Privacy Policy

Who are we:

Registered office:                                    Company Registered in England: 5878134

Steel Build Masters Limited

Summerhill House, 1 Sculthorpe Road
Fakenham
Norfolk
NR21 9HA

Trading address:

Steel Build Masters Limited

Twyford Mill Farmhouse West
Pig Lane
Bishop's Stortford
Hertfordshire
CM22 7PA


This privacy policy sets out how Steel Build Masters uses and protects any information that you give Steel Build Masters when you use this website. Steel Build Masters is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement. Steel Build Masters may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes.

 

Confidentiality policy

We operate a strict privacy policy regarding client information: All client details, registered works or registration details are considered confidential and except where legally required, (i.e. by court order or Police investigation), will not be disclosed to any third party without prior consent. Client details will never be passed onto other companies, mailing lists, etc. All our personnel dealing directly with client details are required to sign a confidentiality agreement. All electronic back-ups of works are encrypted, to ensure they cannot be accessed by unauthorised personnel. All documents and files containing client data that require disposal, (such as redundant or expired files) are disposed of in a secure manner, normally by shredding and/or incineration.

Web site security

We operate a strict privacy policy regarding client information: Our website uses high security digital certificates to encrypt the communication between your browser and the servers. This ensures your privacy for any data you enter on our website forms and confidentiality of any files that you upload to us.

Secure storage of your work

When we store your work electronically, it is done in such a way to ensure that it cannot be accessed by any unauthorised person. Files you upload are immediately obfuscated, and all back up files are encrypted. Our storage servers cannot be directly accessed from the Internet, so they cannot be targeted by hackers.

Cookie policy

We use Google Analytics: Google Analytics sets cookies to help us accurately estimate the number of visitors to the website and what content is most popular. This helps to ensure that our website is responding to your needs in the best way possible way. We also use temporary (session) cookies where they are strictly necessary to enable our web-forms to operate and perform the requested service.

Secure storage of your work

When we store your work electronically, it is done in such a way to ensure that it cannot be accessed by any unauthorised person. Files you upload are immediately obfuscated, and all back up files are encrypted.

Credit/debit card security

Card details are sent to our payment service providers over highly secure 256bit encrypted direct connections. Card details are never stored or transmitted in a unencrypted format. The payment service providers we use are regularly audited by Visa and MasterCard to ensure that their systems conform to the latest security standards.

3D Secure verification

Some transactions* may also use ‘MasterCard SecureCode’, ‘American Express SafeKey’ or ‘Verified by Visa’ secure authentication. These systems (collectively known as ‘3D Secure’) use personal passwords or identity information to further protect card users against.

General Data Protection Regulation policy

What is the General Data Protection Regulation (GDPR)? The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation of the European Parliament, the Council of the European Union and the European Commission intended to strengthen and unify data protection for all individuals within the European Union (EU) and became law in the UK on 25th May 2018. Under the General Data Protection Regulation (GDPR), we are required to publish information about what data we collect, why we need to store it, and your rights under the GDPR legislation. In these matters we are subject to the rulings of the Information Commissioner’ Office (ICO), the UK’s independent authority set up to uphold information rights and data privacy for individuals.

Confidentiality

We have always, and continue to, treat all data we receive and works submitted as strictly confidential. Please see our security and privacy policy page for details.

GDPR policy

Basis of and scope of data storage:

We store and process data only as agreed by the client or as required in order to perform services requested by the client. We regard all details we do store as confidential. We do not engage in any profiling activities. We never share data with 3rd parties (e.g. for advertising, marketing, data analysis or similar).

Data we hold consists of:

Contact information: Your name. Company name (if applicable). Postal address. Country. Email addresses (if applicable). Telephone number (if applicable). This is used so that we can contact you when needed (e.g. to send invoices, certificates you have requested, communicate information affecting your account or our service to you, etc.)

Payment information:

Payee name. Billing contact details (if applicable). Card type (e.g. Amex, Visa) (card payments only). Last 4 digits of payment card (card payments only). Date and amount of payments. This data is kept purely to allow cross-checking in the event of accounting imbalance, customer payment enquiries or investigation by tax authorities (i.e. mandatory accounting requirements). Information you supply relating to works you have lodged with us (i.e. copyright ownership and work titles). Enquiries we have received via email, web-form or post.

Retention policy:

We retain personal data that you supply for as long as you are a client with an active account, and for as long as we are legally required to do so (e.g. by tax and accounting regulations). Where data may exist on back-ups, these are regularly changed and expired files (etc.) are securely disposed of when backup media is expired or replaced.

General enquiries via web-form, email or post:

These are generally kept for a number of years so that we can refer back to them if you send a follow up to our reply, after that they are deleted: At scheduled times throughout the year enquiries over the specified number of years old are removed.

The number of years will depend on the type of enquiry and how it was submitted:

During the deletion process, if it is considered that emails may relate to a financial transaction, contractual arrangement, special condition, clarification, or exception relating to an ongoing contract, these are treated the same as as tax records (tax records are legally required to be stored for a minimum of 6 years) and deleted after 7 years. All other forms, postal correspondence, and emails are deleted after 2 years.

Social Media Platforms:

Communication, engagement and actions taken through external social media platforms that this website and its owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively. Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. We encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email. This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.

Your Rights

Right of access and rectification

If you are a client and have need to check any information, we hold about you, or need to correct inaccurate information, please contact our Registration Services department. For security reasons we will need to ensure that you are the account holder (and may ask you to provide proof of your identity) before we can release any information. Right to erasure: If you decide that you no longer need our services and want the data we hold to be deleted, you may cancel your account at any time and we will remove your data once we are legally able to do so. (Note: for VAT invoices, and other financial records, there is a minimum retention period of 6 years specified under Paragraph 6, Schedule 11 of VAT Act 1994 and HMRC Notice 700/21 (December 2007), point 2.4. ). If you are not a client, but have contacted us via email/letter, and want any emails, letters, or form submissions enquiries you have made erased please contact our Information Desk and we will be happy to arrange that.

Please note: for security reasons you must contact us from the address you want removed and we may ask you to prove your identity (i.e. you cannot delete someone else’s data without their consent).

If you take no action, the data will be securely disposed automatically in due course as part of our routine maintenance activities. Complaints, corrections, or objections If you have any questions or concerns about information, we hold about you, or need to correct inaccurate information, please contact us at support@steelbuildmasters.co.uk , call on 0800 368 9100 or mail us on the following address - Steel Build Masters Limited, Twyford Mill Farmhouse West, Pig Lane, Bishop's Stortford, Hertfordshire, CM22 7PA.