PRIVACY POLICY

INTRODUCTION
The Item is a responsible organisation that complies completely with our obligations under the Data Protection Act (DPA) and the General Data Protection Regulation (GDPR). This privacy policy sets out the types of data that we hold on you

This policy applies where we are acting either the data controller or the data processor with respect to the personal data of people that use this website and any person they support.

DATA CONTROLLER DETAILS
Our registration details with the information commissioner’s office (ICO) are:
Registration number: 14481351
Date registered: 14 November 2022
Data controller: Fennes Fishing
Address: Fennes Rd, Bocking, Braintree CM7 5LB
Data protection officer: G Bennett

DATA PROTECTION PRINCIPLES
How we will process your personal data, we will:

We will process it fairly, lawfully and in a clear, transparent way
We will collect your data only for reasons that we find proper for delivery of the services you have requested
We will only use it in the way that we have explained to you about
We will ensure as far as is reasonably practicable it is correct and up to date
We will keep your data for as long as it is deemed necessary
We will process your data in a way that ensures it will not be used for anything that you are not aware of or have consented to in an appropriate manner

TYPES OF DATA WE PROCESS AND WHY WE PROCESS THEM – COLLECT
The Item and Training 2 CARE group will only collect and process the necessary information required to perform the services above. Typically, that includes the information below:

First and last name
Required to deliver the product or service
Health related information
This will only be collected where VAT exemption is being sought and for training safety purposes.
This information can also be processed where you’ve requested a Clinical assessment
Addresses
Required to deliver, maintain, collect equipment.
This also includes billing addresses
Email address
Where recorded required for communication and agreed by you.
Telephone numbers
Required to contact regarding the order/booking
Order history data
Required for some marketing
Payment data

SHARING YOUR DATA
Your data will be shared within The Tabor Group, where it is necessary to fulfil the services requested. It will also be necessary to share your information with other services that are involved in the delivery of products and services that you have requested. These include:

Couriers – We may use various couriers and ordering confirms that you agree with their policies. Our suppliers, should orders be drop shipped by them.
In addition to the above, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

PROTECTING YOUR DATA
We are aware of the requirement to ensure your data is protected against accidental loss or disclosure, destruction and abuse. We have implemented an Information Security Management System in order to provide assurances to our customers and employees alike.

Where we share your data with third parties, we provide clear instructions to them to ensure that your data are held securely and in line with GDPR requirements. Third parties must implement appropriate technical and organisational measures to ensure the security of your data.

In line with data protection principles, we only keep your data for as long as we need it for, which will be the length of time we are required to hold the data by law which is usually 6 years.

AUTOMATED DECISION MAKING
No decision will be made about you solely on the basis of automated decision making.

YOUR RIGHTS IN RELATION TO YOUR DATA
The law on data protection gives you certain rights in relation to the data we hold on you. These are:

The right to be informed. This means that we must tell you how we use your data, and this is the purpose of this privacy notice the right of access. You have the right to access the data that we hold on you. To do so, you should make a subject access request. Please be as specific as you can regarding the information you require. The right for any inaccuracies to be corrected. If any data that we hold about you is incomplete or inaccurate, you are able to require us to correct it the right to have information deleted. If you would like us to stop processing your data, you have the right to ask us to delete it from our systems where you believe there is no reason for us to continue processing it the right to restrict the processing of the data. For example, if you believe the data we hold is incorrect, we will stop processing the data (whilst still holding it) until we have ensured that the data is correct the right to portability. You may transfer the data that we hold on you for your own purposes the right to object to the inclusion of any information. You have the right to object to the way we use your data where we are using it for our legitimate interests the right to regulate any automated decision- making and profiling of personal data. You have a right not to be subject to automated decision making in way that adversely affects your legal rights
Typically, consent is not the lawful basis under which we will be processing your data but where it has been necessary for you to provide consent (usually marketing and some cookies), you have the unrestricted right to withdraw that consent at any time. Withdrawing your consent means that we will stop processing the data that you had previously given us consent to use. There will be no consequences for withdrawing your consent.

We might use your information where there’s a legitimate reason to do so, such as where it would help to facilitate a benefit to you or achieve our business objective.

If we use legitimate interests to process any data a legitimate interest balancing test (using the ICO’s template) will be documented.

We rely on legitimate interests to:

Personalise your experience and provide you with support

We sometimes make assumptions about your preferences based on the way you interact with our products and services and the information we hold about you. Knowing these allows us to understand the products, content and services our customers like, letting us focus our efforts on developing those areas. We may also use this information to make decisions about what direct marketing to show you. We may also provide you with help and support where we believe it is required. For example, if you have provided your contact information, we may contact you when a checkout purchase is not completed.

To send product related and services communications

For certain types of marketing communications, we do not require your consent and we instead rely on our legitimate interest. This is the case for example where we send you communications about products or services that we provide to you. You can opt out of these communications either by visiting your preference centre if you have an account or in the communication itself.

Conduct market research

We may use the information we hold on you about your engagement with our products and services, to understand how our products are used and make improvements or develop other products and services our audiences may like. We may to contact you about your experience of a product or service we provide you

We may send you service-related messages, which are about the service we provide. We do not require your consent for these, and you are not able to opt out.

If you wish to exercise any of the rights explained above or have questions on the basis of lawful processing, please contact G Bennett at marketing@thetaborgroup.co.uk.

COOKIES
When you visit any website, it may store or retrieve information on your browser, which is mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information doesn’t usually identify you directly, but it can give you a more personalised web experience.

MAKING A COMPLAINT
The supervisory authority in the UK for data protection matters is the Information Commissioner (ICO). If you think your data protection rights have been breached in any way by us, you should contact the Data Protection Officer. Should you be unsatisfied with the response you are able to make a complaint to the ICO directly.

Data Protection Officer
Fennes Fishing and The Tabor Groups Data Protection Officer is G Bennett and he can be contacted directly on telephone: 01376 324555 or e-mail marketing@thetaborgroup.co.uk