HomeView is part of GAP Ltd.
Rest assured – at GAP we’re 100% committed to protecting your privacy and security.
We’ve been in the business for well over two decades – and are customers of hundreds of suppliers ourselves. So we completely understand how important it is to respect the information you’ve given us about yourself.
You’ll have heard by now about some new rules governing what can and can’t be done with information about you.
They’re contained within the General Data Protection Regulation (GDPR) – and we’ve been studying them for months to make sure we’re crystal clear about our obligations.
In anticipation of the changes, we’ve re-written the Customer Privacy Notice and our Data Protection Policy to cut through the legal jargon and spell out exactly what we do with what you’ve told us about yourself and your business.
In a nutshell, it all boils down to five GAP Privacy Pledges. We promise that we will:
1. Only use the information you give us to improve the service we deliver
2. Protect your data like it’s our own
3. Only ever talk your language. No nonsense, no spam, and no cleverly worded sentences that leave you baffled!
4. Give you the power to decide what and how you hear from us
5. Delete your information as soon as we no longer need it
This Customer Privacy Notice sets out what personal data we, GAP, hold about you and how we collect and use it. It applies to all customers whether you’re another business buying our products or a home owner using our websites.
We are required by data protection law to give you the information in this Privacy Notice. It is important that you read the Privacy Notice carefully, together with any other similar or additional information that we might give you from time to time about how we collect and use your personal data.
This Privacy Notice applies from 25 May 2018, when the General Data Protection Regulation comes into force. It does not give you any contractual rights. We may update this Privacy Notice at any time.
GAP Ltd (Partnership Way, Shadsworth Business Park, Blackburn, BB1 2QP) is the “controller” for the purposes of data protection law. This means that we are responsible for deciding how we hold and use personal data about you. We also have a dedicated Data Protection Team that is committed to making sure GAP is looking after all your information. If you have any queries, you can reach our Data Protection super-team on firstname.lastname@example.org
Personal data means any information relating to a living individual who can be identified (directly or indirectly) using the information you give us (e.g. name, job title, company address, email address, mobile number etc.). It can be factual (e.g. contact details or date of birth), or an opinion about an individual’s actions or behaviour.
Data protection law divides personal data into two categories: ordinary personal data and special category data. Any personal data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, physical or mental health conditions, sexual life or sexual orientation, or biometric or genetic data that is used to identify an individual is known as special category data. (The rest is ordinary personal data). But don’t worry; we don’t collect special category data from our customers!
We collect, hold and use the following types of ordinary personal data about you:
- Publicly available information about you, such as your business social media presence, numbers on vans, contact email.
- Data including; name, address, email address, company registration number, company VAT number, your account activity, contact number etc.
- We also record calls for quality and training purposes.
We hold and use this personal data so that we can:
- Process your order/query and correspond with you about it.
- Make sure you are receiving the quality of service you expect.
- Invoice you for your order.
- Chase outstanding payments.
- Maintain your account with us.
- Maintain any warranties.
- Provide the service you are expecting
- Find you an appropriate installer in your area
In addition to this, there’s our marketing programme.
If you’ve said we can do so, we’ll send you marketing messages by email, text and mail to keep you aware of what we’re up to and to help you see and find our products.
You can stop receiving marketing messages from us at any time, by:
- Clicking on the ‘unsubscribe’ link in any email
- Contacting us at email@example.com
Once you do this, we’ll update your profile to ensure that you don’t receive further marketing messages. Please note though, that because GAP operates a large and complex number of marketing projects and web sites, it might take a few days for all our systems to be updated. So you might get messages from us while we process your request.
The new regulations set out specific reasons under which we can process this information about you.
When we ask you for your details, we will use one or more of the following reasons as to why we are asking for it:
- We need it to take steps (at your request) in order to enter into a contract with you.
- We need it to comply with a legal obligation, e.g. the obligation to provide the goods you have purchased.
- It is necessary for our legitimate interests (or those of a third party) and your interests and your rights (we will cover these later!) do not override those interests (legitimate interest).
For example, if you send us an enquiry through our HomeView website, it is in our legitimate interest to give you a call to follow up on the query.
You provide us with most of the personal data about you that we hold and use, for example when you come into our branches and give our friendly trade counter team your information.
