Who we are
JJ Disney Limited is a lift consultant and training provider, registered in England (No: 5378284). Our registered address is Lakeview House, 4 Woodbrook Crescent, Billericay, Essex CM12 0EQ. You can find out more about us at www.jjdisney.com and contact us by emailing email@example.com.
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
What personal data we collect and how we use it
We (or third party data processors, agents and sub-contractors acting on our behalf) may collect, use, store and transfer the following kinds of personal data:
- Data provided to us when you contact us by phone, email or letter.
- Data when you visit and use our website.
- Payment, invoicing and transaction data.
- Records of work carried out, including records of people we have trained.
- Marketing and communications data, including your preferences in receiving marketing from us.
- Data from third parties including, for example, business partners, suppliers and sub-contractors.
We may use the data we collect to fulfil the contract we are about to enter into or have entered into with you, to manage our relationship with you, where it is necessary for our legitimate interests (or those of a third party), where we need to comply with a legal or regulatory obligation, and to improve our services. If you are already our customer, we will only contact you electronically about things similar to what was previously sold to you. If you are a new customer, you will only be contacted if you agree to it.
Who we share your data with
We share information as below but we never sell it to third parties:
- Data is shared with our training instructors, with organisations that supply services to you on our behalf and with our business partners.
- Records of training candidates are processed through an automated system and data is held on servers located in the US.
- If you use our website contact form, your submission data — your name, email, telephone number (if provided), message, IP address and browser type — is submitted to an automated spam detection service.
- Emails and documents are held in the Cloud within a secure infrastructure.
- Credit card payment transactions are securely processed through a third party payment provider called Square using servers located in Europe and the US.
- We disclose data if we have a legal obligation to do so, or in order to protect other people’s property, safety or rights.
- We exchange information with others to protect against fraud or credit risks or for the purposes of the legitimate interests pursued by us such as our financial payments.
How long we retain your data
We will keep personal data for as long as is necessary which is usually the life of our relationship and up to a period of seven years after our relationship has ended. We may however be required to retain personal data for a longer period of time to ensure we comply with our legislative and regulatory requirements. If you consent to receiving marketing communications you can opt out at any time using the link in each message and your data will be immediately removed from our mailing list. We review our data retention obligations to ensure we are not retaining data for longer than we are legally obliged to.
Where we store your data and security
Data security is of great importance to us, and to protect your data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure data. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We may transfer data to storage outside the European Economic Area (EEA). It may be processed outside the EEA to deliver our services and deal with payment or for spam detection purposes. If we do store or transfer data outside the EEA, we will take all reasonable steps to ensure that your data is treated as safely and securely as it would be within the EEA. Such steps may include, but not be limited to, the use of legally binding contractual terms between us and any third parties we engage with.