Privacy Policy

  

Your data and privacy are important and we will handle them securely, fairly and legally at all times.

Rossall Mobile Phone Shop complies fully with the General Data Protection Regulation (GDPR) and below we tell

you about what data we collect and how we store and use it.



What Information Do We Collect?


We keep a record of the data that you give us when you bring in a device for repair.

This amounts to the given name and telephone number / email address and also details of the device including IMEI / Serial number.

We also ask for any lock code, password or pattern lock on the device. This is not stored electronically and is purely to facilitate testing purposes.



What Information Do We Not Collect?


We do not collect or store any information other than the details stated above.

We do not ask for or keep any personal data from our website.

We do not access or store any personal data from your device. We will only access the functions of any device that are required to determine that a successful repair has been carried out.



Where We Keep Your Data - Security


The security of your personal data is a very major concern for us. We have legal obligations to keep it safe and handle it with care and the penalties for not doing so are very high.

We store your personal data securely and it is backed up in two geographically separated locations so that it cannot be lost in the event of a catastrophic failure in our premises or systems.

The worksheets that we use are kept in a locked cabinet for the period that HMRC require and then securely destroyed. 

The copy of the worksheet that is issued to you the customer should always be returned when collecting your device. If it is returned it will be securely destroyed. If the customers copy of the sheet is not returned or you, the customer wishes to keep your copy of the repair sheet this will be recorded and we will accept no responsibility

whatsoever for misuse of the information on the worksheet.



How Do We Use Your Information?


The information that you give us is used solely by Rossall Mobile Phone Shop to aid us in our day to day business operations.

The information also helps us to both track and trace customers devices and repairs.

GDPR has created six lawful bases for data collection and use.

These are as follows -


1)  Consent: you have given clear consent for us to process your personal data for a specific purpose (for example, marketing)


2)  Contract: the processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.


3)  Legal obligation: the processing is necessary for us to comply with the law (not including contractual obligations).


4)  Vital interests: the processing is necessary to protect someone's life.


5)  Public task: the processing is necessary for us to perform a task in the public interest or for our official functions, and the task or function has a clear basis in law.


6) Legitimate interests: the processing is necessary for our legitimate interests or the legitimate interests of a third party unless there is a good reason to protect your personal data which overrides those legitimate interests.


Here is a list of the ways that we use your personal information, and which of the Legal Bases outlined above we rely on to do so :-


Device Repair / Service To facilitate repair progress and tracking -  section 6 - Legitimate Interests.



Who We Share Your Information With And Why


We do not share any of your personal data with any third party.

We do however have a legal obligation to share data in response to properly made requests from -


1)  Law enforcement agencies - for the prevention and detection of a crime, for the purpose of safeguarding national security or when the law requires us to, such as in response to a court order or other lawful demand or powers contained in legislation.


2)  Regulatory bodies such as the Information Commissioner's Office and Ofcom.



How Long Do We Keep Your Personal Data?


We keep your data securely within our systems for the period required by HMRC which is currently 7 years.



Transfers To Third Countries


At Rossall Mobile Phone Shop your data is stored securely on our systems which are located in the United Kingdom.

Your information will not be transferred to a third country (defined under the GDPR as a country outside of the European Economic Area).



Keeping In Touch With You


We do not use your details for any marketing purposes.

The only times you will hear from us will be about your repair or order with us.



What Are Your Rights?


You have the following rights under the GDPR:-


1)  The right to be informed. Individuals have the right to be informed about the collection and use of their personal data.

This privacy notice fulfils that requirement.


2)  The right of access. We are happy to provide you with the personal details that we hold on our system.

(You will need to prove that you are who you claim to be)


3)  The right to rectification. We are happy to amend any details which you deem to be incorrect.


4)  The right to erasure. You have the right to request that we delete personal data held on you. This does not apply if we have a legal reason for retaining it and does not include deletion of device type or serial number which is required to be kept for warranty tracking.


5)  The right to restrict processing. In certain circumstances, you have the right to ask us to 'restrict processing of data'.

As we do not process your data in any way and simply store it securely you are safe to assume that the processing of your data is already restricted.


6)  The right to data portability. You have a right to obtain some of the personal data we hold on you in a 'structured machine-readable' format. This information will be provided as a PDF file.


7)  The right to object. You have the right to opt-out of any marketing communications that we may wish to send you.

As we do not use your data for marketing purposes you are safe to assume that you are already opted-out.


8)  Rights related to automated decision-making including profiling. Rossall Mobile Phone Shop does not apply any automated decision-making or profiling to any of your personal data.

If you have any questions about how Rossall Mobile Phone Shop uses your personal data that are not answered here, or if you want to exercise your rights regarding your personal data, please contact us by email at


GDPR@rossallphoneshop.co.uk


You have the right to lodge a complaint with the Information Commissioner’s Office. Further information, including contact details, is available at 


https://ico.org.uk



Data Controller


The GDPR makes a distinction between organisations that process personal data for their own purposes, known as 'Data Controllers', and organisations that process personal data on behalf of other organisations, known as 'Data Processors'.

Rossall Mobile Phone Shop is a Data Controller, registered in England under registration no. 9759811 as Rossall Mobile Phone Shop Ltd, with a registration address of

39 Rossall Road

Thornton-Cleveleys

Lancashire

FY5 1EE



Changes To This Privacy Notice


We recognise that transparency is an ongoing commitment, so we will keep this privacy notice under regular review.


This privacy notice was last updated on 11th September 2018.