Privacy Policy

 
PRIVACY NOTICE
 
We want to bring this Privacy Notice to you at the time we are collecting your personal data. We want you to be fully aware that when we process your personal data that we are processing it in compliance with the General Data Protection Regulations. 
 
This page informs you of our Privacy Notice regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.
 
We may also use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this Privacy Notice.
 
Definitions:
 
‘We’, ‘us’, or ‘our’ means:  Ltd with registered offices at 10 Maybells Commercial Estate, Ripple Road, Barking, Essex, 1G11 0TP (‘UD’) 
 
UD Ltd is in the business of selling disposable containers (‘Products’) to customers both from its whole sale outlet and also online (the ‘Service’).
 
‘Service’ means that UD are in the business of selling Products from its whole sale outlet to customers and also online to customers who are over the age of 18 years.
 
‘Cookies’
 
Cookies are small pieces of data stored on your device (computer or mobile device). 
 
‘Joint Controllers’
 
Means Ikram Shaikh & Rajni Vara who determines the purposes for which and the manner in which any personal data is processed.
 
‘Processors (or Service Providers)’
 
 Processor (or Service Provider) means any natural or legal person who processes the data on behalf of the Controller.
 
We may use the services of various Service Providers in order to process your personal data more effectively.
 
Roles & Responsibilities
 
Controller
Ikram Shaikh  
Email: ikramudl@gmail.com  
 
Controller
Rajni Vara 
Email: r.vara1@ntlworld.com 
 
Cookies 
 
We use cookies that are in-built to the server. This internal cookie is used only for statistical purposes. 
 
Cookies are used for the following purposes:
 
To monitor the monthly sales of UD’s Business 
To clarify issue(s) regarding any sales; 
To check purchases and whether refunds can be issued 
 
We do not process any of your personal data for profiling purposes. 
 
How do we obtain your Personal Data
 
We can only obtain your personal data directly from you, the purchaser. This is because you will need to enter some of your personal data and register with us before you can use this service. 
 
What Personal Data we Require from you? 
 
Before we can deal with your enquiry we will require the following information from you:
 
Your full name 
Your address 
Email address (including Internet protocol address) 
Your mobile number 
 
From the information you provide us you will be generated a unique identification number. 
 
Your personal data will be shared with:
 
1. Processors who need to ensure due deliver of the Products to you;
2. Processors for tax and legal compliance reasons;
3. Processors that may maintain the website services. 
 
Your personal data may also be shared with regulatory authorities, courts, tribunals, government agencies and law enforcement agencies.  We may also be required to disclose your information to comply with legal or regulatory requirements. We will do our best to notify you before we do this, unless there are legal restrictions. 
 
Credit and debit card companies which facilitate your payments to us, and anti-fraud screening, which may need information about your method of payment and flight booking to process payment or ensure the security of your payment transaction;
 
Legal and other professional advisers, law courts and law enforcement bodies in all countries we operate in in order to enforce our legal rights in relation to our contract with you;
If you are located outside United Kingdom and choose to provide information to us, please note that we transfer the data, including personal data, to United Kingdom and process it there.
 
 
Legal Requirements by us of Disclosure of Your Personal Data 
 
We may disclose your personal data in the good faith belief that such action is necessary to:
To comply with a legal obligation
To protect and defend our rights or property
To prevent or investigate possible wrongdoing in connection with the Service
To protect the personal safety of users of the Service or the public
To protect against legal liability
 
 
Principle 1 - Lawful Purpose (Article 5 of the GDPR) - Personal Data – 
 
We will be processing your personal data in order to ensure the following:
 
we can fulfil our contractual obligations with you; or  
you have given is your explicit consent in which case you have the right to withdraw consent at any time; or 
legitimate interest reasons 
 
Sensitive Data (Special Categories of Personal data) – 
 
We do not process any sensitive data. [write a letter making sure gender and DOB taken off]
 
Principle 2 - Specific Purpose & Limited (Articles 5 & 6 of the GDPR) 
 
We aim to process your personal data for specific, explicit and legitimate purposes. 
 
We only require your full name, address, mobile number and email in order to perform its functions. 
 
