About This Policy
This Privacy Standard sets out how we handle the Personal Data of our customers, suppliers, employees, workers and other third parties.
This Privacy Standard applies to all Personal Data we process regardless of the media on which that data is stored or whether it relates to past or present employees, workers, customers, clients or supplier contacts, shareholders, website users or any other Data Subject.
We are committed any to protecting all personal data and believe everyone has a right to know how we use it.
It has been assumed that all the people who have booked the services of Nottingham Pet Crematorium are over the age of 18 so therefore we do not collect personal information relating to children or minors.
We will ensure this policy is updated as data protection law or business practice changes.
Data Protection Officer
Our Data Protection Officer (also known as DPO) is John Harbury-Carlisle who may be contacted via email at email@example.com or via post as stated on the website.
Nottingham Pet Crematorium ICO (Information Commissioners Office) reference is: ZA431177
Data Subjects have rights when it comes to how we handle their Personal Data. These include rights to:
- withdraw Consent to Processing at any time;
- receive certain information about the Data Controller’s Processing activities;
- request access to their Personal Data that we hold;
- prevent our use of their Personal Data for direct marketing purposes;
- ask us to erase Personal Data if it is no longer necessary in relation to the purposes for which it was collected or Processed or to rectify inaccurate data or to complete incomplete data;
- restrict Processing in specific circumstances;
- challenge Processing which has been justified on the basis of our legitimate interests or in the public interest;
- prevent Processing that is likely to cause damage or distress to the Data Subject or anyone else;
- be notified of a Personal Data Breach which is likely to result in high risk to their rights and freedoms;
- make a complaint to the Information Commissioners Office (ICO);
We only use the data we collect either on the basis of your consent or based on a contract between us (e.g. when you book a cremation or other services).
Please note – When your rights are exercised we will ensure we conduct the appropriate identification checks to ensure your privacy is safeguarded. To exercise your rights, you will need to formally request this via email or by post. We will endeavour to respond to this type of query within 48 hours of notification receipt.
Personal Information we collect
In order to provide our customers with the best possible service we collect the following information:-
Name – Forename, surname and title
Contact Details – Postal address, phone number and email address
Please note – We do not hold or store payment method details.
How we use your personal information
We only use any information you provide in the following manner: –
- Manage your pets’ cremation and ancillary purchases
- Processing of your payments.
How we collect your personal information
We only collect the information as follows: –
- A client will contact Nottingham Pet Crematorium directly to arrange an individual cremation or burial for a companion animal
- Full personal information (as stated above) is provided by the client on arrival and annotated onto a handwritten form.
- A copy of the handwritten form is then given to the client for their records.
Legal Basis of processing
- Contract: Our use of your data will be because of the contract we have in place between us in relation only to the services we have provided. We will usually retain any relevant data for up to six years from the date of the contract completion e.g. the agreed date of the cremation or burial service.
- Legal obligations: We are under certain binding legal obligations such as accounting to the government (HMRC) and making financial records available to our Accountants. As per UK tax law we are obliged to retain specific financial data for up to seven years from the date of transaction.
- Legitimate Interests: We may use data to manage our operations and to make any appropriate business improvements. Our legitimate interests will never override your rights to privacy.
Sharing Personal Data
In general, we are not allowed to share Personal Data with third parties unless certain safeguards and contractual arrangements have been put in place.
We may only share the Personal Data we hold with another employee if the recipient has a job-related need to know the information We may only share the Personal Data we hold with third parties, such as our service providers if:
- they have a need to know the information for the purposes of providing the contracted services;
- sharing the Personal Data complies with the Privacy Notice provided by you;
- any third party has agreed to comply with the required data security standards, policies and procedures and put adequate security measures in place; and
- a fully executed written contract that contains GDPR approved third party clauses has been obtained.
Security of your data
We protect your data with various technological and physical security measures. We regularly test and evaluate our security systems, updating safeguards as appropriate.
Our staff are trained in the importance of data security and we treat breaches of confidentiality and privacy as a disciplinary matter.
25th May 2018