This document is intended to be published on the www.arconsupplies.co.uk website and available for issue upon request to website users, enquirers, customers and suppliers. It covers the general principles of how Arcon Supplies gathers and handles data. It also outlines the services and standards website users, enquirers, customers and suppliers can expect, with respect to their data, when dealing with Arcon Supplies. This document sits alongside the GDPR Policy and PCIDSS compliance checklist, both for internal issue, which cover actions, implementation and recommendations in detail regarding safeguarding data including employee records.
Arcon Supplies take the safeguarding of data very seriously. This Privacy & Cookies Policy describes the principles of how we gather and handle data.
Arcon Supplies are committed to being open and transparent about:
Arcon Supplies are committed to managing consent and maintaining detailed records of:
www.arconsupplies.co.uk has upgraded from HTTP, hypertext transfer protocol, to HTTPS, hypertext transfer protocol secure. HTTPS uses separate protocols called SSL (Secure Sockets Layer) and TLS (Transport Layer Security), which mean the data sent between the website and the website user is more secure machining it harder to intercept and encrypted, so less easy to read if it is intercepted. If you are browsing in Google Chrome, Internet Explorer, Firefox or similar, you should be able to see a padlock symbol to show the website is certified as secure.
2.2.1 Complying with the EU Cookie Law
It is not possible to view the website without cookies running. Some cookies are essential for the operation and function of the website, including navigation and security. These cookies do not typically contain data that personally identifies website users. At present, no cookies are used to personalise web content or gather personal data from users on the www.arconsupplies.co.uk website, except for the contact us/call back request form where users are given the option to input some personal data. Handling processes for the data collected from the contact us/call back request form are described below.
The www.arconsupplies.co.uk website also uses Google Analytics to analyse the performance and usage of the site. Google Analytics is the only non-essential third-party cookie currently running on the website.
2.2.2 Google Analytics
Arcon Supplies uses Google Analytics to analyse usage data such as volume of web traffic to the website URL arconsupplies.co.uk
Other usage data may include anonymised page views, geographical location of users, duration of visits to the site, bounce rate, frequency, time of day the site is accessed.
The purpose of us using the analysis of the data that Google Analytics collects is to monitor and improve the performance of the website, enabling us to best represent our business interests.
You are not required to provide any personal information on the public access areas of the www.arconsupplies.co.uk However, you may choose to do so by completing a form. The contact us/call back request form on arconsupplies.co.uk website invites users to enter a limited amount of personal data to enable Arcon employees to call or email the user to provide our services personalised to the enquirers specific needs. A record of this data and subsequent services provided is kept by Arcon Supplies for legitimate business purposes.
Submitting the contact us/call back request form does not imply consent to subscribe to newsletters or other general marketing campaigns.
Aside from essential third parties, see below, the information submitted will only be shared with a third party when the enquiry is best answered by an Arcon Approved Applicator or a specific product manufacturer.
Some hyperlinks to third-party websites are included in the arconsupplies.co.uk website. While all attempts are made to only link to reputable sites, Arcon do not accept responsibility for the privacy policies and data collection activities of these third parties.
Specific consent will be sought from website users, enquirers, customers and suppliers to subscribe to newsletters or other general marketing campaigns.
We may process and record information given in emails or phone calls (or similar forms of communication) for legitimate business reasons. The retention period for this information will depend upon the type and nature of data included. Any sensitive information will be handled in line with GDPR and PCI DSS good practice, see telephone card payments below for example.
Payment for goods and services provided by Arcon Supplies can be made by one of the following methods:
The card terminal is provided by a well-recognised and trusted PCI DSS compliant financial institution for secure transfer of sensitive card data, further details can be provided upon request. This policy will be reviewed, and wording changed if necessary, if the card terminal provider’s details change. No sensitive card data is kept after authorisation of payment, unless required by law. Records of transaction type, receipts and invoices are kept for the minimum statutory period.
This policy will be updated with the relevant information if additional payment methods, online transactions for example, are added.
Arcon Supplies do not knowingly transfer data outside the EU. No data is transferred directly outside the EU for processing, handling or storage. However, there is potential for global third-party service providers to transfer data outside the EU without us being able to determine this with certainty. These are the third parties we think could transfer data we provide them with outside the EU and the factors mitigating risk of a data breach:
Details of account holders including key contacts are held and safeguarded in line with Arcon’s internal policies and GDPR compliance. Sensitive data such as bank details are held in a secure environment. No sensitive card data is kept on record in accordance with PCI DSS compliance. Records of transactions, payment types, orders, invoices and receipts are kept for the minimum statutory period.
Please let us know if you think the data we hold about you needs to be updated; changes in bank details, key contacts, business addresses, accounts payable addresses, payment methods and similar are most pertinent.
Arcon Supplies retain data for legitimate business purposes and to fulfil our legal requirements as a business trading in the UK.
The data we handle for any purpose or purposes will only be retained for the length of time that purpose or purposes require, either for legitimate business purposes and to fulfil our legal obligations.
8.1.1 Cardholder sensitive authentication data
Cardholder sensitive authentication data is deleted or rendered unrecoverable upon completion of the payment authorisation process, in accordance with PCI DSS compliance guidelines.
8.1.2 Transaction data
Transaction data will be retained for a period of 7 years, from the end of the year during which the transactions was made.
8.1.3 Account holder / supplier data
Account holder and supplier data, including order data, will be retained for as long as the account remains open and 7 years, from the end of the year during which the account was closed.
8.1.4 Correspondence data
Correspondence data be retained while it is still deemed to be required for legitimate business purposes.
8.1.5 Analytical data
Anonymised analytical data processed by Google Analytics is used to analyse the arconsupplies.co.uk website performance and trends both short-term and long-term, when the website ceases to be a business concern this data will be deleted.
8.1.6 Newsletter / general marketing data
Newsletter and general marketing contact data will be retained if a record of consent to receive newsletter and general marketing information exists and the person remains opted-in.
In accordance with GDPR, individuals have the following rights:
However, if your data is held by Arcon to fulfil our legal requirements as a business trading in the UK or other legal reasons some of these rights cannot be implemented. For further details see https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
This policy applies to all persons working for Arcon Supplies or on our behalf in any capacity, including employees at all levels, partners, agency workers, seconded workers, volunteers, agents, contractors and suppliers. Arcon strictly prohibits the breach of GDPR in our operations and supply chain. We have and will continue to be committed to implementing systems and controls aimed at ensuring that GDPR breaches are not taking place anywhere within our organisation or in any of our supply chains. We expect that our suppliers will hold their own suppliers to the same high standards.
Arcon is a company that expects everyone working with us or on our behalf to support and uphold the following measures to safeguard against GDPR breaches:
This policy will be reviewed annually. Updates and amendments will be made to this policy if any significant changes in Arcon’s data handling or safeguarding occur.
To continue viewing this site please accept cookies by selecting the accept cookies button at the bottom of this page.Accept Cookies