Privacy Policy

LFC Developments Ltd t/a The Wheel Specialist Privacy Policy

LFC Developments Ltd, whose principal place of business is at: The Wheel Specialist, Packwood Lane, Lapworth, B94 6AU.
Your Privacy: Here at The Wheel Specialist we are fully committed to harbouring the trust and confidence of all visitors to our web site. It’s important to mention that The Wheel Specialist is not in the business of selling, renting or trading email lists with other companies and businesses for marketing purposes. We respect your rights.

To give you every confidence in just how seriously we take privacy matters, we’ve provided here as much detail as possible on when and why we may collect your personal information, how we use it, the limited conditions under which we may disclose it to others and the measures we take to keep it secure.

Types of data we collect:
The Wheel Specialist and/or its advertising, software and systems partners may collect the following information about you:
– your name, age/date of birth and gender;
– your contact details: postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and e-mail address;
– purchases and orders made by you;
– your on-line browsing activities on The Wheel Specialist websites;
– your password(s);
– your communication and marketing preferences;
– your interests, preferences, feedback and survey responses;
– your location;
– your correspondence and communications with The Wheel Specialist; and
– other publicly available personal data, including any which you have shared via a public platform (such as a Twitter feed or public Facebook page).
Our websites are not intended for children and we do not knowingly collect data relating to children.
This list is not exhaustive and, in specific instances, we may need to collect additional data for the purposes set out in this Policy. Some of the above personal data is collected directly, for example when you set up an on-line account on our websites, or send an email to one of our Franchise locations. Other personal data is collected indirectly, for example your browsing activity. We may also collect personal data from third parties who have your consent to pass your details to us, or from publicly available sources.
Our websites use cookies to collect information. This includes information about browsing and purchasing behaviour by people who access our websites. This includes information about pages viewed, actions completed and the customer journey around our website. Detailed information can be found in our Cookie Policy.
Google Analytics:
When someone visits www.thewheelspecialist.co.uk we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website.
Call Recording:
Please note that all calls to / from The Wheel Specialist may be recorded for training and monitoring purposes.
Mailing Lists:
As part of the lead enquiry process, we collect personal information. We use that information for a couple of reasons: to tell you about the services you’ve asked us to tell you about; to contact you if we need to obtain or provide additional information; to check our records are right and to check every now and then that you’re happy and satisfied. We don’t rent or trade email lists with other organisations and businesses.
We use third-party providers, Greyridge, Clook, Trustpilot and Amazon, to process and deliver our e-mails. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-mails. For more information, please see Amazon AWS’s Privacy Notice. You can unsubscribe from our Marketing mailing lists any time of the day or night by clicking the unsubscribe link at the bottom of any of our emails or by visiting the dedicated e-mail preferences page on our website.

Job Data:
When you purchase our services, products or gift voucher(s) through The Wheel Specialist or online your name, address data, email, job information and contact number will be stored in our CRM system(s). You may, of course, purchase products and services in person at one of our Franchise locations and it is important to understand that as a Franchise, each of our Franchise locations is a separate limited company in its own right. Each of our Franchise locations has access to our CRM system(s) where your data is stored.
Retention:
TWS will store customer information for a period of 15 years from the most recent job.
Third Parties:
– We may share anonymised personal information with other organisations, particularly GetAddress which enables us to provide you with an address finder function based upon your postcode.
– We use a service called KickBox to check the validity of e-mails.
– Phone call recording facilities are provided to The Wheel Specialist by Berry Telecom.
– Web hosting providers who may also handle your information as part of our data management facilities include Accentika, Clook, AuthSMTP, TSOHost & WuFoo.
– We use Trustpilot to send e-mail’s inviting customers to leave a review. As a customer your name and e-mail address will be shared with Trustpilot.
Access to your personal information:
You are entitled to view, amend, or delete the personal information that we hold. Email your request to our data protection lead Natalie Fenwick at nat.f@tws-lfc.com

Data Retention Policy

1. Purpose, Scope, and Users
This policy sets the required retention periods for specified categories of personal data and sets out the minimum standards to be applied when destroying certain information within LFC Developments ltd t/a The Wheel Specialist (further: the “Company”).
This Policy applies to business units, processes, and systems in all countries in which the Company conducts business and has dealings or other business relationships with third parties.
This Policy applies to all Company officers, directors and employees, that may collect, process, or have access to data (including personal data and/or sensitive personal data). It is the responsibility of all of the above to familiarise themselves with this Policy and ensure adequate compliance with it.
This policy applies to all information used at the Company. Examples of documents include:
• Emails
• Hard copy documents
• Soft copy documents
• Video and audio
• Data generated by physical access control systems

