Anglia Farmers Limited (AF) and all its wholly owned subsidiary companies (collectively known as “The AF Group”) are committed to protecting and respecting your privacy.
This Policy sets out the basis on which AF (“We” or “Us”) collects personal data from you and the way in which it will be processed by us. Please read this Policy carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purposes of the relevant data protection legislation, the “controller” (or “data controller”) is Anglia Farmers Limited of Honingham Thorpe, Colton, Norwich, Norfolk, NR9 5BZ. Questions, comments and requests regarding this Policy are welcomed and should be addressed to email@example.com.
We collect different types of information about you for the following reasons:
We collect information from you when:
In order to become a shareholding member of AF, the minimum information we require is your full business trading title, a contact name, address, telephone number, email address and your bank account details. During the course of your membership, we may collect additional information about you if it has been provided using the above methods.
During the membership application process, we may ask for trade references to ensure that you are able to meet your liabilities to the AF Group.
To ensure we comply with our legal obligations, we may also collect personal data for our health and safety records and to enable us to perform any due diligence necessary to enter into a contract. For example, we may ask you to provide the following documentation;
We reserve the right to disclose or share your personal data in order to comply with any legal requirements, enforce our membership rules and regulations, or any other agreement we enter into with you, or to protect the rights, property, or safety of our business and other members. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
All calls to and from the AF office landline phone numbers are recorded, with the exception of calls where payment is taken, when the recording is manually terminated.
In order to meet our obligations to you under a contract, we may use your data in the following ways:
For our legitimate interests, we may also use your data to;
We also record all calls made to and from the AF office landline numbers. Access to a recorded call will only be given when the request has been approved by at least two senior managers and when there is a valid reason for needing to access the call recording. We process this data for our legitimate interests for;
If we need to process your personal data for a reason which is not outlined above, we shall contact you in order to obtain your prior consent for such use.
Where we pass your personal information to our selected third party suppliers, we will only provide the information that is necessary to deliver the goods / service or perform the obligations in a contract. We have a contract in place with our suppliers that requires them to keep your information secure and not to use it for their own direct marketing purposes. AF will never sell your personal data or pass it to any other third parties without your consent.
We reserve the right to disclose or share your personal data in order to comply with any legal requirements, enforce the terms and conditions in our contract, or any other agreement we enter into with you, or to protect the rights, property, or safety of our business and other members, suppliers and contractors. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
Offsite backups are securely held by InTouch Systems as part of our disaster recovery plan, to ensure that we can get back up and running quickly in the event of a disaster.
We upload a small amount of personal data, namely email addresses, to Campaign Monitor in order to provide email marketing services. This data may be stored or transferred outside of the European Economic Area (EEA). We have additional EU Standard Contractual Clauses in place with Campaign Monitor to protect this data.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data when it is being transmitted to us. Any transmission is at your own risk. Once we have received your information, we will use strict safeguarding procedures and security features to try to prevent any unauthorised access to your personal data.
Call recordings will be retained for a maximum of six months.
We will hold personal data and bank account details for the duration of your membership.
Transactional data including invoices will be held for at least the minimum amount of time that we are legally required to hold it for.
Please see the relevant sections below for further details on your rights as a data subject. You can exercise any of the above rights by emailing us at firstname.lastname@example.org.
We will endeavour to comply with any request made within one month from the date of your request. However, we may extend this date to two months if the request is excessive or of a repetitive nature. If we need more than one month to meet your request we will let you know.
Please note that where we receive requests under this section which are manifestly unfounded or excessive, in particular because of their repetitive character, we may:
You have the right to request access to the information that we hold on you. In order to protect your information, we may take reasonable steps to verify your identity before we can hand over your data.
You have the right to ask us to update any personal information that is incomplete or inaccurate. We will endeavour to ensure that if we update your information, we will pass this onto our selected third parties, including suppliers and contractors.
You have the right to ask us to delete your personal data if;
You have the right to ask us to restrict or supress the processing of your personal data if;
We will endeavour to ensure that where you have asked us to restrict the processing of your data, we will inform our selected third parties, including suppliers and contractors accordingly.
You have the right to receive a copy of your data in a commonly used machine-readable format for transfer to another controller, provided the data was processed for the purpose of a contract between us and the processing is being carried out by automated means.
This will allow you to move, copy or transfer personal data easily from one IT environment to another. Alternatively, we can transmit such data directly to another organisation. Please note that we will not be able to comply with a data portability request if this will affect the rights and freedoms of others.
You have the right to restrict processing based on legitimate interests. If you exercise your right to object, we will stop processing your personal data unless;
If you consider that we are in breach of our obligations under the GDPR you have the right to complain to the Information Commissioner’s Office (ICO).
We keep this policy under regular review. This policy was last updated on 14/05/2018.