Horsebox Hospital Privacy Policy

This privacy policy sets out how Horsebox Hospital uses and protects any information that you give us, when you use this website.

We are committed to ensuring that your privacy is protected. Any personal data we ask you to provide, will only be used in accordance with this privacy statement.

This policy may change by updating this page. Please check this page to ensure that you are happy with any changes. This policy is effective from 02/05/2018.

This Privacy Policy covers:

  • General Data Protection Regulation (GDPR)
  • What information we collect and why we collect it.
  • How we use that information.
  • The choices we offer, including how to access and update information.
  1. Legislation

 

  1. Who are we?

I am Chris Ratter acting as Horsebox Hospital a company providing mechanical services to horseboxes and other vehicles to customers in the UK and very occasionally further afield.
I am a Sole Trader and the registered address is: Hulse House Farm, Hulse Lane, Lach Dennis, Cheshire CW9 7TF

  1. What information do we collect? How is it collected? Why do we collect it?

2.1 Sensitive Data

We do not gather sensitive personal data (e.g. health, genetic, biometric data; racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sexual orientation, and criminal convictions). We expressly request that you do not provide any such sensitive data to us.

2.2 Our Third Party Data Processors

We will not sell or rent your information to third parties.

We will not share your information with third parties for marketing purposes.

Name What Legal Ground Purpose 3rd Parties Data Retention
Email Prospect, client & supplier contact information Contract To allow initial and ongoing contact with prospects, clients, suppliers, etc. Best Web Hosting Until request for deletion.
Invoicing Client & supplier purchase history & contact info. Legal obligation For invoicing Sage Indefinitely, for on-going invoicing and accounting records
Server Logs IP address Legal obligation To help prevent DoS (Denial of Service) attacks; for website security and diagnostics. BestWeb Hosting Server logs are stored encrypted indefinitely and only accessible by Catalyst2
Website Backup Backup of website Database Legal obligation Database backup to ensure business continuity in the event of server failure. Dropbox Up to 12 months

As mentioned in section 2, we use several 3rd party services to help us fulfil our contractual obligations – for example Dropbox is used to store back ups of websites. These 3rd party services are listed in full below; we have verified that these 3rd party services are GDPR compliant (or are working towards GDPR compliance). Each of these has their own Privacy Policy, which can be found here:

 

2.3 Details

The above table outlines the personal data we collect and for what purpose. The table also outlines the 3rd parties the data is processed by or shared with, and how long the data is stored for.

 

  1. Controlling your information

You have certain rights concerning the information we hold about you, as defined under the General Data Protection Regulation. If you wish to exercise these rights, please contact me, including your email address in the first instance (this is the unique identifier we use to identify and collate personal information).

3.1 Requesting a copy of your information

You may request a copy of any data we hold about you.

3.2 Updating or correcting your information

The accuracy of your information is important to me. If you change email address, or any of the other information we hold is inaccurate or out of date, please contact us so we can update my records.

3.3 Deleting your information

You have the right to request erasure of your personal information. Unless there is a compelling reason for the data not to be erased (for example, if we need to use that data to fulfil contractual or legal obligations), your personal data will be deleted on request.

3.4 Automated decision making

We do not use any personal information for automated decision making or profiling; your data is not subject to automated decision making or profiling.

  1. Use of ‘cookies’

Like many other websites, the Horsebox Hospital website uses cookies. Cookies are small pieces of information that are stored on your computer or mobile device when you visit a website.

The cookies we use are ‘1st party’ cookies.  We don’t use any ’3rd party’ cookies (these are often used to track behaviour across a range of websites, so targeted advertising can then be applied.)

By using and browsing the Horsebox Hospital website, you consent to cookies being used in accordance with this Policy.

If you do not consent, you must turn off cookies or refrain from using the site. Most browsers allow you to turn off cookies. To do this, look at the ‘help’ menu on your browser. Switching off cookies should not noticeably restrict your use of this website.

  1. Data Breaches

Where appropriate, Horsebox Hospital will promptly notify you of any unauthorised access to your personal information.

  1. Complaints

If you wish to raise a complaint on how we have handled your personal information, you can contact us directly and we will investigate the matter.

If you are not satisfied with the response or believe we are processing your personal information not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).

7 Changes to Our Privacy Policy

Our Privacy Policy may change overtime, due to changes in legislation. We recommend that you check this page for any policy changes in future. Below is a list of changes made and when they came into effect.

7.1 Change Log

09/05/18

  • Privacy policy instigated