2. Reference Documents
• EU GDPR 2016/679 (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC)
• Personal Data Protection Policy

3. Retention Rules
3.1. Retention General Principle
In the event, for any category of documents not specifically defined elsewhere in this Policy (and in particular within the Data Retention Schedule) and unless otherwise mandated differently by applicable law, the required retention period for such document will be deemed to be 3 years from the date of creation of the document.
3.2. Retention General Schedule
The Data Protection Officer defines the time period for which the documents and electronic records should to be retained through the Data Retention Schedule.
As an exemption, retention periods within Data Retention Schedule can be prolonged in cases such as:
• Ongoing investigations from Member States authorities, if there is a chance records of personal data are needed by the Company to prove compliance with any legal requirements; or
• When exercising legal rights in cases of lawsuits or similar court proceeding recognized under local law.

3.3. Safeguarding of Data during Retention Period
The possibility that data media used for archiving will wear out shall be considered. If electronic storage media are chosen, any procedures and systems ensuring that the information can be accessed during the retention period (both with respect to the information carrier and the readability of formats) shall also be stored in order to safeguard the information against loss as a result of future technological changes. The responsibility for the storage falls to the Data Protection Officer.
3.4. Destruction of Data
The Company and its employees should therefore, on a regular basis, review all data, whether held electronically on their device or on paper, to decide whether to destroy or delete any data once the purpose for which those documents were created is no longer relevant. See Appendix for the retention schedule. Overall responsibility for the destruction of data falls to the Data Protection Officer.
Once the decision is made to dispose according to the Retention Schedule, the data should be deleted, shredded or otherwise destroyed to a degree equivalent to their value to others and their level of confidentiality. The method of disposal varies and is dependent upon the nature of the document. For example, any documents that contain sensitive or confidential information (and particularly sensitive personal data) may warrant in-house shredding. The Document Disposal Schedule section below defines the mode of disposal.
In this context, the employee shall perform the tasks and assume the responsibilities relevant for the information destruction in an appropriate way. The specific deletion or destruction process may be carried out either by an employee or by an internal or external service provider that the Data Protection Officer subcontracts for this purpose. Any applicable general provisions under relevant data protection laws and the Company’s Personal Data Protection Policy shall be complied with.
Appropriate controls shall be in place that prevents the permanent loss of essential information of the company as a result of malicious or unintentional destruction of information.
The Data Protection Officer shall fully document and approve the destruction process. The applicable statutory requirements for the destruction of information, particularly requirements under applicable data protection laws, shall be fully observed.
3.5. Breach, Enforcement and Compliance
Any suspicion of a breach of this Policy must be reported immediately to Data Protection Officer. All instances of suspected breaches of the Policy shall be investigated and action taken as appropriate.
Failure to comply with this Policy may result in adverse consequences, including, but not limited to, loss of customer confidence, litigation and loss of competitive advantage, financial loss and damage to the Company’s reputation, personal injury, harm or loss. Non-compliance with this Policy by permanent, temporary or contract employees, or any third parties, who have been granted access to Company premises or information, may therefore result in disciplinary proceedings or termination of their employment or contract. Such non-compliance may also lead to legal action against the parties involved in such activities.

4. Document Disposal
4.1. Routine Disposal Schedule
Records which may be routinely destroyed unless subject to an on-going legal or regulatory inquiry are as follows:
• Announcements and notices of day-to-day meetings and other events including acceptances and apologies;
• Requests for ordinary information such as travel directions;
• Reservations for internal meetings without charges / external costs;
• Transmission documents such as letters, fax cover sheets, e-mail messages, routing slips, compliments slips and similar items that accompany documents but do not add any value;
• Message slips;
• Superseded address list, distribution lists etc.;
• Duplicate documents such as CC and FYI copies, unaltered drafts, snapshot printouts or extracts from databases and day files;
• Stock in-house publications which are obsolete or superseded; and
• Trade magazines, vendor catalogues, flyers and newsletters from vendors or other external organizations.
In all cases, disposal is subject to any disclosure requirements which may exist in the context of litigation.
4.2.Destruction Method
In-line with our retention schedule, paper documents, where applicable, containing personal data will be shredded and disposed of. Electronic records will be permanently deleted.

5. Managing Records Kept on the Basis of this Document
Record name Storage location Person responsible for storage Controls for record protection Retention time
Data Retention Schedule TWS Server & Back-Up Natalie Fenwick Only authorized persons may access this document Permanently

6. Validity and document management
This document is valid as of May 2018
The owner of this document is the Data Protection Officer who must check and, if necessary, update the document at least once a year.

Changes to this Privacy Notice:
This privacy notice will be reviewed each year on the first working Monday in April. This privacy notice was last reviewed on 11th December 2018.