Privacy Statement
1. Introduction
1.1 Ascensor Limited, trading as Green Gecko (“the Company”, “we”, “us”, “our”), is committed to protecting the privacy and security of your personal information.
1.2 This Privacy Statement describes how we collect, use, store and protect personal information in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 and other applicable data protection legislation.
1.3 This notice applies to:
1.3.1 All Clients;
1.3.2 All third parties and suppliers with whom we have dealings in the ordinary course of business;
1.3.3 Individuals to whom we send marketing communications; and
1.3.4 Any individual whose personal data we process.
1.4 Any reference to “you” or “Data Subject” means any individual in respect of whom we hold personal data.
1.5 This Privacy Statement does not apply to information relating solely to limited companies where such information does not constitute personal data under applicable data protection legislation.
1.6 This Privacy Statement applies to the following websites:
https://www.ascensor.com
https://www.ascensorair.co.uk
https://www.testmywebsitepagespeed.com
1.7 We may act as a Data Controller or, in some circumstances, as a Data Processor:
1.7.1 Where we act as a Data Controller, we determine how and why personal data is processed.
1.7.2 Where we act as a Data Processor, we process personal data on behalf of a third party and in accordance with their instructions.
1.8 We may update this Privacy Statement from time to time.
2. Data Protection Principle
2.1 We comply with data protection laws. Personal data we hold must be:
2.1.1 Processed lawfully, fairly and transparently;
2.1.2 Collected for specified, explicit and legitimate purposes;
2.1.3 Adequate, relevant and limited to what is necessary;
2.1.4 Accurate and kept up to date;
2.1.5 Retained only for as long as necessary;
2.1.6 Kept secure and protected against unauthorised or unlawful processing, loss, destruction or damage.
3. Categories of Personal Data We Hold About Clients
3.1 Personal data means any information from which an individual can be identified. It does not include anonymised data.
3.2 We may collect, store and use the following categories of personal information:
3.2.1 Personal contact details such as name, title, addresses, telephone numbers and email addresses;
3.2.2 Gender;
3.2.3 National Insurance number (where applicable);
3.2.4 Bank account details;
3.2.5 Business-related information including website information, business email addresses and contact details;
3.2.6 Website visitor data including IP addresses and information submitted via contact forms;
3.2.7 Photographs.
3.3 We do not ordinarily collect “special category” data (sensitive personal data) unless required and lawful to do so.
4. Purpose and Lawful Basis for Processing
4.1 We process personal data where one or more of the following lawful bases apply:
4.1.1 Performance of a contract;
4.1.2 Compliance with a legal obligation;
4.1.3 Legitimate interests pursued by us or a third party;
4.1.4 Protection of vital interests;
4.1.5 Public interest;
4.1.6 Consent (where applicable).
4.2 We use personal data for the following purposes:
4.2.1 Administering contracts;
4.2.2 Business management, planning, accounting and auditing;
4.2.3 Fraud prevention;
4.2.4 Managing legal disputes;
4.2.5 Marketing relevant products or services;
4.2.6 Providing updates about the Company, promotions or events.
4.3 Where we rely on legitimate interests, we ensure those interests are not overridden by your rights and freedoms.
4.4 You may opt out of marketing communications at any time.
5. How Personal Data is Collected
5.1 We collect personal data:
5.1.1 Directly from you;
5.1.2 From publicly available sources such as Companies House;
5.1.3 Through market research;
5.1.4 From third parties including credit reference agencies where necessary.
5.2 During the course of our contractual relationship, we may collect additional information including:
5.2.1 Information relating to your clients;
5.2.2 Company accounts and financial information;
5.2.3 Information regarding employees;
5.2.4 Website analytics and performance data.
6. Information About Individuals Other Than Clients
6.1 We may process personal data relating to:
6.1.1 Individuals met at networking or marketing events;
6.1.2 Individuals who make enquiries but do not become clients;
6.1.3 Suppliers and service providers;
6.1.4 Individuals connected with client engagements.
6.2 Typically, this data is limited to contact details such as email addresses, telephone numbers and business addresses.
6.3 We retain such data where we have a legitimate business interest in doing so.
7. Automated Decision-Making
7.1 We do not ordinarily make decisions based solely on automated processing that produce legal or similarly significant effects.
7.2 If this position changes, we will notify you and ensure appropriate safeguards are in place.
8. Data Sharing
8.1 We may share personal data with:
8.1.1 Third-party service providers;
8.1.2 Group entities;
8.1.3 Regulators or authorities where required by law.
8.2 All third parties are required to respect the security of your data and process it lawfully.
8.3 We do not permit third parties to use personal data for their own purposes.
9. International Transfers
9.1 Some of our cloud-based systems may store data outside the UK.
9.2 Where personal data is transferred internationally, we ensure appropriate safeguards are in place, including contractual safeguards and compliance with UK GDPR.
9.3 Where data is stored in jurisdictions without an adequacy decision, we rely on appropriate safeguards to ensure equivalent protection.
10. Data Security
10.1 We implement appropriate technical and organisational measures to protect personal data.
10.2 Access to personal data is restricted to those with a legitimate business need.
10.3 We maintain procedures to deal with suspected data breaches and will notify regulators and affected individuals where legally required.
10.4 Transmission of information over the internet is not completely secure and is undertaken at your own risk.
11. Data Retention
11.1 We retain personal data only for as long as necessary for legal, contractual and business purposes.
11.2 Client data is typically retained for 7 years following completion of services in line with limitation periods under the Limitation Act 1980.
11.3 Where appropriate, data may be anonymised and retained for analytical purposes.
12. Your Rights
12.1 Under data protection law, you have the right to:
12.1.1 Access your personal data;
12.1.2 Request correction;
12.1.3 Request erasure;
12.1.4 Object to processing;
12.1.5 Request restriction of processing;
12.1.6 Request data portability;
12.1.7 Withdraw consent (where applicable).
12.2 We may refuse a request where we have a lawful basis to do so and will inform you accordingly.
12.3 Requests should be directed to:
Andrew Firth
office@ascensor.com
13. Data Protection Contact
13.1 We have appointed a Data Privacy Manager responsible for overseeing compliance with this Privacy Statement.
13.2 If you have any questions or concerns, please contact:
Andrew Firth
Ascensor Limited
Block 1, City West Office Park
The Boulevard
Holbeck
Leeds
LS12 6FB
Email: office@ascensor.com
13.3 You have the right to lodge a complaint with the Information Commissioner’s Office (ICO).
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
14. Cookies
14.1 Our websites use cookies to improve user experience.
14.2 Cookies are small files stored on your device to track usage and interactions.
14.3 We use analytics software such as Google Analytics to monitor website usage. This does not collect personally identifiable information.
14.4 Users may control cookie preferences via browser settings or our cookie consent mechanism.
15. Changes to this Privacy Statement
15.1 We reserve the right to update this Privacy Statement at any time.
15.2 Where changes are significant, we will provide appropriate notification.