CoreRFID is committed to protecting and respecting your privacy and meeting the provisions of the General Data Protection Regulations (GDPR) which came into effect on 25th May 2018.
This webpage tells you about our data protection practises and our privacy & cookies policies, specifically:
- What personal information is collected, why we collect it and how it is used
- Our policy on sharing this information
- How you can exercise your rights under GDPR.
- CoreRFID and the Data Protection Officer
- How we update this policy
Plain English Summary
We take your privacy very seriously.
Children (under 18s) are not eligible to use our services and should not submit any personal information to CoreRFID.com.
Any personal information provided to us is only used for the purposes indicated below. Information supplied with orders or support requests is only used for that purpose. Information supplied when you consent to receiving marketing information is similarly protected.
Our websites do use some cookies when you browse them. These are used to ensure proper running of our sites, and also to help us improve your experience when browsing. They do not identify you as an individual.
If you don’t know what cookies are or if you would like to find out more, please read this guide: “What are cookies?”.
Should you send us an email via the form in the contact page, your name, email address and message will be emailed to us (as you would expect). This information is kept private. We will store this information within our own email system so that we are able to respond to you. It will not be used for any other purpose unless you specifically allow it.
Should you comment on a blog post or web page on any of our sites, then your name, email address, IP address and message will be stored in our website database (as you would expect). This makes your name, website address and comment (but not your email address) viewable by the general public on the website. We will not use that data other than as is necessary to respond to it.
What Personal Information Is Collected, Why & How Is It Used?
We process three sorts of third party personal information:
- Information provided during our sales enquiry, ordering and support processes.
- Information collected for marketing purposes.
- Information supplied to our on-line services such as CheckedOK.
Information provided by you for sales enquiry, ordering and support processes is only used to provide the order fulfilment and post-sales service required. We only collect information explicitly provided by you in emails or through on-line forms. We do not derive personal data from, for example, location data or other sources. Personal data from sales enquiries and from ordering is retained for as long as is necessary to fulfil orders, provide proof of purchase, handle payment queries and validate subsequent warranty or other support claims. Personal data from support requests is retained until the completion of the support call or until further support calls are considered unlikely. We consider this class of processing “Legitimate Interest” under GDPR. Personal information supplied in this way is not used for marketing purposes unless you opt in to receiving marketing information from us. We may ask you if you wish to opt in to marketing from us. Opting in to marketing communications is never a condition of satisfying orders, handling enquiries or delivering support.
We may collect personal information from various sources to allow us to introduce ourselves and to ask for your consent to engage in marketing. We consider that this is processing with legitimate interest. If you opt in to receiving marketing information from us we will treat your personal information according to the GDPR regulations governing the processing of personal information under “Consent” and using it only for the purposes for which you give consent. Personal information supplied for marketing may be used to send you newsletters, product information, details of offers or events from CoreRFID.
Where CoreRFID provides services for other organisations, it can be the processor of personal data. This data is kept separate from our administration and marketing data and is covered by separate privacy policies and service agreements.
We do not use personal data for automated decision making. Where consent is given for processing personal information for marketing purposes we may use that with information on products or services purchased to suggest other relevant products or services.
CoreRFID is a small company and, while we try to maintain a separation between sales, marketing, administration and support functions, staff from one area sometimes carry out activities in another. If you feel that this has resulted in your data being misused please contact us.
Our Policy On Sharing Information
CoreRFID will not sell or rent personal data supplied for sales, marketing or support purposes to any third party. We may share personal data provided for sales enquiry, ordering and support purposes with suppliers or other organisations that we consider could assist in responding to the request. We consider this is a case of lawful processing with legitimate interest. We do use third party organisations to host personal data and take measures to ensure the privacy and security of data held there.
How You can Exercise Your Rights
Under the GDPR you have the following rights:-
- To be informed of how your personal data is handled
- To request access to the personal data we hold about you.
- To request correction of any personal data that we hold about you.
- To request erasure of your personal data you consider that we do not need it any longer for the purposes for which it was originally collected it or where you have withdrawn your consent for its use and we rely on that consent.
- To restrict the processing of any personal data that we hold about you.
- To receive a machine-readable copy of any personal data that we hold about you.
- To object to processing of your personal data where we are relying on a legitimate interest and you consider that this does not apply and to withdraw your consent where we are relying on that for processing your personal data.
- To have any automated decision making or profiling reviewed or substituted.
Data Protection Officer
We have reviewed our processes in order to determine if we need to appoint a Data Protection Officer. We have concluded that this is not necessary, because:-
- CoreRFID is not a public body.
CoreRFID does not have core activities which require large scale, regular and systematic monitoring of individuals (for example, online behaviour tracking)
- CoreRFID’s core activities do not involve large scale processing of special categories of data or data relating to criminal convictions and offences.
Our web sites use two types of cookies:
(1) Essential Cookies
These are cookies needed to allow you to navigate our site and without them we cannot provide you with the services that you have requested. These cookies are exempt from legislation.
(2) Performance Cookies
Cookies are used only to provide alternative content to returning visitors. They do not compromise your privacy or security as they store a randomly generated identifying tag on your computer. Cookie information does not include personal data such as name, age, phone number, email address or mailing address. In addition, we do not link cookies to personal data such as name, age, phone number, email address or mailing address. Most browsers are initially set up to accept cookies.
If you would prefer, you can set your browser to stop cookies being placed on your PC – please refer to your specific Internet browser for instructions.
We do not combine traffic analysis information with personal information such as name, age, phone number or mailing address.
How We Update This Policy
If our policy changes then we will update this page. Please check back here if you are in any way concerned about the privacy of any of your data held by CoreRFID.