Who we are
This website is operated by Symprove Ltd, a company incorporated in England with company number 05395143 and whose registered office is at Sandy Farm, The Sands, Farnham, Surrey GU10 1PX.
We collect, use and are responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union and the United Kingdom and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
Throughout our website we may link to other websites owned and operated by certain trusted third parties. These other third-party websites may also gather information about you in accordance with their own separate privacy policies. For privacy information relating to these other third-party websites, please consult their privacy policies as appropriate.
Our collection and use of your personal information
We collect personal information about you when you access our website, register with us, contact us, send us feedback, purchase products via our website and complete customer surveys or participate in competitions via our website.
We collect this personal information from you either directly, such as when you register with us, contact us, enter competitions or purchase products via our website or indirectly, such as your browsing activity while on our website (see ‘Cookies’ below).
The personal information we collect about you depends on the particular activities carried out through our website. This information includes:
- your name, address, email address and contact details including your telephone number
- date of birth
- bank account and payment details
- details of any feedback you give us by phone, email, post or via social media e.g. your reasons for using our products
- information about the products we provide to you
- your account details, such as username, login details
We use this personal information to:
- create and manage your account with us
- verify your identity
- provide goods to you
- customise our website and its content to your particular preferences
- notify you of any changes to our website or to our services that may affect you
- improve our services
Special categories of personal information
We may also collect, store and use special categories of personal information. Special categories of personal information mean personal information about your race, health, any medical condition, health and sickness records, medical records and health professional information.
We will only process special categories of personal information if:
- we have a lawful basis for doing so e.g. it is necessary for the performance of a contract, to comply with our legal obligations or for the purposes of our legitimate interests; and
- one of the special conditions for processing special categories of personal information applies e.g:
- you have given your explicit consent;
- the processing is necessary for exercising yours or our legal rights or obligations;
- the processing is necessary to protect your vital interests and you are physically incapable of giving consent;
- processing relates to personal information which is manifestly made public by you;
- the processing is necessary for the establishment, exercise or defence of legal claims; or
- the processing is necessary for reasons of substantial public interest.
Our legal basis for processing your personal information
When we use your personal information, we are required to have a legal basis for doing so. There are various legal bases on which we may rely, depending on what personal information we process and why.
The legal bases we may rely on include:
- consent: where you have given us clear consent for us to process your personal information for a specific purpose
- contract: where our use of your personal information is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract for example, to fulfil an order you have made through our website
- legal obligation: where our use of your personal information is necessary for us to comply with the law (not including contractual obligations) e.g. for business accounting and tax purposes
- legitimate interests: where our use of your personal information is necessary for our legitimate interests or the legitimate interests of a third party (unless there is a good reason to protect your personal information which overrides our legitimate interests)
Who we share your personal information with
We routinely share your personal information with carefully selected third-parties. These third parties include companies who deal with our accounting services and software, marketing, payment services, courier and delivery services, emails and website hosting.
We may share your personal information with any member of our group which means our subsidiaries, our holding company and its subsidiaries, as further defined in section 1159 of the Companies Act 2006.
We may disclose your personal information to third parties in the event that we sell or buy any business or assets, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets.
We will share personal information with law enforcement or other authorities if required by applicable law.
We will not share your personal information with any other third party unless we have your consent to do so.
Transfer of your information out of the UK
The EEA, UK and other countries outside the EEA and the UK have differing data protection laws, some of which may provide lower levels of protection of privacy.
It is sometimes necessary for us to share your personal data to countries outside the UK and EEA. In those cases we will comply with applicable UK and EEA laws designed to ensure the privacy of your personal data.
For example, we will transfer your personal data to our service providers located outside the UK in the United States of America.
Under data protection laws, we can only transfer your personal data to a country outside the UK/EEA where:
- in the case of transfers subject to UK data protection law, the UK government has decided the particular country ensures an adequate level of protection of personal data (known as an ‘adequacy regulation’) further to Article 45 of the UK GDPR.
- in the case of transfers subject to EEA data protection laws, the European Commission has decided that the particular country ensures an adequate level of protection of personal data (known as an ‘adequacy decision’) further to Article 45 of the EU GDPR. In addition, EEA data protection laws provide that transfers of personal data to the UK are lawful under an interim arrangement (UK interim bridge) while the European Commission seeks to determine if the UK can be granted a longer-term adequacy decision;
- there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for you, or
- a specific exception applies under relevant data protection law
Where we transfer your personal data outside the UK, we do so on the basis of an adequacy regulation or (where such is not available) legally-approved standard data protection clauses recognised or issued further to Article 46(2) of the UK GDPR. In the event we cannot or choose not to continue to rely on either of those mechanisms at any time we will not transfer your personal data outside the UK unless we can do so on the basis of an alternative mechanism or exception provided by UK data protection law.
Where we transfer your personal data outside the EEA we do so on the basis of the UK interim bridge or an adequacy decision or (where such is not available) legally-approved standard data protection clauses issued further to Article 46(2) of the EU GDPR. In the event we cannot or choose not to continue to rely on either of those mechanisms at any time we will not transfer your personal data outside the EEA unless we can do so on the basis of an alternative mechanism or exception provided by applicable data protection law.
For further information about such transfers and the safeguards we employ, please contact us (see ‘How to contact us’ below).
Consequences of not providing your personal information
You are not obligated to provide your personal information to us. However, as this information is required for us to provide our services, we will not be able to offer some, or all, of our services without it.
