GDPR Compliance - Elite Fallis Windows

Our Commitment to GDPR

Elite Fallis Windows is committed to compliance with the General Data Protection Regulation (GDPR) and UK data protection laws. This page explains how we meet our obligations under these regulations.

Lawful Basis for Processing

We process personal data on the following lawful bases:

Consent: When you provide explicit consent for us to process your data for specific purposes
Contract: When processing is necessary to fulfil a contract with you
Legal obligation: When we must process your data to comply with the law
Legitimate interests: When processing is necessary for our legitimate business interests

Your GDPR Rights

Under GDPR, you have the following rights:

Right to Access

You have the right to request a copy of the personal data we hold about you.

Right to Rectification

You can request that we correct any inaccurate or incomplete personal data.

Right to Erasure

You can request that we delete your personal data in certain circumstances.

Right to Restrict Processing

You can request that we limit how we use your personal data in certain situations.

Right to Data Portability

You can request a copy of your data in a machine-readable format.

Right to Object

You can object to our processing of your personal data in certain circumstances.

Rights Related to Automated Decision-Making

You have rights relating to automated decision-making and profiling. We do not currently use automated decision-making processes.

How to Exercise Your Rights

To exercise any of your GDPR rights, please contact us at:

Email: [email protected]

We will respond to your request within one month of receipt.

Data Protection Officer

For any data protection queries or concerns, you can contact our Data Protection Officer at the email address above.

Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Our standard retention periods are:

Enquiry data: 2 years from last contact
Customer data: 7 years from completion of service (for legal and warranty purposes)
Marketing data: Until consent is withdrawn

International Transfers

We do not transfer personal data outside the UK or European Economic Area.

Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the Information Commissioner's Office (ICO) within 72 hours of becoming aware of the breach.

Complaints

If you believe we have not handled your personal data properly, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire SK9 5AF
Tel: 0303 123 1113
Website: www.ico.org.uk

Updates to This Policy

We may update this GDPR compliance statement from time to time. We will notify you of any significant changes by posting the new policy on this page.