Industry Extra Limited and ppeextra.com are committed to protecting your privacy and maintaining the security of any personal information (personal data) received from you. We strictly adhere to the requirements of the EU General Data Protection Regulation 2016/679 (GDPR).
The purpose of this policy is to explain to you what personal data we collect, how we may use it, your rights over it, how we keep it secure, how we report on it, and how to complain about our use of it.
The legal basis for processing this data is to provide a business service to you.
Your rights under the GDPR
• Right to access – you are entitled to a copy of your personal data, free of charge
• Right to restrict processing – under certain circumstances you can request the restriction of use
• Right to rectification – you are entitled to ensure any data held is accurate
• Right to erasure – under certain circumstances you can request your data is removed (known as the “right to be forgotten”)
• Right to data portability – you are entitled to a copy of your data in a common electronic format
• Right to object to automated decision-making – under certain circumstances, you can request that your data is not used to make automated decisions about you that could have legal consequences
• Right to complain – you can lodge a complaint with the ICO
What data we collect and how we use your personal information
When you place an initial order with us, we collect sufficient data to allow us to process and fulfil your order. This includes your:
• Name, Billing Address, Email Address, Telephone Number, Company Name and VAT Registration Number (where applicable)
We collect additional information (data) in order to comply with the EU Rules governing the supply of Digital Services. This includes your:
• IP Address, Hostname, Country Location, Device Used, Date and Time
You have the right to withhold any personal data that is not required for the order process, but you must give your consent to our Terms and Conditions in order for us to provide you with our services.
We use the personal data collected to notify you of your purchase and to communicate with you in connection with all matters relating directly to our services, until termination of the services.
From time to time we may send you updates of our products and services. We will only contact you if we have acquired your specific consent.
We do not sell, rent, share, or exchange your personal data with any third party for commercial reasons. We will only share your personal data with any organisation, agency, or regulatory body if required to do so by law.
We do not collect sensitive data about you.
You can ask us what personal data we hold on you at any time, free of charge. In order to maintain the accuracy of the data, you can check, update, amend, or remove personal data by logging into your Account. You can also contact us directly – please see below.
How we maintain the security of your personal information
We follow strict security procedures in the storage and disclosure of information you have given us, to prevent unauthorised access in accordance with the EU General Data Protection Regulation (GDPR).
Passwords are encrypted and may be automatically generated by our system. We recommend that you use strong Passwords to access your ppeextra.com Account and change them regularly.
The data held by us is stored on servers located within the RapidSwitch facility in Maidenhead, Berkshire. RapidSwitch is one of the UK’s leading server hosting providers and is recognised as one of the longest established in the UK. It is part of the AIM-listed Iomart Group PLC, with fully owned world class resilient infrastructure end to end. It is ISO 27001 and 9001 accredited. It has multiple levels of security and staff on-site 24x7x365.
You will be notified of any breach in the security of your personal data by either accidental or deliberate causes, without undue delay. Where required, in respect of certain types of breach identified, we will comply with the GDPR and report to the appropriate authority within the regulatory 72 hours.
A personal data security breach is defined as leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.
How long we keep your data
We will only retain your personal data for as long as:
• it is needed for the purposes set out in this document
• the law requires us to
In general, this means that we will only hold your personal data for a minimum of 1 year and a maximum of 7 years.
Children’s privacy protection
Our services are not designed for, or intentionally targeted at, children 13 years of age or younger. We do not intentionally collect or maintain data about anyone under the age of 13.
Sale of Business
Website Analysis Tools
We use Hotjar to perform analysis on how our users interact with our website in order to improve the experience, please note the following:
• Hotjar is a tool that aggregates data on how visitors to our site use are using it
• Examples of the type of information collected include, but is not limited to, pages visited, how pages are used and interacted with, type of device and browser used and the country you are in
We use Google AdWords Remarketing to advertise ppeextra.com on the Internet. AdWords remarketing displays ads tailored to you based on the products on our website you have viewed by placing a cookie on your machine. This cookie does not identify you or give access to your computer. The cookie is used to say “This person visited this page, show them ads relating to that page.” Google AdWords Remarketing allows us to tailor our marketing to better suit your needs and only display ads that are relevant to you.
If you do not wish to participate in our Google AdWords Remarketing, you can opt out by visiting Google’s Ads Preferences Manager
We use the “visitor action pixels” from Facebook Inc (1 Hacker Way, Menlo Park, CA 94025, USA, or, if you are based in the EU, Facebook Ireland Ltd., 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland (“Facebook”)) on our website.
This allows user behavior to be tracked after they have been redirected to the provider’s website by clicking on a Facebook ad. This enables us to measure the effectiveness of Facebook ads for statistical and market research purposes. The data collected in this way is anonymous to us, i.e. we do not see the personal data of individual users. However, this data is stored and processed by Facebook, which is why we are informing you, based on our knowledge of the situation. Facebook may link this information to your Facebook account and also use it for its own promotional purposes, in accordance with Facebook’s Data Usage Policy https://www.facebook.com/about/privacy/. You can allow Facebook and its partners to place ads on and off Facebook. A cookie may also be stored on your computer for these purposes.
The legal basis for the use of this service is Art. 6 paragraph 1 sentence 1 letter f GDPR. You can object to the collection of your data by Facebook pixel, or to the use of your data for the purpose of displaying Facebook ads by contacting the following address: https://www.facebook.com/settings?tab=ads.
Facebook is certified under the Privacy Shield Agreement and thus guarantees compliance with European data protection legislation (https://www.privacyshield.gov/participant?id=a2zt0000000GnywAAC&status=Active).
How to Contact Us or Make a Complaint
If you would like to contact us or:
• have any questions about anything in this document
• think that your personal data has been misused or mishandled
18A Station road, CR0 2RB, CROYDON, SURREY, UK