Some of the personal data we hold and use about you is generated from internal sources. For example, we may make notes against your account on our internal CRM system to specify your preferences.
Some of the personal data about you that we hold and use may come from external sources. For example: if you drive around with your number on a van!
We may share some of your data with the following people, the types of data and our legal grounds for doing so are detailed below:
- Where you make an enquiry on our HomeView website, we may pass some of your information onto our trusted installers. We have a legitimate interest in sending your details to them so they can help you with your HomeView purchase. The data we share may include: name, address, contact number, email address etc.
- We may share customer information with delivery companies when we need to send a product to you quickly. We use companies such as royal mail and DPD. We need to share your data with these companies to perform the contract we entered into with you.
- Every year we are audited by financial authorities, as part of this process they will have access to customer information to make sure we aren’t being fraudulent in our activities. This is a legal obligation that we have as part of our business operations.
- We may share a customer’s details with county courts and debt collectors in the event that the customer fails to pay a debt owed to us.
- In special circumstances at your request, we may share your personal data with suppliers and manufacturers. We only do this in special circumstances and we will speak to you about it first!
- We may share your information with the providers of the specialist systems we use to store and process your data. If we have system issues, these providers may require access to our systems and your data. Don’t worry, system errors very rarely happen and the information the system providers see is very limited. Examples of this include: SAP, Sage, Infopos, Access Dimensions etc.
- We also invest in understanding how you came to find us on the internet. This means we share things like mouse-clicks and IP addresses with companies like inspectlet.com. We have a legitimate business interest in finding out this information as it helps to improve our websites.
- If you choose to request our email newsletter and explicitly give your consent for us to send you subsequent issues and other marketing material via our opt-in process, the email address that you submit to us will be stored in our database and also forwarded to MailChimp who provide us with email marketing services. We consider MailChimp to be a third party data processor.
- We may share your information with our suppliers to tell you about a new branch opening or exciting offers. For example, we may share your company address with a printing supplier to send you information about a new branch opening.
If you do not wish to provide us with your information, that’s entirely your choice. Please bear in mind that if you don’t provide us with the information we require for the reasons we have stated, we won’t be able to supply you with our fantastic products and services and may not be able to administer your GAP trading account, if you have one (where a GAP trading account may be required).
We hate saying goodbye, but we’ll only hold onto your information for as long as it’s needed to be able to fulfil our contract to supply you and provide our services to you or (in the case of any contact you may have with our Customer Care team) for as long as it’s necessary to provide support-related communication or reporting.
If we think it’s reasonably necessary or if we’re required to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions, we may also keep hold of some of your information as required even after you have closed your Account – assuming it’s no longer needed to provide services to you.
If you make a purchase from GAP and that product comes with a warranty, we would keep your personal data for as long as that warranty applies. For example, if you purchase a set of Homeview Bi-Folding doors, we would keep you information for 10 years in line with your Guarantee.
When you make an enquiry through HomeView, we will seek your permission to pass your details to one of our recommended installers. If you are happy for us to do so and this doesn’t result in a purchase, we will not keep your information for any longer than 6 months after the date we pass your details on. If after 6 months you are still in the process of deciding on receiving a quote, we will leave your details in our system for a further 6 months, meaning we will not keep your details any longer than 12 months in total.
The new regulations set out the rights that everyone has if a business is processing data about you, they are:
- The right to make a subject access request. This enables you to receive certain information about how we use your data, as well as to receive a copy of the personal data we hold about you and to check that we are doing exactly what we say we are doing!
- The right to request that we correct incomplete or inaccurate personal data that we hold about you. This speaks for itself, if we have the wrong email address or phone number, you have the right to tell us to make it right!
- The right to request that we delete or remove personal data that we hold about you where we don’t have a good reason for keeping hold of it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below).
- The right to object to our processing your personal data where we are relying on our legitimate interest (or those of a third party), where we cannot give a good reason for processing the data about you.
- The right to request that we restrict our processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example if you want us to tell you how accurate the information is or you want to know why we are asking for this information.
- The right to withdraw your consent to us using your personal data. Alongside this, you also have the right to request that we delete or remove that data, if we do not have another good reason to continue using it.
