Welcome to The Symphony Group plc’s privacy notice.
We respect your privacy and are committed to protecting your personal data. This privacy notice will inform you as to how we look after your personal data and tell you about your privacy rights and how the law protects you.
This privacy notice explains how we use any personal information that we collect about you when you:
- use this website;
- visit one of our sites;
- provide your business contact details as an employee of one of our customers;
- order a product or a service from us;
- contact us to make a complaint;
- attend an event organised by us;
- take part in a competition; or
- contact us directly for another purpose.
How to contact usThe Symphony Group plc (company number 01022506) (referred to as “we”, “us” or “our”) is the controller and responsible for your personal data.
If you have any questions about this privacy notice or the information we hold about you, please contact us at:
Data Protection Officer
The Symphony Group plc
Pen Hill Estate
Park Spring Road
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK regulator for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Changes to the Privacy Notice and Your Duty to Inform us of Changes
We keep our privacy notice under regular review. This version was last updated on the date shown in the footer. Historic versions can be obtained by contacting us.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
What information do we collect about you?
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped as follows:
- Contact data includes name, address, email address and telephone numbers;
- Financial data includes bank account and payment card details;
- Transaction data includes details of products and services you have purchased from us including details of payments and recordings of telephone calls;
- Technical data includes IP address, login data, browser type and version, time zone setting and location, browser plug-in types and versions and other technology on the devices you use to access our websites; and
- Profile data includes purchases made by you, your personal circumstances, your interests and preferences.
We do not collect any special categories of personal data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). Nor do we collect any information about criminal convictions and offences.
Where we need to collect personal data by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.
Why will we use the information about you?
We will only use your personal information when the law allows us to. Most commonly, we will use your personal data when:
- we need to perform the contract we are about to enter into or have entered into with you;
- it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests; or
- we need to comply with a legal or regulatory obligation.
Generally we do not rely on consent as a legal basis for processing your information other than in relation to sending third party direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us on the details set out in the ‘How can I get my name removed from a Symphony website mailing list’ section below.
How will we use the information about you?
We may use the information that you provide or that is obtained by us for the following purposes:
- to process and deliver your order or replacement product;
- to contact you in the course of our relationship with our customers or potential customers;
- to process your complaint including, in some circumstances, to arrange a visit to your property to inspect your product;
- to register you with our website and to administer the website services;
- to invite you to attend an event;
- to check any instructions given to us;
- for training purposes;
- to improve the quality of our customer service
- for assessment and analysis (e.g. market, customer and product analysis) to enable us to review, develop and improve the services which we offer;
- if you agree, to send you information about products or services of ours you may be interested in;
- for the prevention and detection of crime, including fraud;
- to administer any prize draws or competitions you enter.
How long will you keep my information for?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
By law we have to keep basic information about our customers (including Contact, Financial and Transaction Data) for six years after they cease being customers for tax purposes (which coincides with our five year building division (including additional units) product warranty period). For our retail customers and their customers that period is extended to ten years in order to cover our ten year product warranty period.
Will we share your information?
We may give information about you, under conditions of confidentiality, to the following, who may use it for the same purposes as set out above:
- If you agree, to our retail stockists, when you request a brochure;
- to employees and agents of us to administer or improve any accounts, products and services provided to you by us now or in the future;
- to other organisations for the administration of prize draws or competitions you enter, should you enter any;
- to our advisors on a sale or merger of all or part of our business, and to the new owners of that business.
International data transfers
To facilitate our business practices, your personal data may be collected, transferred to and stored by us in countries outside the UK. We have implemented safeguards to ensure an adequate level of data protection where your personal data is transferred to countries outside the UK, such specific contract clauses approved for use in the UK which give personal data the same protection it has in the UK and/or only transferring data to countries that have been deemed to provide an adequate level of protection for personal data.
You do not have to accept cookies, and you should read the information that came with your browser software to see how you can set up your browser to notify you when you receive a cookie, this will give you the opportunity to decide whether to accept it.
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
What are your rights?
Under certain circumstances, you have rights under data protection laws in relation to your personal information. These include rights to:
- request access to your personal data;
- withdraw consent to processing at any time;
- ask for correction of any inaccurate information;
- ask us to delete personal data if it is no longer necessary in relation to the purposes for which it was collected or processed;
- ask us to complete incomplete data;
- object to or restrict processing, in specific circumstances;
- be notified of a personal data breach which is likely to result in a high risk to your rights and freedoms;
- make a complaint to the Information Commissioner’s Office; and
- in limited circumstances, receive or ask for your personal data to be transferred to a third party in a structured, commonly used and machine readable format.
If you wish to exercise any of the rights set out above, please email us at email@example.com or write to us at the address above in the ‘How to contact us’ section.
No Fee Usually Required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
What We May Need From You
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Time Limit to Respond
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
How can I get my name removed from a Symphony website mailing list?
If you want to be removed from our mailing list, or have us delete your details from our database, please send an email to firstname.lastname@example.org detailing your request. Please note that it may take up to 28 days to action your request.