GDPR Compliant – Updated May 2018
Maintaining the privacy and security of your personal data is a priority for everyone at Amberstone Associates trading as Drive2us.com, and we are committed to handling this data fairly and legally at all times.
You may be aware that on 25th May 2018, the new General Data Protection Regulation (GDPR) comes into effect.
Your privacy is of the highest importance to us, and as such we promise never to release your personal details to any third party for mailing or marketing purposes.
When you make a purchase from our website, we will collect certain personal information from you (for example: your name, email address, payment address and details). All such information is held on secure servers. Amberstone Associates Limited trading as Drive2us.com complies fully with all applicable Data Protection and consumer legislation, and we’ll treat all your personal information as fully confidential.
In order to serve you most efficiently, reputable third-party banking and distribution institutions handle our credit card transactions and order fulfilment eg: paypal or royal mail or worldpay. They receive the information needed to verify and authorise your payment and to process your order. All such organisations are under strict obligation to keep your personal information private.
You have the right to ask us not to process or use your personal data for marketing purposes. You can exercise this right at any time by unsubscribing or by emailing the data protection officer at firstname.lastname@example.org quoting security and privacy enquiry.
You also have a right to access the personal data that we hold on you. If you would like to see a copy please email the data protection officer at email@example.com quoting security and privacy enquiry. If you think the information we hold on you is incorrect please let us know immediately.
What information we collect
We will treat all your Personal Information as confidential. We will keep it on a secure server and will fully comply with the EU Data Protection Directive 2018.
When you register to receive our newsletter, or go all or part-way through the process of placing an order, or request information, you will be asked to provide certain information such as your name, e-mail address, billing address, delivery address, telephone number, and a password. If you are placing an order and are making a payment we will also require payment information, which will be processed by our payment processing merchant. We do not retain your credit or debit card details.
We or our third party providers may collect, information about where you are on the internet (eg the URL you came from, IP address, domain types like co.uk and com, your browser type, the country and telephone area code where your computer is located, the pages of our website that were viewed during your visit, the advertisements you clicked on, and any search terms that you entered on our website (“User Information”). We may collect this information even if you do not register with us.
How we use your information
We confirm that any personal information you provide to us, and any user information from which we can identify you, is held in accordance the EU Data Protection Directive 2018. We use your information only for the following purposes:
Processing your order
For statistical or survey purposes to improve our website and the services we offer.
To serve website content to you.
To administer our website.
If you consent, to notify you of products, services, promotions and new additions to our website that may be of interest to you.
You agree that you do not object to us contacting you for any of the above purposes and you confirm that you do not and will not consider any of the above as being a breach of any of your rights.
Your Personal Information will only be disclosed to reputable third parties who will help process your order. All such third parties are required to treat your personal information as fully confidential and to fully comply with all applicable Data Protection and consumer legislation.
You should be aware that if we are requested by the police or any other regulatory or government authority investigating suspected illegal activities to provide your Personal Information and /or User Information, we are entitled to do so.
Your personal data
The data we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us. Such staff maybe engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services.
By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with the EU Data Protection Directive 2018. All information you provide to us is stored on secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Third party websites
Our website may, from time to time, contain links to or from other websites, networks, advertisers and affiliates. If you follow a link, please note that these websites have their own privacy policies. We do not accept any responsibility or liability for 3rd party websites or their policies. Please check their privacy policies before you submit any personal data.
If you feel that your data has not been handled correctly, or you are unhappy with our response to any requests you have made to us regarding the use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.
You can contact them by calling 0303 123 1113 or go online to www.ico.org.uk/concerns
The EU Data Protection Directive ( 95/46/EC ) is a European Union directive adopted in 1995 which regulates the processing of personal data within the European Union. It is an important component of EU privacy and human rights law and becomes enforceable from 25 May 2018 superseding all older regional directives including the UK Data Protection Act 1998.