Policy brief & purpose
Sellar Design and Development Limited is committed to protecting the privacy and security of your personal information.
Please read the following carefully to understand our practices regarding how we handle information we collect from you or that you provide to us or which we otherwise learn about you from our relationships with you.
Who Are We?
We, Sellar Design and Development Limited (“Sellar’, “we”, “us” or “our”), are the owner and operator of the website at www.sellar.com. We are registered in the United Kingdom under company number 06380928 and our registered office is at 40-44 Clipstone Street, London W1W 5DW.
Tel: +44(0)20 3102 0400.
How We Collect Your Personal Information
We obtain information about you when you:
- register and/or subscribe for our updates and services;
- make contact with us in person or through any other means, for example, telephone, email and/or social media platforms; or
- use our website, for example, we may collect details of your visits to our website including time, traffic data, communication data, location data, your IP address and your browser type and operating system.
We may also collect and aggregate information about your computer for system administration and website analytics. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.
We may obtain information about your general internet usage by placing certain types of information called “cookies” in your web browser software or the hard drive of your computer. Cookies are sent back only to the website that placed them when a visitor returns to that site.
Cookies help us to:
- estimate our audience size and usage pattern;
- store information about your preferences, and so allow us to improve our Website and to deliver a better and more personalised service; and
- remember your session identification, thereby maintaining your session while you are logged in to our site.
Some of the cookies we use are essential for our website to operate.
It is possible to switch off cookies by setting your browser preferences. Turning cookies off may result in a loss of functionality when using our website.
The Information We Hold About You
The personal information we collect might include:
- Identity Data (includes first name, last name, title, date of birth and gender).
- Contact Data (includes home address, email address and telephone numbers).
- Technical Data (includes internet protocol (IP) address, login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on devices used to access the Website).
- Usage Data (includes information about how you use the Website and our Services).
The Ways We Use Your Information
The Purposes for which we will use your personal information.
- to supply services and information requested by you, for example, where you have made a request to register and/or subscribe for our updates and services or in response to any issues or concerns you may raise with us;
- to monitor customer communications for quality and training purposes;
- to improve upon, develop and personalise our services;
- for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into such a contract;
- for compliance with a legal obligation to which we are a subject;
- to pursue our legitimate interests; or
- where you have given us your express consent.
We may use your information in order to:
- carry out our obligations arising from any agreements entered into between you and us;
- notify you about changes to our services;
- for our internal business record keeping, tax, accounting and audit purposes;
- in connection with legal and regulatory matters that we need to deal with.
If you have registered for marketing messages from us you can change your preferences at any time by contacting us at firstname.lastname@example.org or by clicking the unsubscribe button in our marketing emails. Please note that it sometimes takes a short amount of time to fresh our records for these purposes. If, for whatever reason, your opt-out request has not been fulfilled, please let us know and we will attempt to resolve the problem.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
In some circumstances (for example when we collect statistical data about our users’ browsing actions and patterns) we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
If you fail to provide certain information when requested, we may not be able to perform any contract we have entered into with you, or we may be prevented from complying with our legal obligations.
Change of purpose
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
Lawful Basis for Use of Your Personal Information
We will only use your personal information when the law allows us to. Most commonly, we will use your personal information on one of the following lawful bases:
- Where we need to perform the contract we are about to enter into or have entered into with you.
- Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- Where we need to comply with a legal or regulatory obligation.
We may share your personal data with our contractors and service providers for our business purposes. Such recipients include advertising and/or marketing agencies, IT specialists, database providers, backup and disaster recovery specialists and/or email providers.
We may also share your personal information with third parties where required by law, where it is necessary to administer our relationship with you or where we have another legitimate interest in doing so.
Where permitted by the provisions of applicable law, we may share such information from time to time with any agent, contractor, supplier, vendor, or third party service providers who provide administration, logistics or other services to us which are relevant to the services which we provide to you or who otherwise assist us in conducting our business.
All our third party service providers are required to take appropriate security measures to protect your personal information. We do not allow our third party service providers to use your personal information for their own purposes. We only permit them to process your personal information for our specified purposes and in accordance with our instructions.
We may also need to share your personal information with a regulator or to otherwise comply with the law.
Transferring information outside of the EEA
We may transfer your personal information outside of the European Economic Area (“EEA”).
Whenever we transfer your personal information out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- we will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal information by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries; or
- where we use certain service providers, we may use specific contracts approved by the European Commission which give personal information the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries.
Please contact us if you want further information on the specific mechanism used by us when transferring your personal information out of the EEA.
We have appropriate security measures in place to protect against the accidental loss, misuse, access and/or alteration of the information you provide. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality. We have taken steps in order to minimise cyber threats and in turn ultimately protect personal data, for example our use of multi-factor authentication. We use multiple layers of security across our infrastructure. Our systems are policy driven and enforced across our business. In addition, we undertake annual cyber threat assessments including penetration testing to ensure any new threats are discovered and mitigation plans implemented.
We will notify you and any applicable regulator of a suspected breach where we are legally required to do so.
Rights of Access, Correction, Erasure, and Restriction
Your duty to inform us of changes. It is important that the personal information we hold about you is accurate and current. Please keep us informed of any changes to your personal information of which we need to be made aware.
Your rights in connection with personal information
Under certain circumstances, by law you have the right to:
- Request access to your personal information. This enables you to receive details of the personal information we hold about you and to check that we are processing it lawfully.
- Request the correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us to continue to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
- Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
- Request the restriction of the processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another person.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if any request made by you is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
Right to Withdraw Consent
In those circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing.
Changes to this Policy
Questions and Complaints Regarding this Policy
You have the right to make a complaint at any time to the Information Commissioner’s Office (“ICO”), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.