GDPR (General Data Protection Regulation) & PECR (Privacy and Electronic Communications Regulation) Compliance Policy
Why we collect your personal data and what we do with it
When you sign up as a customer of one of our dry-cleaning shops or you express an interest in one of our promotions, your details are stored and processed for the following reasons;
We need to collect your personal information in order to provide you with the dry-cleaning services you have requested we undertake. This request and our agreement to provide dry-cleaning services constitutes a contract and we will therefore require the ability to process your data in order to fulfil this contract and provide the services to the standards expected by the TSA and Guild of Cleaners.
We also collect, store and process this information based upon a ‘Legitimate Interest’ because without it we would be unable to provide you with the dry-cleaning services and as you use our dry-cleaning services may also be interested in offers and promotions.
So, we may also occasionally send you a newsletter, or information that we feel would benefit you. You may withdraw this consent at any time, by clicking the unsubscribe option which can be found at the top and bottom of each email, or by emailing email@example.com
Personal data may be provided to Blue Dragon in a number of ways including directly from you (email, post, in person, website), recommendations or forwarding of relevant information from associated parties.
We retain your records for 5 years post completion of the last piece of dry-cleaning work, after which time you can ask that we delete your records if you wish. You may do this by contacting any member of our team by phone, email firstname.lastname@example.org. Should we not be requested to delete your records, these will be retained indefinitely in order for us to provide a better service at a later date without having to collect personal data again.
Your records are stored electronically on our office computers and hardcopies are stored in a locked facility. Electronic records are backed up daily and stored securely in the cloud.
Third-Parties / Outsourced Providers:
We will never share your data with any third party without your prior written or verbal consent. Only the following people/agencies will/could have access to your data;
- Members of the Blue Dragon dry-cleaning team, to provide you with services
- IT service company who manage our IT and servers
- Website Development company who manage our website
- Government agencies should this be required for fulfilment of contract
Data Access Requests:
You have the right to see what personal data we hold at any time and you can do this by contacting any member of the team or emailing email@example.com and submitting a “Subject Access Request”. We will respond to this request within one calendar month.
In addition to this, you also have the right to request that we update any information that you believe to be incorrect. It is likely that this request will be dealt with immediately, however we will respond to this request within one calendar month. This can be done by contacting any member of our team by email, phone or website contact form or emailing firstname.lastname@example.org
If you decide that you don’t want us to contact you anymore, you are welcome to email us at email@example.com to ask us to stop. This request will be reviewed and we will respond to you within one calendar month. If you are asking us to stop sending marketing information, we will do so immediately. You are also able to click on the unsubscribe link at the bottom of any communications. If you would like us to erase all of the data we store and process for you, or you would like us to update or amend data held, please email us at firstname.lastname@example.org We will respond to your request within one calendar month but hopefully sooner.
If you feel that we have mishandled or breached our responsibilities in handling your personal data, please contact email@example.com. We are strongly committed to protecting your personal data. Should you be unsatisfied with our response, you have the right to raise your concern directly with the Information Commissioner’s Office, the UK Data Protection Supervisory Authority.