We are company number 2056891 registered in Shropshire, England, United Kingdom.
Our registered office is at The Ditches Hall, Ellesmere Road, Wem, Shropshire, SY4 5TX, UK.
When you contact us for one of our products or services, we receive and store information you provide to us: We collect that information. This includes:
- Your name, email address, address and/or postal code, and telephone number. We collect this information in a number of ways, including when you call us for iur services, interact with our Customer Services, or participate in surveys or marketing promotions;
- We do not collect or store any personal banking or credit card details.
We collect automatically details of your interactions with Customer Service such as date, time and reason for contacting us, transcripts of chat conversations and, if you call us, your phone number;
We do not collect any personal data from you that we do not need in order to provide, oversee and improve this service to you.
Reason for collecting information
- We use information to provide, facilitate, analyse, administer, enhance and personalize our service delivery and support delivery efforts in accordance with our contractual obligations to you. For example, we use information to:
- Process your registration, your orders and your payments, and to communicate with you on these and other topics;
- Provide secure access to our services, manage your account and support quality monitoring;
- Determine your general geographic location to provide localized content, provide you with information we think will be relevant to your business, and help us quickly and efficiently respond to enquiries and requests;
- Analyse and understand our customers, improve our service and optimize product selection, and delivery;
- Communicate with you concerning our service, so that we can send you news, details about new features or content available on our services, and customer surveys;
- Measure the success of our marketing campaigns and to better understand our customers;
Processing of information
The personal data that we collect from you and process in relation to our services is processed by our staff in the UK. For the purposes of IT maintenance, this information is located on our servers within our offices.
We do not undertake any automated decision making on the basis of your personal information and third parties do not have access to your personal data unless the law allows them to do so and there is a reason for it. For example, if a maintenance contract is taken directly with the manufacturer via Stoneleigh, we have to provide site address, contact name, email address and a telephone number
Protection of the information
We take the security of your information very seriously. To oversee the effective and secure processing of your personal information and to safeguard against its loss, theft, and unauthorized access, use and modification, we operate comprehensive data protection and information security policies and procedures, which are certified to the international standards ISO 9001 and we are currently working towards ISO 27001, and we use reasonable administrative, logical and managerial measures.
We use multiple layers of firewalls, specialist devices to detect and prevent intrusion attempts, and encryption systems to ensure data is scrambled while being transmitted from system to system. We employ strong physical security policies to prevent physical access to our data centre. We perform regular system patching and use independent security specialists to perform penetration tests to reveal vulnerabilities in our systems and to enable them to be fixed proactively.
Unfortunately, however, no measures can be guaranteed to provide 100% security. Accordingly, we cannot guarantee the security of your information.
Sharing of Information
We disclose your information for certain purposes and to third parties, as described below:
Service Providers: We use other service providers (i.e. companies, agents or contractors) to perform services on our behalf or to assist us with the provision of services to you. For example, we engage service providers to provide infrastructure and IT services, to provide software to enable us administer our business, to process credit card transactions or other payment methods, to collect debts, to analyse and enhance data (including data about users’ interactions with our service), and to process and administer consumer surveys. In the course of providing such services, these service providers may have access to your personal information. We do not authorise them to use or disclose your personal information except in connection with providing their services to us.
Stoneleigh and its Service Providers may disclose and otherwise use your personal and other information where we or they reasonably believe such disclosure is needed to:
- Satisfy any applicable law, regulation, legal process, or governmental request;
- Detect, prevent, or otherwise address illegal or suspected illegal activities (including payment fraud), security or technical issues;
- Protect against harm to the rights, property or safety of Stoneleigh, its customers or the public, as required or permitted by law.
You may also choose to disclose your information in the following ways:
While using our services you may have opportunities to post certain information publicly and third parties could use the information you disclose;
Certain portions of our services may contain tools that give you options to share information by email and social or other sharing applications, using the clients and applications on your smart device and the recipients could use the information you disclose;
The only other times we will pass your details to anyone else would be if we are required to do so for fraud or other legal purposes.
When you register with us for one of our services, we will not sell or lease your personal information to third parties unless we have your permission or are required by law to do so.
Retaining personal data
We are required under UK tax law to keep our customers’ basic personal data (name, address, contact details) for a minimum of 6 years plus the current year after which time it will be destroyed. Your information that we use for marketing purposes will be kept with us until you notify us that you no longer wish us to retain this information.
You can request access to your personal information or correct or update inaccurate or out-of-date personal information we hold about you.
You can do this currently by telephone or email request. You may also request that we delete personal information we hold about you.
If you have given consent for your information to be used for certain purposes, such as informing you of related services and offers that may be of interest to you, you may withdraw that consent at any time.
To make requests, or if you have any other question regarding our privacy practices, please contact us at firstname.lastname@example.org
If you wish to raise a complaint on how we have handled your personal data, you can contact us and we will investigate the matter.
If you are not satisfied with our response or believe we are processing your personal data in a manner that is not in accordance with the law, you can complain to the Information Commissioner’s Office (ICO).