Home » Privacy Policy
The Privacy Policy explains how we may use personal data that you provide us with, or any that we may collect from or about you as a customer of, or supplier to, Colloids, and as a user of this website. This Privacy Policy contains the information required under the general data protection regulation as incorporated into the UK, the “UK GDPR”.
We are Colloids Ltd. (Colloids), part of the Tosaf Group and our address is Kirkby Bank Road, Knowsley Industrial Park North, Merseyside L33 7SY. We are a controller of your personal data. Depending on the website you are visiting, or the entity which you are receiving services from, this Privacy Policy is also applicable where any of Colloids’ Subsidiaries are acting as controller.
We have a dedicated Data Privacy Lead who manages any data protection related communications. You can contact them at the following email address: [email protected] marking it for the attention of the Colloids Group Data Privacy Lead, or by using the contact us section of our website.
Under the UK GDPR, ‘personal data’ is defined as any information relating to an identified or identifiable natural person.
In your use of our services and this website, we may collect names, business addresses, business telephone numbers, mobile phone numbers, email addresses, information relating to products and services you have bought from us, products and services we have bought from you, records relating to our contact with you regarding such products and services, your marketing preferences, and information about your business which we obtain from credit reference agencies.
In addition, where you use our website, certain personal data may be collected automatically from your browser or device. This could include device type, browser type, IP address, operating system, device identifier, and Internet service provider, as well as other information such as general location information, domain name, page views, a date/time stamp, referring and exiting URLs, language, clickstream data and similar device and usage data. Please also see our Cookie Policy for more information on the cookies we use.
We do not collect any information which could be deemed as special categories of personal data as defined under the UK GDPR (being information relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data, data concerning health or data concerning a natural person’s sex life or sexual orientation).
We obtain personal data from you directly when you contact us with an enquiry, regarding our products and services, alternatively when we buy products and services from you. We may collect data through email, forms you complete (both paper and electronic), during telephone conversations, online, in meetings and through enquiries.
We may also collect information about you from other publicly or commercially available sources, such as our business partners, suppliers, vendors and other third party sources (e.g. public databases and professional social networks).
The lawful basis for Colloids’ processing of personal data will depend on the purposes of processing. Under the UK GDPR, Colloids are required to justify each purpose of processing with an applicable lawful basis.
We have a legitimate interest in providing a response customer service function.
Where we are relying upon your consent to process personal data, you can withdraw this at any time by going to the contact us section of our website.
We have a legitimate interest in providing a website which is functional for customers to use when interacting with our business online, and is as secure as it can be from external threats.
We have a legitimate interest in understanding how our products and services are received and used so we can make improvements to them.
We have a legitimate interest in finding improvements to our customer service function, and then actioning those improvements.
We have a legitimate interest in exercising, establishing and defending our legal rights.
We have a legitimate interest in being free to dispose of, or restructure, our business or assets. When do we share your personal data with other organisations?
We share your personal data with a number of other organisations. For example: our affiliates; credit reference agencies; insurance providers; hauliers; services providers that assist us with IT operations, finance processes and analytics; professional advisors, where applicable for legal, regulatory or accounting issues.
We only share personal data in order to fulfil the purposes set out above and if this requires contractual measures to be put in place with that third party, we ensure the relevant contracts are entered into.
We primarily process your data in the UK and the European Economic Area (EEA), but sometimes your personal data may be transferred outside the UK and EEA. Where we do this, seek to ensure that either (i) we are transferring personal data to an adequate jurisdiction such as Israel and (ii) contracts with the importing entities incorporate the UK international data transfer agreement, or will rely on other legally permitted appropriate safeguards, unless certain exceptions apply. For example, we may need to transfer some personal data to our affiliates in USA and China.
If you would like to understand which safeguards apply to your data and obtain a copy of these for your reference, you can contact us via the details in this Privacy Policy.
We apply for credit insurance for our customers.
You should tell us that we can update our records. Please use the contact details in the Privacy Policy, visit the contact us section of our website or use the tool provided on the footer of the website regarding data rectification.
Where we process your personal data to perform a contract with you or to comply with a legal obligation, the provision of your personal data is compulsory so far as it is either a contractual or statutory requirement, or a requirement necessary to enter into a contract. In such cases, provision of your personal data is mandatory since it would not otherwise be possible to enter and perform our contract with you, or to comply with our legal obligations.
We don’t have any data which is subject to automated decision making.
Unless we explain otherwise to you, we’ll hold your personal information based on the following criteria:
We will maintain reasonable physical, electronic, and procedural safeguards to protect personal data from loss, misuse and unauthorised access, disclosure, modification, and destruction which are described in Colloids’ detailed security schedules. Some of the methods we use include the following:
Individuals have a number of rights under the UK GDPR as set out in the list, below, however note that some of these are subject to exemptions. We generally have one month to response to such a request. If you want to access any of the rights set out below, we may ask you for additional information to confirm your identity. We also reserve the right in some occasions to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
We may use your phone numbers, business address, email address, social media or digital channels to contact you. Where applicable we could contact you according to your marketing preferences. You can stop receiving our marketing communications at any time by contacting us using the details above or using the tool on our website to unsubscribe from marketing.
We may change this Privacy Policy from time to time by updating this page in order to reflect changes in the law and/or our privacy practices. Where there are material changes to the way in which we process your personal data, we will notify you of these changes.
If you have any questions about this Privacy Policy, or you wish to exercise your rights, you can email us using the details set out above or go to the contact us section on our website.
