This privacy notice provides you with details of how we collect and process your personal data through your use of our website including any information you may provide through our site when you purchase a product or service, sign up to our newsletter or take part in a prize draw or competition.
By providing us with your data, you warrant to us that you are over 13 years of age.
Eurofins E&E Hursley Limited is the data controller and we are responsible for your personal data (referred to as “we”, “us” or “our” in this privacy notice).
Eurofins E&E Hursley Limited may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.
This policy is effective from 22nd May 2018
Our full details are:
Eurofins E&E Hursley Limited
Telephone: 0330 430 3456
with company number 03301279
Whose registered address is:
Eurofins E&E Hursley Limited
i54 Business Park
and whose operating address is:
Eurofins E&E Hursley Limited
If you are not happy with any aspect of how we collect and use your data, you have the right to complain to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We should be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.
The information contained in this website is for general information purposes only. The information is provided by Eurofins E&E Hursley Limited and whilst we endeavour to keep the information up-to-date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.
In no event will we be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with the use of this website.
Through this website you are able to visit links to other websites which are not under the control of Eurofins E&E Hursley Limited . We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.
Every effort is made to keep the website up and running smoothly. However, Eurofins E&E Hursley Limited takes no responsibility for and will not be liable for the website being temporarily unavailable.
Along with our business and internal IT systems, this website is designed to comply with the following national and international legislation with regards to data protection and user privacy:
- UK Data Protection Act 1988 (DPA)
- EU Data Protection Directive 1995 (DPD)
- EU General Data Protection Regulation 2018 (GDPR)
This site’s compliance with the legislation listed abovemeans that this site is likely to be compliant with the data protection and user privacy legislation set out by many other countries and territories as well.
Why we store your personal information
We require your information to understand your needs and provide you with a better service, particularly for the following reasons:
- Internal record keeping
- We may use the information to improve our products and services
- We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided
- From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone or mail. We may use the information to customise the website according to your interests.
What information do we collect about you?
Personal data means any information capable of identifying an individual. It does not include anonymised data.
We may process certain types of personal data about you as follows:
- Identity Data may include your first name, maiden name, last name, username, title and job title
- Contact Data may include your billing address, delivery address, email address and telephone numbers
- Financial Data may include your bank account and payment card details
- Transaction Data may include details about payments between us and other details of purchases made by you
- Technical Data may include your login data, internet protocol addresses, browser type and version, browser plug-in types and versions, time zone setting and location, operating system and platform and other technology on the devices you use to access this site
- Profile Data may include your username and password, purchases or orders, preferences, feedback and survey responses
- Usage Data may include information about how you use our website, products and services
Marketing and Communications Data may include your preferences in receiving marketing communications from us and our third parties and your communication preferences.
We may also process Aggregated Data from your personal data but this data does not reveal your identity and as such in itself is not personal data. An example of this is where we review your Usage Data to work out the percentage of website users using a specific feature of our site. If we link the Aggregated Data with your personal data so that you can be identified from it, then it is treated as personal data.
We do not collect any Sensitive Data about you. Sensitive data refers to data that includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data. We do not collect any information about criminal convictions and offences.
How we collect information about you
We collect data about you through a variety of different methods including:
- Direct interactions: You may provide data by filling in forms on our site (or otherwise) or by communicating with us by post, phone, email or otherwise, including when you:
- order our products or services;
- create an account on our site;
- subscribe to our service or publications;
- request resources or marketing be sent to you;
- enter a competition, prize draw, promotion or survey; or
- give us feedback.
- Third parties or publicly available sources: We may receive personal data about you from various third parties and public sources as set out below;
- Technical Data from the following parties:
- analytics providers such as Google based outside the EU;
- search information providers
- Contact, Financial and Transaction Data from providers of technical, payment and delivery services
- Identity and Contact Data from data brokers or aggregators
- Identity and Contact Data from publicly availably sources such as Companies House and the Electoral Register based inside the EU
- Information that you provide to us at meetings, conferences, exhibitions, seminars and training courses
Additional information that our websites collect
Our websites collect and use personal information for the following reasons:
Site visitation tracking
Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to determine the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google does not grant us access to this. We consider Google to be a third-party data processor.
We also use sampled session recording to improve the usability and user experience of this website.
Disabling cookies on your internet browser will stop these tools from tracking any part of your visit to pages within this website.
Contact forms and email links
Should you choose to contact us using the contact form on our Contact us page or an email link, that information will be sent to us via either SMTP or via a third-party data processor. If information is sent via a third-party data processor, it is not stored by them and is only used during transmission of that information to us.
We may store the information within our CRM or Email marketing system. If the information is stored within our email marketing system, you will not be sent transactional emails if you have unsubscribed to our marketing communications. Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the internet. The email content is then decrypted by our local computers and devices.
Email Newsletters & Marketing Communications
If you receive our marketing emails, the email address that you submit to us will be forwarded to MailChimpwho provide us with email marketing services. We consider MailChimpto be a third-party data processor (see below).
Your email address will remain within the Campaign Monitor database for as long as we continue to use the Campaign Monitor services for email marketing or until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal via email. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
We may use email marketing systems for transactional emails (i.e. information that you will receive in relation to products and services that you have purchased from us).
If you are under 16 years of age you MUST obtain parental consent before joining our email newsletter.
While your email address remains within the Campaign Monitor database, you will receive periodic newsletter-style emails unless you have unsubscribed from receiving them.
We may also contact you with other relevant information such as product updates or software releases that are pertinent to the products or services that you have purchased from us or from our distributors.
