Privacy Policy

V1.2

Date: February 2020

 

  1. Policy Statement

 

Policy Statement

Please read this Privacy Policy carefully as it describes the BioStart Security of Companies collection, use, disclosure, retention, and protection of your personal information. This Policy applies to any service, application or website which references this Privacy Policy.

About this Policy

BioStart Security of Companies takes the privacy of its customers (and their drivers) very seriously and is committed to protecting personal information. The Privacy Policy sets out the way in which any personal information you may provide to us is used and kept secure by the BioStart Security. It applies whenever we collect your personal data (including when you use our website or other digital products), so please read it carefully.

Key Objectives

  • To explain how we collect, use, disclose and store Personal Information.
  • To protect the privacy of individuals dealing with BioStart Security of Companies

 

  1. Definitions

 

Information

Means information or data (including critical business information) which is stored electronically, on a computer or authorised device (such as a company provided mobile phones, tablet, or in-car system), or in paper-based filling systems/locations.

Personal Data

Means any data relating to an identified or identifiable living individual who can be identified from that data (or from that data and other information in our possession). Personal data can be factual (for example, a name, address, date of birth, identification number, location data), or it can be an opinion about that person, their actions and behaviour. Personal data that has been anonymised can fall within the scope of Data Protection Legislation depending on how difficult it is to attribute the anonymised data to a particular system.

Cookies

A cookie is a small piece of data that a website asks your browser to store on your computer or mobile device. The cookie allows the website to “remember” your actions or preferences over time. Most internet browsers support cookies: however, users can set their browsers to decline certain types of cookies or specific cookies. Further, users can delete cookies at any time.

Data Protection Legislation

Means the Data Protection Act 2018 (which incorporates the General Data Protection Regulations (EU) 2016/679 (“GDPR”), and any national implementing laws, regulations, and secondary legislation, as amended or updated from time to time, in the UK.

Data Subjects

Means all the identified or identifiable living individual to whom the personal data relates. A data subject needs not be a UK national or resident. All data subjects have legal rights in relation to their personal information.

Data Subject Rights

Means the Data Subjects rights to be informed of the data being held about them, have access to the data (known as a Subject Access Request), ability to be able to rectify the data, to be forgotten – have that data erased, to restrict processing of the data (the data can be stored but nor processed). To be able to have the data transfer easily between IT environments (portability), to be able to object to certain processing aspects (such as marketing), as well as rights relating to automated decision making and profiling.

Processing

Means any activity that involves the use the data. It includes collection, recording, structuring or storage of the data, or carrying out any operation or set of operations on the data including organising, amending, retrieving, using, disclosing, erasing, or destroying it. Processing also includes transferring Personal Data to third parties.

Sensitive Personal Data (Special Categories of Personal Data)

Means the processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership. And the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation shall be prohibited.

 

  1. About BioStart Security

 

Who we are

This Privacy Policy applies to all products and services offered by The BioStart Security Limited (a company incorporated in England with company registration number 8348251) whose registered office address is Chargrove House, Main Road, Shurdington, Cheltenham, Gloucestershire, England, GL51 4GA.

If you have any questions

If you have any questions about this privacy notice, please contact our Data Protection Officer (DPO) by email info@biostartsecurity.co.uk or post 229 Bristol Road, Gloucester, GL1 5TL.

 

  1. Information we collect

 

What information do we collect and why?

We collect different information depending on what your relationship with us, the services you use, or your contracts with us (e.g., vehicle tracking management). We need to tell you what we use your information for and the legal grounds we must use this information.

In broad terms, we use your data for the following purposes:

  • To administer and provide products and services for our customers, or their drivers and to provide potential customers with information about products and services they have expressed an interest in.
  • To perform services that we are contracted to deliver.
  • For fraud screening and prevention purposes
  • For record keeping purposes e.g., financial records.
  • To track your activity on our websites or apps
  • Where we consider that you have a potential and legitimate reason for receiving the information

When you interact with our websites or digital platforms, we may also automatically collect the following information about your visit. This is primarily to help us to understand how our website visitors use our website to inform our marketing, enable us to create a better user experience or content and create more relevant communications:

  • How you have reached our website or digital platform and the IP (internet protocol) address used
  • Your browser type, versions and plug-ins, and your operating system
  • Your journey through our website, including which links you click on and any searches you made, how long you stayed on a page, and other page interaction information which may enhance user experience.

 

  1. How we use your data

 

Customers and their drivers

What information is collected?
§  Customer contacts.

§  Invoicing details.

§  Service level agreements.

§  Your vehicle details.

§  Driver personal details and contact information.

§  Information from the driver’s vehicle.

§  Customer contract.

 

 

What is it used for?
§  To manage the account on a day to day, month to month basis. To provide contracted services to the customer and their drivers as per the service level agreement.

§  To provide information to our customers e.g., Geofence, hours, speeding and driver behaviour.

 

What is the legal basis for collecting this information?
§  Performance of a contract

To allow us to complete the performance of our contract with you, we require you to provide the stated information (or access to the information).

§  Marketing

We will send customers marketing information on our other products and services based on legitimate interest where we believe that it will be of interest to the customer.

Prospective Customers

What information is collected?
§  Contact details provided by the prospective customer at the time of them making initial contact and making an enquiry. This might be in person, over the phone or via our website.

§  Contact details researched from public sources.

§  Third party data bought in from GDPR compliant marketing data services.

 

What is it used for?
§  To respond to the enquiry and provide any information required to fulfil the initial query and any subsequent queries.

§  To provide prospective customers information about our products and services where we consider the information that we send them is likely to be of interest.

