Notice;
10.1.9 the right to object to our using your information on the basis of our
legitimate interests (refer to paragraph 4 above to see when we are relying on
our legitimate interests) (or those of a third party)) and there is something
about your particular situation which makes you want to object to processing on
this ground;
10.1.10 the right to receive a copy of any information we hold about you (or
request that we transfer this to another service provider) in a structured,
commonly-used, machine readable format, in certain circumstances; and
10.1.11 the right to ask us to limit or cease processing or erase information
we hold about you in certain circumstances.
10.2 How to exercise your rights
10.2.1 You may exercise your rights above by contacting us using the details in
paragraph 2 of this Privacy Notice, or in the case of preventing processing for
marketing activities also by checking certain boxes on forms that we use to
collect your data to tell us that you don’t want to be involved in marketing or
by updating your marketing preferences via your account with us.
10.2.2 Please note that we may need to retain certain information for our own
record-keeping and research purposes. We may also need to send you
service-related communications relating to your website user account even when
you have requested not to receive marketing communications.
10.3 What we need from you to process your requests
10.3.1 We may need to request specific information from you to help us confirm
your identity and ensure your right to access your personal data (or to
exercise any of your other rights). This is a security measure to ensure that
personal data is not disclosed to any person who has no right to receive it. We
may also contact you to ask you for further information in relation to your
request to speed up our response.
10.3.2 From 25 May 2018, you will not have to pay a fee to access your personal
data (or to exercise any of the other rights). However, we may charge a
reasonable fee if your request is clearly unfounded, repetitive or excessive.
Alternatively, we may refuse to comply with your request in these
circumstances. We will try to respond to all legitimate requests within one
month. Occasionally it may take us longer than a month if your request is
particularly complex or you have made a number of requests. In this case, we
will notify you and keep you updated.
11.
SHARING DATA DIRECTLY WITH THIRD PARTIES
11.1 You might end up providing personal information directly to third parties
as a consequence of your interactions with our website and other services
offered by us. For example, your name and other personal information will be
shared with other website users when you correspond with them via the website,
or you may attend an event hosted by us where you communicate personal
information directly with other attendees. We are not responsible for how such
third parties use personal information provided by you.
11.2 Please be responsible with personal information of others when using our
website and the services available on it. We are not responsible for your
misuse of personal information, or for the direct relationship between you and
others when takes place outside of the website or our services.
12.
THIRD-PARTY LINKS
12.1 The website may include links to third-party websites, plug-ins and
applications. Clicking on those links or enabling those connections may allow
third parties to collect or share data about you. We do not control these
third-party websites and are not responsible for their privacy statements. When
you leave our website, we encourage you to read the privacy notice of every
website you visit.
13.
CHANGES TO THIS PRIVACY NOTICE AND YOUR DUTY TO INFORM US OF CHANGES
13.1 We may make changes to this Privacy Notice from time to time. We will post
any changes to our website, or and if we consider it to be appropriate we will
notify you of any material changes by e-mail. Any changes will come into effect
the next time you use the site after the changes have been notified.
13.2 It is important that the personal information we hold about you is accurate
and current. Please keep us informed if your personal information changes
during your relationship with us by updating your profile account information
or contacting us via the contact details at the top of this Privacy Notice.
This Privacy Notice was updated on 6th May 2022.