Cef_logo

CEF.co.uk is best viewed in portrait mode, please rotate your screen.

National 7:30am to 8pm - Mon-Fri 01763 272 717

Fair Processing Policy

Introduction

The General Data Protection Regulation outlines 6 principles that all organisations must adhere to. These are:

Personal data shall be:

  • 1

    Processed lawfully, fairly and in a transparent manner in relation to the data subject (‘lawfulness, fairness and transparency’);

  • 2

    Collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes (‘purpose limitation’);

  • 3

    Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed (‘data minimization’);

  • 4

    Accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (‘accuracy’);

  • 5

    Kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed (‘storage limitation’);

  • 6

    Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organisational measures (‘integrity and confidentiality’).

How CEF uses your information

We will collect your personal information for the following purposes:

  • a) to identify you and manage any accounts you hold with us;
  • b) to process your order and obtain payment;
  • c) to conduct research, statistical analysis and behavioral analysis;
  • d) if you agree, let you know about other products or services that may be of interest to you—see ‘Marketing’ section below;
  • e) to detect and prevent fraud;
  • f) improve our product and services

Marketing

We may periodically send promotional emails about new products, special offers or other information which we think you may find interesting using the email address which you have provided

From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, SMS or other electronic messaging services, phone, fax or mail.

We will only send you marketing information:

  • when you tick the relevant boxes;
  • when you provide us with your personal information;
  • when you complete a Credit Account Application form; or
  • when you buy from us; or
  • when you have requested to be added to our marketing list.

You can opt out at any time by sending an email to [email protected] or via the unsubscribe link at the bottom of emails we send to you. Please see ‘The right to ask us to stop contacting you with direct marketing’ below for further information.

Information CEF may collect

We collect personal information about you when you register with us online, contact us or when you submit a response to an online questionnaire on our website.

  • a) full name
  • b) postal address
  • c) email address
  • d) telephone number;
  • e) mobile number;
  • f) date of birth; and
  • g) residence status

We may also collect personal information about you from other sources (such as credit reference agencies), which we will add to the information we already hold about you in order to help us improve our products and services, and help us access the initial credit limit to be applied to your account and as part of our annual review of your credit status.

We operate CCTV at our sites; your image could be recorded by our security cameras. All footage is regularly deleted unless it is being use to investigate an alleged crime or incident. In cases of this nature it may be retained for up to 2 years following the end of the investigation. In serious cases the footage may be supplied to the UK Authorities at their request.

In some of our buildings we also collect the Vehicle Registration Number of your car to allow you to gain entry. This is deleted after your visit.

Please note that we do not collect any information in relation to your payment information, such as credit/debit card details.

How long CEF will keep this information

We shall retain your information whilst you remain a customer, should you not trade and there is no good business reason to retain your information we will delete your information one year after the month of the final sale or on receipt of your request to be deleted whichever is the sooner, unless we are required by law to retain your personal information for a longer period.

CEF's approach to information security

To protect your information CEF has policies and procedures in place to make sure that only authorized personnel can access the information, that information is handled and stored in a secure and sensible manner and all systems that can access the information have the necessary security measures in place. To accomplish this, all CEF employees, contractors and sub-contractors have roles and responsibilities defined in those policies and procedures.

To make sure all CEF employees, contractors and subcontractors understand these responsibilities they are provided the necessary training and resources they need.

In additional to these operational measures CEF also uses a range of technologies and security systems to reinforce the policies.

To make sure that these measures are suitable, vulnerability tests are run regularly. Audits to identify areas of weakness and non-compliance are routinely scheduled. Additionally, all areas of the organisation are constantly monitored and measured to identify problems and issues before they arise.

Your rights

The right to access information we hold on you

At any point you can contact us to request the information we hold on you as well as why we have that information, who has access to the information and where we got the information. Once we have received your request we will respond within 30 days.

In order to process your request CEF may need to verify your identity for your security. In such cases, your response will be necessary for you to exercise this right.

The right to correct and update the information we hold on you

If the data we hold on you is out of data, incomplete or incorrect, you can inform CEF and we will ensure that it is updated.

In order to process your request CEF may need to verify you identity for your security. In such cases your response will be necessary for you to exercise this right.