Cookies and other tracking technologies
For further information on cookies please see our https://www.symprove.com/policies/privacy-policy.
We would like to send you information about our products, competitions and special offers, which may be of interest to you. Where we have your consent or it is in our legitimate interests to do so, we may do this by post, email, telephone, text message (SMS) or automated call. If you are an existing customer, we will only contact you by electronic means (e-mail or SMS) with information about goods and services similar to those which were the subject of a previous sale to you.
You can opt out or unsubscribe at any time by:
—contacting us at using the contact details set out below
—using the ‘unsubscribe’ link in emails or ‘STOP’ number in texts
It may take up to 30 days for this to take place.
For more information on your rights in relation to marketing, see ‘Your rights’ below.
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
- fair processing of information and transparency over how we use your use personal information
- require us to correct any mistakes in your information which we hold
- require the erasure of personal information concerning you in certain situations
- receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party in certain situations
- object at any time to processing of personal information concerning you for direct marketing
- object to decisions being taken by automated means which produce legal effects concerning you or similarly significantly affect you
- object in certain other situations to our continued processing of your personal information
- otherwise restrict our processing of your personal information in certain circumstances
For further information on each of those rights, including the circumstances in which they apply, see the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the General Data Protection Regulation.
If you would like to exercise any of those rights, please:
- email, call or write to us
- let us have enough information to identify you (e.g. account number, username, registration details),
- let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and
- let us know the information to which your request relates including any account or reference numbers, if you have them
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Retention of personal information
We only retain your personal information for as long as is necessary. We are required under applicable tax laws to keep your basis information (name, address, contact details) for a minimum of seven years after which time it will be destroyed.
Where you have consented to us using your details for direct marketing, we will keep such personal information until you notify us otherwise and/or withdraw your consent.
How to complain
We hope that we can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you the right to lodge a complaint with a supervisory authority, in particular in a European Economic Area state or in the United Kingdom if you work, normally live or if any alleged infringement of data protection laws occurred in the relevant state. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/make-a-complaint/ or telephone: 0303 123 1113.
How to contact us
If you wish to contact us, please send an email to firstname.lastname@example.org , write to Sands Road, The Sands, Farnham, Surrey GU10 1PX or call 01252 413600.
Policies and Procedures
We have the following policies available for public access:
- Subject Access Request Form
- Subject Access Request Procedure
- Data Retention Erasure Policy
If you would like a copy of any of the above policies, please contact us at email@example.com.
Last updated 20th August 2021
The Website is operated by Symprove Ltd, a company incorporated in England with company number 05395143 and whose registered office is at Sandy Farm, The Sands, Farnham, Surrey GU10 1PX.
What are cookies?
Cookies are small pieces of data stored in text files that are saved on your computer or other devices when websites are loaded in a browser. They are widely used to remember you and your preferences, either for a single visit (through a "session cookie") or for multiple repeat visits (using a "persistent cookie").
Session cookies are temporary cookies that are used during the course of your visit to the Website, and they expire when you close the web browser.
Persistent cookies are used to remember your preferences within our Website and remain on your desktop or mobile device even after you close your browser or restart your computer. They ensure a consistent and efficient experience for you while visiting the Website and Services.
Cookies may be set by the Website ("first-party cookies"), or by third parties, such as those who serve content or provide advertising or analytics services on the Website ("third party cookies"). These third parties can recognize you when you visit our website and also when you visit certain other websites. You may learn more about cookies and how they work in this guide.
What type of cookies do we use?
We will ask for your consent to place cookies or other similar technologies on your device, except where they are essential for us to provide you with a service that you have requested.
The information below sets out the cookies we use and why:
Necessary cookies allow us to offer you the best possible experience when accessing and navigating through our Website and using its features. For example, these cookies let us recognize that you have created an account and have logged into that account to access the content.
Functionality cookies let us operate the Website and Services in accordance with the choices you make. For example, we will recognize your username and remember how you customized the Website and Services during future visits.
These cookies enable us and third party services to collect aggregated data for statistical purposes on how our visitors use the Website. These cookies do not contain personal information such as names and email addresses and are used to help us improve your user experience of the Website.
Social media cookies
Third party cookies from social media sites (such as Facebook, Twitter, etc) let us track social network users when they visit or use the Website and Services, or share content, by using a tagging mechanism provided by those social networks.
These cookies are also used for event tracking and remarketing purposes. Any data collected with these tags will be used in accordance with our and social networks’ privacy policies. We will not collect or share any personally identifiable information from the user.
What are your cookie options?
If you don't like the idea of cookies or certain types of cookies, you can change your browser's settings to delete cookies that have already been set and to not accept new cookies. For further information about cookies and how to disable them please go to the guidance on cookies published by the UK Information Commissioner’s Office, www.aboutcookies.org or www.allaboutcookies.org.
Please note, however, that if you delete cookies or do not accept them, you might not be able to use all of the features the Website and Services offer.
Changes and amendments
We reserve the right to modify this Policy or its terms relating to the Website and Services at any time, effective upon posting of an updated version of this Policy on the Website. When we do, we will revise the updated date at the bottom of this page. Continued use of the Website and Services after any such changes shall constitute your consent to such changes.
Acceptance of this policy
You acknowledge that you have read this Policy and agree to all its terms and conditions. By accessing and using the Website and Services you agree to be bound by this Policy. If you do not agree to abide by the terms of this Policy, you are not authorized to access or use the Website and Services.
This document was last updated on August 20th, 2021