 

What is the legal basis for collecting this information?
§  Legitimate Interest

It is in the legitimate interests of a person or organisation enquiry that we are able to contact them to provide them with the information necessary to satisfy their enquiry or for prospective customers to make them aware of our products.

Drivers

What information is collected?
§  Vehicle details such as VRM, make and model.

§  Driver personal details (name and address) including driver license information depending on how our customers use our products and services.

§  Information from the driver’s vehicle via the Protrack tracker.

§  Biometric data if using BioStart™ products.

 

 

What is it used for?
§  To provide contracted services as per the service level agreement with the customer.

 

What is the legal basis for collecting this information?
§  Performance of a contract

To allow us to complete the performance of our contract with our customer.

 

Suppliers

What information is collected?
§  Supplier contacts

§  Invoicing details

§  Service level agreements and capabilities

 

 

What is it used for?
§  To be able to place work with and direct work to the supplier.

§  To be able to pay for services delivered by the supplier

 

What is the legal basis for collecting this information?
§  Performance of a Contract

Additional Information

We may collect additional information as we develop new systems and services. This policy will be updated with the details if this the case as outlined in section 11 of this policy.

 

  1. Cookies

 

What cookies we use

We primarily use cookies on our website known as performance cookies, as well as authorisation cookies for our systems. BioStart Security do not use tracking cookies.

Performance cookies

Cookie Type
Google Analytics

 

What personal information is collected?
No personal data is collected

 

What is it for?
To collect anonymous information about how visitors, use our websites.

We use the information to compile analytical reports which help us improve our website.

The cookies collect information such as the number of visitors to our website, how they arrived there (e.g. directly from the internet or through linking from another website) and tracking which webpages they visited.

 

Further information
Persistent cookies – Examples of such cookie names are _ga _gat _gid

Google privacy details can be found here

 

  1. Sharing your information

 

Who we share your data with

To provide our products and services to you or to otherwise fulfil contractual arrangements that we have with you, we may need to appoint other organisations to carry out some of the data processing activities on our behalf.

These may include for example, the police (for the purposes of recovering stolen vehicles) garages, recovery organisations or other suppliers. They only use the information to provide their services to us.

We only give them the information that they need. We always keep control of our data, and our suppliers must act in accordance with our instructions.

In some circumstances, we may also have to disclose your personal information by law, because a court or the police or other law enforcement agency has requested it.

Where we hold your data for marketing purposes, we will not share this information with third parties, except where they are integral to the process of creating or sending the marketing material. e.g., Mailchimp

Criteria for sharing your data

We only share your data with third parties if:

  • They have a need to know the information for the purposes of providing the contracted services.
  • Sharing your Personal Data complies with the Privacy Policy and, if required, the Data Subject’s consent has been obtained.
  • The third party has agreed to comply with the required data security standards, policies and procedures and put adequate security measures in place or where we have verified that they have sufficiently robust practices and procedures in place.
  • The transfer complies with any applicable cross border transfer restrictions.
  • Where an appropriate written contract or agreement that contains data protection clauses has been agreed.

 

  1. Record Keeping

 

How we record the data we hold

We are required to keep full and accurate records of all our data processing activities.

 

  1. Your choices and obligations

 

How long we keep your data for

We only hold on to your personal information for as long as is necessary to provide services to you unless there is a requirement to hold that information for a longer period – for example where we are subject to a statuary obligation to keep hold of your information e.g. financial records.

To be able to fulfil our contractual obligations with our customers we typically retain any necessary data to meet these obligations for the duration of the contract (plus an additional 6 months to fulfil contract survival clauses or for legal obligations).

If there is a possibility that you may have a legal claim against us or you have made a complaint against us, then we will hold your information for the duration of any statuary limitation period associated with the claim.

All our marketing emails have an unsubscribe option clearly visible and you can also unsubscribe at any time be emailing us info@biostartsecurity.co.uk

Security and your data

The BioStart Security are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure we have put in place robust physical, electronic, and managerial procedures to safeguard and secure the information we collect, including for example data encryption and electronic password protection.

If at any point you become aware of a security incident or you have to reason to suspect that your data may have been compromised (e.g. you receive a suspicious communication about you or your vehicle), please forward the communication to us or report the incident by email to info@biostartsecurity.co.uk

If you have been the victim of a fraudulent transaction whether or not this relates to your dealings with The BioStart Security, you should always contact the police and/ or you bank in the first instance to ensure your own finances are secure.

More about your information – your rights

You may request a correction or update your personal information at any time by emailing info@biostartsecurity.co.uk

Please include your name, address, and email address when you contact us as this helps us to ensure that we accept amendments only from the correct person and can contact you to verify your identity should this be necessary. We encourage you to promptly update your personal information if it changes and we will action these as quickly as we reasonably can.

We will securely retain your information for as long as is reasonably necessary and in accordance with the law applicable at the time. If you wish to submit a request that your data be deleted, please email us using info@biostartsecurity.co.uk

You have the right to receive a copy of the personal information that we hold about you. Please email us using info@biostartsecurity.co.uk

If you have received marketing from The BioStart Security, you can unsubscribe at any time.

  • Complaints

Complaints to the regulator

If you do not think that we have processed your data in accordance with this notice, please contact us by email info@biostartsecurity.co.uk

If you are not satisfied with our response, you can refer the matter to the Information Commissioner’s Office. Information about how to do this is available on their website at www.ico.org.uk

  • Changes to this policy

Notification of changes

The BioStart Security reserve the right to change this policy at any time.

We recommend that you check this Privacy Policy from time to time as when we make any changes, we will update this Policy.