For us to process your order, we need to know your name, email address, delivery address and credit/debit card details. We will never collect sensitive information about you without your explicit consent. If we intend to transfer your information outside the EEA (European Economic Area) we will always obtain your consent first. The information we hold will be accurate and up to date. You can check the information that we hold about you by emailing us at firstname.lastname@example.org. If you find any inaccuracies we will delete or correct it promptly.
When you enter credit card information to the DrayTEL web site our secure servers ensure that all details are encrypted at your browser before they are sent to us. During the order process we store your personal details on in-house secure servers. We store credit card details separately on servers that are not reachable from the Internet. The servers are physically secured under a locking system.
We may use technology to track the patterns of behaviour of visitors to our site. This can include using a "cookie" which would be stored on your browser. You can usually modify your browser to prevent this happening. The information collected in this way can be used to identify you unless you modify your browser settings. If you have any questions/comments about privacy, you should email us at email@example.com.
The Data Protection Act 1998 requires us, as registered Data Controllers, to be open about our holding and use of personal data. It also entitles individuals to find out from us what personal data is held about them on computer, to have that information corrected or erased if it is inaccurate, and to claim compensation if they can prove they have suffered damage from an inaccuracy or breach of security. DrayTEL is committed to upholding the eight Data Protection Principles of good information handling practice.
As Registered data controllers, we must comply with the Data Protection Principles in relation to the personal data we hold. Broadly they state that personal data shall:
1. Be obtained and processed fairly and lawfully.
2. Be processed only for limited purposes which are described in the register entry.
3. Be adequate, relevant and not excessive in relation to the purpose for which they are held.
4. Be accurate and, where necessary, kept up to date.
5. Be held no longer than is necessary for the purpose for which they are held.
6. Be processed in accordance with the data subjects rights.
7. Be surrounded by proper security.
8. Not be transferred to countries outside the EEA without adequate protection.
For further details about the Data Protection Act, please contact Elizabeth France, The Data Protection Registrar:
The Data Protection Registrar
Email address: firstname.lastname@example.org
Information Line: +44 (1625) 545745
Switchboard: +44 (1625) 545700