The right to have your information erased

If you feel that we should no longer be using your data or that we are illegally using your data, you can request that we erase the data we hold. When we receive your request, we will confirm whether the data has been deleted or tell you the reason why it cannot be deleted.

In order to process your request CEF may need to verify you identity for your security. In such cases your response will be necessary for you to exercise this right.

The right to object to processing of your data

You have the right to request that CEF stops processing your data. Upon receiving the request, we will contact you to tell you if we are able to comply or if we have legitimate grounds to continue. If data is no longer processed, CEF may continue to hold your data to comply with your other rights.

In order to process your request CEF may need to verify you identity for your security. In such cases your response will be necessary for you to exercise this right.

The right to data portability

You have the right to request that we transfer your data to another controller. Once CEF receives your request, we will comply where it is feasible to do so.

In order to process your request CEF may need to verify you identity for your security. In such cases your response will be necessary for you to exercise this right.

Consent

In those cases where we need your consent to hold your information, we will ask you to check a box on any form requiring consent. By checking these boxes you are stating that you have been informed as to why CEF is collecting the information, how it will be used, for how long it will be kept, who else will have access to it and what your rights are as a data subject.

Sharing your information

Where necessary to fulfil our obligations to you, we may pass your details to third parties where this is necessary for the functioning of our business. These third parties include:

a) Google

We work with third party company Google to automatically collect information including: IP address; MAC (Media Access Control) address; unique identifier or other persistent or non-persistent device identifier; device software platform and firmware, mobile phone carrier and geo location data to help us understand your use of our app such as how often you return, what parts of the app you visit, how you use the app and how long you spend on the app. This third party provider is prohibited from using our data for any other purposes. Go to http://www.google.com/analytics/terms/us.html to read Google Analytics Privacy Policy. We use the data we collect about your use of our website to analyse trends across the data set of all customers worldwide, and to enable us to offer a better service to you.

b)

We work with third party company New Relic Cookie are used to store a session identifier so they can monitor session counts for an application. The Cookie value is generated by Jetty. This third party provider is prohibited from using our data for any other purpose. Go to https://newrelic.com/termsandconditions/privacy to read New Relic Privacy Policy. This was accurate on 25th May 2018. Parties may have since been added. An up to date list can be obtained at [email protected]

Cookies and Tracking

Use of cookies

When visiting CEF’s website or using web-related services it may be necessary for us to create cookies with information. Table 1 lists the cookies that are used on 25th May 2018.

Description of cookies

The table below provides some information on the cookies that we use on our website:

Cookie Name What it does Why is it used How long it lasts
Customer_credentials Unique session key to identify you So you don’t need to sign in on every page. Until the browser session closes.
Stock_enq_address Stores your collection store To check stock for your collection store Until the browser session closes.
_cfduid Identifies a user to Cloudflare, our security provider. If Cloudflare challenges a user It stores the acknowledgement of that challenge in this. Persistent
_hjIncludedInSample Site Analytics To visualize how the site is being used. Until the browser session closes
_utma Keeps track of the number of times a visitor has been to the site To visualize how the site is being used. Persistent
_utmc Logs the amount of time the visitor has been on the ste To visualize how the site is being used Until the browser session closes
_utmz Records where the visitor has come from To visualize how the site is being used 6 months
_session_id Unique session key to identify you So we can make sure your visit on the site is not hijacked. Until the browser session closes
Reevoo_utma Identifying Unique Visitors Used by Reevoo to determine who views reviews 2 years
Reevoo_utmc Determining number of Visitor Session Used by Reevoo to keep count of the number of sessions Until the browser session closes
Reevoo_utmz Tracking Traffic Sources & Navigation Reevoo Aggregated traffic data 6 months
reevoo_sp_id.xxx Identifies snowplow tracker Reevoo Identifier of snowplow tracker 1 year
reevoomark_marker Identification of review display Numeric identifier 1 month

Enquiries

When contacted with an enquiry, we will hold the entity name and contact details only for the purposes of handling the enquiry.

Contact Details

If you have any queries about this Policy, need further information or wish to lodge a complaint you can use the details below to contact

[email protected]

We may change this Policy from time to time. You should check this policy occasionally to ensure that you are aware of the most recent version that will apply each time you access the website.