Data Protection Policy

This policy lets you know what happens to any personal data that you give to us, or any that we may collect from, or about you. It applies to all products and services, and instances where we collect your personal data.

This policy explains

  • when and why we collect personal information
  • how we use it
  • the conditions under which we may disclose it to others and;
  • how we keep it secure.

We take your privacy seriously and information provided to us will be used and stored in accordance with the General Data Protection Regulations (GDPR).

We may change this policy from time to time so please check this page occasionally to ensure that you’re happy with any changes.

Any questions regarding this policy and our privacy practices should be sent in writing to the Data Protection Manager.

30 Chester Street
Birmingham
B6 4BE

Email: dataprotection@expohire.com

Review of this policy

This policy was last updated in November 2021.

What is a data controller?

An organisation who (either alone, jointly, or in common with other organisations) determines the purposes for which and the manner in which any personal data are, or are to be, processed.

Who is the data controller?

Expo Hire UK Ltd - Registered in England and Wales (Company No. 10545198)

How do we collect information from you?

We obtain information about you when you use our website, call or email us for support, or complete a contact form at an event.

What kinds of personal information about you do we hold?

Personal information that we’ll process includes:

  • Personal and contact details, such as title, full name, contact details, company details and contact details history
  • Records of your contact with us such as:
    • Contact via telephone or email
    • Contact via our online services for example, placing an order, completing a contact us form, or using our online chat facility.
    • IP address and/or MAC address
  • Current and historic orders that you hold with us or have held with us and the associated payment methods used
  • Marketing sent to you and analysis of that data, including history of communications, whether you open them or click on links
  • Information we obtained from third parties, such as credit reference agencies

How is your information used?

We will use your information to:

  • to carry out our obligations arising from any contracts entered into by you and us
  • seek your views or comments on the services we provide
  • notify you of changes to our services
  • send you communications which you have requested and that may be of interest to you.

We review our retention periods for personal information on a regular basis. We are legally required to hold some types of information to fulfil our statutory obligations. We will hold your personal information on our systems for as long as is necessary for the relevant activity, or as long as is set out in any relevant contract you hold with us.

What are the legal grounds for processing of your personal information?

We rely on the following legal bases to use your personal data:

1. Where it is needed to provide you with our products or services,

Such as:

  • Managing your membership and insurance service
  • Assessing an application for membership
  • Managing products and services you hold with us, or an application for one
  • All stages and activities relevant to managing the membership or adviceline including enquiry, application and administration of the membership and case management service.

2. Where it is in our legitimate interests to do so

Such as:

  • To perform and/or test the performance of our products, services and internal processes
  • To follow guidance and recommended best practice of government and regulatory bodies
  • For management and audit of our business operations including accounting and fraud prevention.
  • To carry out monitoring and to keep records of our communications with you and our staff (see below)
  • Where we need to share your personal information with people or organisations in order to run our operations or comply with any legal and/or regulatory obligations.

3. To comply with our legal obligations

How long is your personal information retained by us?

Unless we explain otherwise to you, we’ll hold your personal information based on the following criteria:

  • For as long as we have reasonable business needs, such as managing our relationship with you and managing our operations
  • Retention periods in line with legal and regulatory requirements or guidance.

Do you have to provide your personal information to us?

We’re unable to provide you with our services if you do not provide certain information to us. In cases where providing some personal information is optional, we’ll make this clear.

Who has access to your information?

We will not sell or rent your information to third parties. We will not share your information with third parties for marketing purposes unless you have provided consent.

When do we share your personal information with other organisations?

We may share information with the following third parties for the purposes listed:

  • Organisations who we subcontract to provide products and services to fulfil our contract with you. This may include delivery companies and/or maintenance engineers
  • Governmental and regulatory bodies such as HMRC, the Financial Conduct Authority and the Information Commissioner’s Office
  • Other organisations and businesses who provide services to us such as, back up and server hosting providers, IT software and maintenance providers, document storage providers and suppliers of other back office functions.

Your choices

You have a choice about whether or not you wish to receive information from us. If you do not want to receive direct marketing communications from us then you can select your choices on the form on which we collect your information.

We will not contact you for marketing purposes by email, phone or text message, unless you have given your prior consent.

What are your rights under data protection laws?

Here is a list of the rights that all individuals have under data protection laws. They don’t apply in all circumstances. If you wish to use any of them, we will explain at that time if they apply or not.

  • The right to be informed about the processing of your personal information
  • The right to have your personal information corrected if it is inaccurate and to have incomplete personal information completed
  • The right to object to processing of your personal information
  • The right to restrict processing of your personal information
  • The right to have your personal information erased (the “right to be forgotten”)
  • The right to request access to your personal information and to obtain information about how we process it
  • The right to move, copy or transfer your personal information (“data portability”)
  • The right to complain to the Information Commissioner’s Office, which enforces data protection laws. For further information, please visit: ico.org.uk.

You have the right to ask for a copy of the information we hold about you by contacting our Data Protection Manager.

Security precautions in place to protect the loss, misuse or alteration of your information

When you give us personal information, we take steps to ensure that it’s treated securely. Any sensitive information (such as credit or debit card details) is encrypted and protected with the software encryption on SSL. When you are on a secure page, a lock icon will appear on your web browsers.

Non-sensitive details (your email address etc.) are transmitted normally over the internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems. Where you have chosen a password, which enables you to access certain parts of our websites, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Profiling

We may analyse your personal information to create a profile which may include your employment details, age and location, so that we can contact you with information relevant to you. We may make use of additional information about you when it is available from external sources, such as your professional registration data, to help us do this effectively.

Use of "Cookies"

Like many other websites, we 'cookies'. Cookies are small pieces of information that are sent to your computer to allow that website to recognise you when you visit. Cookies are also used to collect aggregated statistical data about how users interact with a website. For example, we use cookies to allow you to log into our website, and to monitor how various parts of our website are used. This information helps us to improve our website and deliver a better, more personalised service in future.

It is possible to switch off cookies by setting your browser preferences, however turning this off will result in a loss of functionality when using our website. For more information on how we use cookies, please read our full Cookies Policy.

Links to other websites

In addition, if you link to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party site and recommend that you check the policy of that third-party site.

Our website may contain links to other websites run by other organisations. This privacy policy only applies to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites, even if you access them using links from our website.