Horsebox Hospital Privacy Policy
This privacy policy sets out how Horsebox Hospital uses and protects any information that you give us, when you use this website.
We are committed to ensuring that your privacy is protected. Any personal data we ask you to provide, will only be used in accordance with this privacy statement.
This policy may change by updating this page. Please check this page to ensure that you are happy with any changes. This policy is effective from 02/05/2018.
This Privacy Policy covers:
- General Data Protection Regulation (GDPR)
- What information we collect and why we collect it.
- How we use that information.
- The choices we offer, including how to access and update information.
- Legislation
- Who are we?
I am Chris Ratter acting as Horsebox Hospital a company providing mechanical services to horseboxes and other vehicles to customers in the UK and very occasionally further afield.
I am a Sole Trader and the registered address is: Hulse House Farm, Hulse Lane, Lach Dennis, Cheshire CW9 7TF
- What information do we collect? How is it collected? Why do we collect it?
2.1 Sensitive Data
We do not gather sensitive personal data (e.g. health, genetic, biometric data; racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sexual orientation, and criminal convictions). We expressly request that you do not provide any such sensitive data to us.
2.2 Our Third Party Data Processors
We will not sell or rent your information to third parties.
We will not share your information with third parties for marketing purposes.
Name | What | Legal Ground | Purpose | 3rd Parties | Data Retention |
Prospect, client & supplier contact information | Contract | To allow initial and ongoing contact with prospects, clients, suppliers, etc. | Best Web Hosting | Until request for deletion. | |
Invoicing | Client & supplier purchase history & contact info. | Legal obligation | For invoicing | Sage | Indefinitely, for on-going invoicing and accounting records |
Server Logs | IP address | Legal obligation | To help prevent DoS (Denial of Service) attacks; for website security and diagnostics. | BestWeb Hosting | Server logs are stored encrypted indefinitely and only accessible by Catalyst2 |
Website Backup | Backup of website Database | Legal obligation | Database backup to ensure business continuity in the event of server failure. | Dropbox | Up to 12 months |
As mentioned in section 2, we use several 3rd party services to help us fulfil our contractual obligations – for example Dropbox is used to store back ups of websites. These 3rd party services are listed in full below; we have verified that these 3rd party services are GDPR compliant (or are working towards GDPR compliance). Each of these has their own Privacy Policy, which can be found here:
- Dropbox (Privacy Policy)
- Sage
2.3 Details
The above table outlines the personal data we collect and for what purpose. The table also outlines the 3rd parties the data is processed by or shared with, and how long the data is stored for.
- Controlling your information
You have certain rights concerning the information we hold about you, as defined under the General Data Protection Regulation. If you wish to exercise these rights, please contact me, including your email address in the first instance (this is the unique identifier we use to identify and collate personal information).
3.1 Requesting a copy of your information
You may request a copy of any data we hold about you.
3.2 Updating or correcting your information
The accuracy of your information is important to me. If you change email address, or any of the other information we hold is inaccurate or out of date, please contact us so we can update my records.
3.3 Deleting your information
You have the right to request erasure of your personal information. Unless there is a compelling reason for the data not to be erased (for example, if we need to use that data to fulfil contractual or legal obligations), your personal data will be deleted on request.
3.4 Automated decision making
We do not use any personal information for automated decision making or profiling; your data is not subject to automated decision making or profiling.
- Use of ‘cookies’
Like many other websites, the Horsebox Hospital website uses cookies. Cookies are small pieces of information that are stored on your computer or mobile device when you visit a website.
The cookies we use are ‘1st party’ cookies. We don’t use any ’3rd party’ cookies (these are often used to track behaviour across a range of websites, so targeted advertising can then be applied.)
By using and browsing the Horsebox Hospital website, you consent to cookies being used in accordance with this Policy.
If you do not consent, you must turn off cookies or refrain from using the site. Most browsers allow you to turn off cookies. To do this, look at the ‘help’ menu on your browser. Switching off cookies should not noticeably restrict your use of this website.
- Data Breaches
Where appropriate, Horsebox Hospital will promptly notify you of any unauthorised access to your personal information.
- Complaints
If you wish to raise a complaint on how we have handled your personal information, you can contact us directly and we will investigate the matter.
If you are not satisfied with the response or believe we are processing your personal information not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).
7 Changes to Our Privacy Policy
Our Privacy Policy may change overtime, due to changes in legislation. We recommend that you check this page for any policy changes in future. Below is a list of changes made and when they came into effect.
7.1 Change Log
09/05/18
- Privacy policy instigated