- The right to request that we transfer your personal data to another party, in respect of data that you have provided where our legal ground for using the data is that it is necessary for the performance of a contract or that you have consented to us using it (this is known as the right to “data portability”).
If, for whatever reason, you want to exercise any of these rights, please contact our Data Protection Team on firstname.lastname@example.org. Please be aware that these rights are not concrete and in some circumstances we may be entitled to refuse some or all of your request.
GAP Web Sites
GAP web sites also collect and use personal information. We do so as follows:
Like most websites, this site uses Google Analytics (GA) to track user interaction. We use this data to study the number of people using our site, to better understand how they find and use our web pages and to see their journey through the website.
Although GA records data such as your geographical location, device, internet browser and operating system, none of this information personally identifies you to us. GA also records your computer’s IP address which could be used to personally identify you but Google do not grant us access to this. We consider Google to be a third party data processor.
Cookies are very small harmless files that most websites put on to your computer when you roam their pages, to help the site run efficiently and make your user experience more enjoyable. Most Cookies are critical to a website’s performance and your enjoyment of it. We have reviewed and adjusted our Cookie Notice to meet the requirements of GDPR.
- Essential Cookies to help them run smoothly and allow the contents of a shopping basket to be transferred from the basket to an order whilst also identifying whether or not the visitor is a trade Account customer.
- Information Cookies to gather anonymous information to assess how customers are using the website. This will then help us to improve certain pages of our site which may currently be poorly designed or unclear for the user. Information Cookies also highlight the most visited pages or broken links
- Helpful Cookies to help you when you return to the website. For example, they will save information such as name and address for when/if you are looking to make a repeat purchase and so make it a quicker and easier process for you
- Third Party Cookies to monitor and record your typical browsing habits whilst working in the background so only relevant ads are displayed.
The basic rules are that we must:
- Tell you Cookies are in place and being used to monitor and record your usage of our websites. (Consider yourself told)
- Explain what the cookies are doing and why. (Tick)
- Get your consent to store a Cookie on your device. (You’ll have seen the pop up when you landed on our sites)
As long as we do this the first time we set Cookies, the rules say we don’t have to repeat it every time you visit our website.
That said we accept that that devices may be used by different people. So bearing in mind that there could be more than one user of your device, we plan to repeat the process at suitable intervals.
You can read our entire Cookie Notice on our website.
Disabling cookies on your internet browser will stop GA from tracking any part of your visit to pages within this website.
In addition to Google Analytics, this website may collect information (held in the public domain) attributed to the IP address of the computer or device that is being used to access it. The information is supplied to us from Whoisvisiting.com. Whoisvisiting.com is a service offered by Whoisdata Limited. The Whoisvisiting system does not use your IP address to identify you, the individual, in any way. No cookies are used by the Whoisvisiting system. The Whoisvisiting system will only lookup information when a static IP address is being used. When a device is assigned a static IP address, the address does not change.
Should you choose to contact us using the contact form on our Contact us page or via email links, none of the data that you supply will be stored by this website or passed to/be processed by any of the third party data processors. Instead the data will be collated into an email and sent to us over the Simple Mail Transfer Protocol (SMTP). Our SMTP servers are protected by TLS (sometimes known as SSL) meaning that the email content is encrypted using SHA-2, 256-bit cryptography before being sent across the internet. The email content is then decrypted by our local computers and devices.
Your email address will remain within our and MailChimp’s database until you specifically request removal from the list. You can do this by unsubscribing using the unsubscribe links contained in any email newsletters that we send you or by requesting removal via an email to email@example.com. When requesting removal via email, please send your email to us using the email account that is subscribed to the mailing list.
If you are under 16 years of age you MUST obtain parental consent before joining our email newsletter.
While your email address remains within our and MailChimp database, you will receive periodic marketing communications from us.
Pseudonymisation is a recent requirement of the GDPR which many web application developers are currently working to fully implement. We are committed to keeping it as a high priority and will implement it on this website as soon as we are able to.
If you have any questions or concerns about how your personal data is being used by us, you can contact our Data Protection Team on firstname.lastname@example.org
If you aren’t happy with how GAP are processing your data, you also have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues. Details of how to contact the ICO can be found on their website: https://ico.org.uk