GSM Group logo

GSM Privacy Statement
We are committed to safeguarding the privacy of our website visitors and service users.

In this policy we explain how we will handle your personal data, the conditions under which we may disclose it to others and how we keep it secure.

We may change this Policy from time to time so please check this page occasionally to ensure that you’re happy with any changes. By using our website or being a service user, you’re agreeing to be bound by this Policy.

Any questions regarding this Policy and our privacy practices or requests for information should be by email to leecowley@gsmgroup.co.uk

Who are we?
We are GSM Graphic Arts Limited. Our registered office is Castlegarth Works, Thirsk, North Yorkshire, YO7 1PS, UK.

How we collect your personal data
Website, telephone, lead forensics, email enquiries, business cards, contracts and orders for goods or services

'Cookies' are small pieces of information sent by an organisation to your computer and stored on your hard drive to allow that website to recognise you when you visit. They collect statistical data about your browsing actions and patterns and do not identify you as an individual. For example, we use cookies to store your country preference. This helps us to improve our website and deliver a better more personalised service.

Blocking Cookies – You may block cookies by updating your browser settings. How to do this varies from browser to browser, if you are in doubt you should consult the ‘Help’ function for your particular provider.

How we use your personal data?
Usage Data - We may process data about your use of our website. This may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of use. The source of the usage data is our analytics tracking system and may be processed for the purposes of analysing the use of the website.

The legal basis for this processing is consent. We will never publish your information without your expressed written consent.

Enquiry Data - We may process information contained in any enquiry you submit to us regarding products and services. The enquiry data may be processed for the purposes of offering, marketing and selling relevant products and services to you.

The legal basis for this processing is the performance of a contract between you and us or taking steps, at your request, to enter into such a contract.

Transaction data - We may process information relating to transactions, including purchases of goods and services, that you enter with us either directly or via our website. The transaction data may include your contact details, your card details and the transaction details and this may be processed for supplying the purchased items and keeping proper records of those transactions. Debit or credit card data will not be retained.

The legal basis for this processing is the performance of a contract between you and us or taking steps, at your request, to enter into such a contract and our legitimate interests, namely our interest in the proper administration of our website and business.

Notification data - We may process information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters.

The legal basis for this processing is consent

Who has access to your information?
We may disclose your personal data to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) as reasonably necessary for the purposes set out in this policy.

We may disclose your personal data to our insurers and/or professional advisers as reasonably necessary for the purposes of obtaining and maintaining insurance coverage, managing risks, obtaining professional advice and managing legal disputes.

Financial transactions relating to our website and services may be handled by our payment services providers, SagePay, Amex, Worldpay, Elevon, Lloyds. We will share transaction data with our payment services providers only to the extent necessary for processing your payments, refunds and dealing with related complaints and queries relating.

In addition, we may also disclose your personal data if necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.

We will not sell or rent your information to third parties.

We will not share your information with third parties for marketing purposes.

We will not contact you for marketing purposes by post, email, phone or text message unless you have given your prior consent

Your rights
The accuracy of your information is important to us. You have the following rights;

1. To access personal information, we hold about you. Personal data that we process for any purpose shall not be kept for longer than is necessary for that purpose.

2. To be informed as to how we process that data. Providing the rights and freedoms of others are not affected, we will supply to you a copy of your personal data.

3. To withdraw consent.

You have a choice about whether or not you wish to receive information from us and can change your marketing preferences at any time by contacting us by email: unsubscribe@gsmgroup.co.uk or by clicking the unsubscribe button on our website home page www.gsmgraphicarts.com

4. To rectification if you believe we hold incorrect personal data.

5. To restrict the processing of data but this depends on the legal basis for holding the data. For example, not if the legal basis is the performance of a task carried out in the public interest or in the exercise of any official authority.
If you make such an objection, we will cease to process the personal information unless we can demonstrate compelling

6. To erase personal data that is no longer necessary for the purposes of which the data was collected.
However, there are exclusions to the right to erasure which override your interests, rights and freedoms;
• where processing is necessary for exercising the right of freedom of expression and information
• for compliance with a legal obligation
• for the establishment, exercise or defense of legal claims.

7. To data portability in a readable format;

8. To object and complain to a supervisory authority if you consider that our processing of your personal information infringes data protection laws

Security precautions in place to protect the loss, misuse or alteration of your information

When you give us personal information, we take steps to ensure that it’s treated securely. Any sensitive information is encrypted and protected.

Non-sensitive details may be transmitted over the Internet, and this can never be guaranteed to be 100% secure. As a result, while we strive to protect your personal information, we cannot guarantee the security of any information you transmit to us, and you do so at your own risk. Once we receive your information, we make our best effort to ensure its security on our systems.

Links to other websites
Our website may contain links to other websites run by other organisations. This privacy policy applies only to our website‚ so we encourage you to read the privacy statements on the other websites you visit. We cannot be responsible for the privacy policies and practices of other sites even if you access them using links from our website.

In addition, if you linked to our website from a third-party site, we cannot be responsible for the privacy policies and practices of the owners and operators of that third-party site and recommend that you check the policy of that third-party site.

This Policy was last updated in May 2018