How we use your personal information
We will only use your personal data when legally permitted. The most common uses of your personal data are:
- Where we need to perform the contract between us
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests
- Where we need to comply with a legal or regulatory obligation
We may share data within the boundaries of our company or affiliated companies where this is appropriate and where it is within the limitations of the uses set out in this policy.
By providing your consent for us to use your data, you do so allowing us share basic information between Eurofins E&E Hursley Limited and any of its affiliates, including Eurofins York Ltd, Eurofins E&E ETC Limited and Eurofins E&E CML Limited (collectively, “Eurofins”).
We may also share the information you provide to us when you submit an enquiry or contact us for more information with other third parties where this is consistent with this policy and there is a contractual necessity for this to be done.
Purposes for processing your personal data
Set out below is a description of the ways we intend to use your personal data and the legal grounds on which we will process such data. We have also explained what our legitimate interests are where relevant.
|Purpose/Activity||Type of data||Lawful basis for processing|
|To register you as a new customer||(a) Identity (b) Contact||Performance of a contract with you|
|To process and deliver your order including: (a) Manage payments, fees and charges (b) Collect and recover money owed to us||(a) Identity (b) Contact (c) Financial (d) Transaction (e) Marketing and Communications||(a) Performance of a contract with you (b) Necessary for our legitimate interests to recover debts owed to us|
|To enable you to partake in a prize draw, competition or complete a survey||(a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications||(a) Performance of a contract with you (b) Necessary for our legitimate interests to study how customers use our products/services, to develop them and grow our business|
|To administer and protect our business and our site (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||(a) Identity (b) Contact (c) Technical||(a) Necessary for our legitimate interests for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise (b) Necessary to comply with a legal obligation|
|To deliver relevant content and advertisements to you and measure and understand the effectiveness of our advertising||(a) Identity (b) Contact (c) Profile (d) Usage (e) Marketing and Communications (f) Technical||Necessary for our legitimate interests to study how customers use our products/services, to develop them, to grow our business and to inform our marketing strategy|
|To use data analytics to improve our website, products/services, marketing, customer relationships and experiences||(a) Technical (b) Usage||Necessary for our legitimate interests to define types of customers for our products and services, to keep our site updated and relevant, to develop our business and to inform our marketing strategy|
|To make suggestions and recommendations to you about goods or services that may be of interest to you||(a) Identity (b) Contact (c) Technical (d) Usage (e) Profile||Necessary for our legitimate interests to develop our products/services and grow our business|
You will receive marketing communications from us if you have:
- requested information from us or purchased goods or services from us; or
- if you provided us with your details and ticked the box at the point of entry of your details for us to send you marketing communications; and
- in each case, you have not opted out of receiving that marketing
We will get your express opt-in consent before we share your personal data with any third party for marketing purposes other than with Eurofins E&E Hursley Limited and any of its affiliates, including Eurofins York Ltd, Eurofins E&E ETC Limited and Eurofins E&E CML Limited (collectively, “Eurofins”).
Where you opt out of receiving our marketing communications, this will not apply to personal data provided to us as a result of a product/service purchase, warranty registration, product/service experience or other transactions.
Change of purpose
If we need to use your personal data for a purpose unrelated to the purpose for which we collected the data, we will notify you and we will explain the legal ground for processing.
We may process your personal data without your knowledge or consent where this is required or permitted by law.
Third-party data processors
We use a number of third parties to process personal data on our behalf. These third parties have been carefully chosen and all of them comply with the legislation set out above.
The privacy policies and any other relevant information for this can be found using the links below:
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including Contact, Identity, Financial and Transaction Data) for six years after they cease being customers for tax purposes.
In some circumstances you can ask us to delete your data: see below for further information.
In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
Disclosures of your personal data
We may have to share your personal data with the parties set out below for the purposes set out in the table above:
- Other companies in the Eurofins Group who provide IT and system administration services and undertake leadership reporting
- Service providers who provide IT and system administration services
- Professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services
- HM Revenue & Customs, regulators and other authorities based in the United Kingdom and other relevant jurisdictions who require reporting of processing activities in certain circumstances
- Third parties to whom we sell, transfer, or merge parts of our business or our assets
We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.
Countries outside of the United Kingdom (UK) and European Economic Area (EEA) do not always offer the same levels of protection to your personal data, so European law has prohibited transfers of personal data outside of the EEA unless the transfer meets certain criteria.
Many of our third parties service providers are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Whenever we transfer your personal data out of the EEA, we do our best to ensure a similar degree of security of data by ensuring at least one of the following safeguards is implemented:
- We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission; or
- Where we use certain service providers, we may use specific contracts or codes of conduct or certification mechanisms approved by the European Commission which give personal data the same protection it has in Europe; or
- Where we use providers based in the United States, we may transfer data to them if they are part of the EU-US Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US
In certain circumstances, we may need to transfer data outside of the EEA to third-parties for contractual necessity and where none of the safeguards above are applicable. Where this is the case, the information transferred will be limited to that required for the contract to be completed and will be restricted to that which is essential for the purposes of the contract. This is consistent with Article 49 (Derogations for specific situations) of the GDPR.
We may request your explicit consent to the specific transfer. You will have the right to withdraw this consent at any time.
Your Legal Rights
Under certain circumstances, you have rights under data protection laws in relation to your personal data. These include the right to:
- Request access to your personal data
- Request correction of your personal data
- Request erasure of your personal data
- Object to processing of your personal data
- Request restriction of processing your personal data
- Request transfer of your personal data
- Right to withdraw consent
You can see more about these rights at https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/individual-rights/
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website.
Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement.