Privacy Policies

Our Other Privacy Notices

• Privacy Notice for Employees, Workers and Consultants
• Privacy Notice for Job Applicants​
• Privacy Notice for Customers​​

Website Privacy Policy

Stonbury Limited (“we”, “us”, “our”, “the Company”) respects your privacy and is committed to protecting your personal data. We operate the website https://www.stonbury.com/ (“the Website”).

We are a limited company whose registered number is 01721842 and whose registered office is at Chawston House, Chawston Lane, Chawston, Bedfordshire, MK44 3BH. Telephone: 01234 750924.

This privacy policy is intended to comply with the General Data Protection Regulation (“GDPR”) and the Data Protection Act 2018 (collectively referred to as “the Data Laws”).

This privacy policy will provide you with information about how we look after your personal data when you visit and use our Website (regardless of where you visit it from) including any data you may provide through the Website. It will also tell you about your privacy rights and how the law protects you.

Please note that this privacy policy relates only to the treatment and use of personal data arising from your visiting the Website. We provide other privacy notices for our treatment of personal data arising from other areas.

The Company is the controller of your personal data for the purposes of the Data Laws and is therefore responsible for your personal data. The Company is registered with the Information Commissioner under registration number Z195157X.

The Data Protection Officer of the Company is ultimately responsible for overseeing questions in relation to this privacy policy. If you have any questions, including any requests to exercise your legal rights, please contact him using the contact details above.

Data protection principles

We will comply with the Data Laws. The GDPR says that the personal information we hold about you must be:

1. Used lawfully, fairly and in a transparent way.
2. Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
3. Relevant to the purposes we have told you about and limited only to those purposes.
4. Accurate and kept up to date.
5. Kept only as long as necessary for the purposes we have told you about.
6. Kept securely.

The personal data we collect

Personal data means any information about an individual from which that person can be identified. We may collect and process the following data about you:

• Information about you that you give us
  By using our Website, you may provide to us the following personal information:

1. Your username, email and password and other information when using our Client Portal;
2. Your name, country, postcode, address, telephone number, mobile number, email and CV (and any personal information contained on that) when contacting us through the Careers Portal on our Website. When applying for a job with the Company, we will send to you a separate privacy notice which will inform you what personal information we will collect and for what reason and other information as required in accordance with the Data Laws;
3. Your email address when you use the Subscribe button on our Website for the purposes of receiving our newsletters or other information about our business.

• Information collected by us automatically
  We may automatically collect information about you such as technical information regarding your visits to our Website including, but not limited to, the Internet Protocol (IP) address used to connect your computer to the Internet, geographical location, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
  
  It may also include information about your visit(s) to our Website including the full Uniform Resource Locators (URL), clickstream to, through and from our Website (including date and time), job vacancies you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, and any phone number used to call us.

Personal data does not include data where your identity has been removed or which not associated with or linked to your personal data (anonymous data).

IP addresses and Cookies

Our Website uses cookies to collect non-personal statistics about users of our website to see how they use our website and to help us improve it. Such information will include how long a user spends on our website, which location they are from, which pages are viewed etc.

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our Website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our Website.

How we use your personal data

We will only use your personal information we collect about you as follows:

• Information that you give us
  We may use the information you give to us to:

1. To deal with any enquiries you raise on our Client Portal to perform our contract with you or as part of our legitimate interests;
2. Respond to your enquiries as requested by you and in accordance with our legitimate interests when you contact us;
3. To send to you our newsletter and other information about our business in accordance with our legitimate interests when you subscribe to this using the Subscribe button on our Website; and
4. When you comment about us or follow us on any social media site

• Information collected by us automatically
  We may use the information we automatically collect to:

1. Ensure that content from our Website is presented in the most effective manner for you and for your computer as is in our legitimate interest;
2. Administer and monitor our Website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes so as to allow us to provide you with the best possible service and experience as is in our legitimate interest to do so; and
3. Keep our Website safe and secure as is in our legitimate interest.

Storage of your personal data

All of the information you provide to us is stored on our secure servers which are located within the UK and the European Economic Area.

Sharing and transfer of your personal data

We do not share your personal data with third parties unless stated in this privacy policy.

We may also disclose your personal data on a confidential basis to third parties in the event that we are seeking to sell our business or assets and your personal data is relevant to that or where our business or assets are otherwise acquired or if we are under a duty to disclose such data by law or for the purposes of pursuing or defending legal proceedings or where appropriate within our group of companies or otherwise when it is within our legitimate interests to do so (including the legitimate interests of any third party. When we transfer your personal data we will ensure that this is done securely and that the personal data is only used on our instructions and for the purposes for which we have transferred it.

Security

We have put in place measures to protect the security of your information.

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, the access to and use of the personal data that we collect is restricted to those employees who need the personal data to perform a specific job role or activity. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorised access.  We urge you to take every precaution to protect your personal data when you are on the internet.

Data retention

Personal data we collect from you will be stored only for as long as required to fulfil the purpose for which it was collected, and for no more than 7 years thereafter unless we decide otherwise or are required to retain such data for longer periods due to legal or regulatory requirements. Generally, the criteria we use for determining how long we retain personal data includes, but is not limited to the following:

• The purpose for which we hold the personal data;
• The amount, nature and sensitivity of the personal data;
• The potential risk of harm from unauthorised use or disclosure of such personal data
• What alternative means we have for achieving our purposes;
• The legal limitation periods for bringing claims and whether we need the personal data to bring or defend proceedings;
• Any legal or regulatory requirements for the retention of personal data;
• What our insurance terms require in relation to the retention of personal data;
• Any specific requests to hold such personal data from a Data Subject;
• Satisfying any legal, accounting or reporting requirements;
• Whether we need to hold on to such personal data to assist us with the performance of our services or the performance of a contract with you; and/or
• Any orders for preservation of evidence, including personal data.

Your rights

You have the right to:

• Request access to your personal information (commonly known as a "data subject access request"). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
• Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
• Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
• Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
• Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
• Request the transfer of your personal information to another party.

If you wish to exercise any of your above rights, please send a written request to us at the address listed at the end of this privacy notice, addressed for the attention of the Directors.

Where we have relied on your consent for the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. You may withdraw your consent by emailing the Data Protection Officer at dpo@stonbury.co.uk

Other websites and links

Our Website may contain links to other websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control third party websites and are not responsible for their privacy notices or for the content, accuracy or opinions express in such websites.  We do not investigate, monitor or check third party websites for accuracy or completeness and the inclusion of any linked website on or through our Website does not imply approval or endorsement by us of the linked website.

If you decide to leave our Website and access these third party websites, plug-ins and/or applications you do so at your own risk.  We encourage you to read the privacy notice of every website you visit.

Changes to this privacy notice

This version was last updated in July 2021.

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Contact Details

We have appointed Data Protection Officer to oversee our compliance with data protection laws. You can contact the Data Protection Officer by email: dpo@stonbury.co.uk or by writing to the Company contact details above.

Complaints

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.