Principle 3 - Adequate, Relevant & Limited 
 
We only want to keep your personal data and sensitive data which is: adequate, relevant & limited 
 
Retention Policy 
 
During the duration of your use of  UD ’s website you will be able to carry out the following:
 
1. delete your personal data
2. update your personal data 
3. you can always request the deletion of your personal data by contacting the Controller directly via: 3. ikramudl@gmail.com 
 
We do not want to retain your personal data for longer than is necessary and therefore every three months you will be reminded by us as to whether you want to delete your personal data. 
 
If you do decide to delete your personal data, you will need to re-register your details if you decide to purchase any children’s products from UD . 
 
We will retain your personal data for legal and tax compliance reasons. Please refer to UD ’s Retention Policy. 
 
We do this in our effort to ensure that we are always GDPR compliant. 
 
Use of Your Personal Data
 
We may use your personal data for various purposes:
 
1. To provide and maintain our Service
2. To notify you about changes to our Service
3. To allow you to participate in interactive features of our Service when you choose to do so
4. To provide customer support
5. To gather analysis or valuable information so that we can improve our Service
6. To monitor the usage of our Service
7. To detect, prevent and address technical issues
 
We will do our utmost to ensure that any collection is minimal and is necessary to ensure the Service we provide to you. 
 
Our Right to delete your Personal Data 
 
In certain circumstances we will delete your personal data.
 
The reasons could be:
1. there is no lawful reason for us to keep your personal data 
2. We have reason to believe that the purchases have been made by a person under the age of 18 years 
3. we detect systematic abuse by you of the UD ’s website 
4. any other reason which includes governmental or regulatory reasons which are outside our control 
 
If we do delete your personal data we will notify you. 
 
Principle 4 & 5 - Accuracy of your Personal Data - Principle 4 & 5 (Article 5 of 
the GDPR) 
 
We want to ensure that your personal data is kept up to date and therefore this UD’s website provides you with the facility to update and change your personal details at any time.  
 
Principle 6 - Ensuring Security 
 
The security of your  personal data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.
 
We follow strict security procedures in the storage and disclosure of your personal data, and to protect it against accidental loss, destruction or damage. The data you provide to us is protected using SSL (Secure Socket Layer) technology. SSL is the industry standard method of encrypting personal information and credit card details so that they can be securely transferred over the Internet. 
 
We may disclose your information to trusted third parties for the purposes set out in this Privacy Policy. We require all third parties to have appropriate technical and operational security measures in place to protect your personal data, in line with Irish and EU law on data protection rules.
 
Children's Privacy
 
Our Service does not address anyone under the age of 18 ("Children").
 
We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Children has provided us with personal data, please contact us. If we become aware that we have collected personal data from children without verification of parental consent, we take steps to remove that information from our servers.
 
Transfer of Personal Data Overseas 
 
We will not be transferring any of your personal data abroad or overseas unless governmental, international laws or regulatory laws require us to transfer your personal data. We will do our utmost to keep you informed of any transfer. 
 
If in the future we decide transfer your personal data abroad, we will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this Privacy Notice and no transfer of your personal data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.
 
Your Rights - While we keep your personal data you have the following rights:
Right to be informed 
Right to request access to your personal data, know as a ‘Subject Access Request’ (SAR)
Right to restriction of your personal data 
Right to rectification of your personal data 
Right to object to the processing of your personal data (see right to object notice) 
Right to erasure of your personal data 
Right not to be subjected to automated decision making processing 
Right to Data Portability – we do not have this system currently in place 
Right to make a complaint 
 
Subject Access Request requirements - A SAR can be requested verbally by you, however in order for us to ensure that we can verify your ID we will require you to:
a) complete a SAR Form. This form can be requested from either of the Joint Controllers;
b) return the SAR Form with a certified copy of your ID and also your 2 month’s utility bills. You can also attend the offices in order to verify your ID; 
c) We will not be under any obligation to provide you with any personal data unless your ID is verified. 
d) A Subject Access Notice will accompany your personal data. 
 
Subject Access Requests – Time-scale - We aim to process the SAR within 1 month from the point we receive verification of your ID, however  in certain circumstances we may extend the period for a further 2 months. We will notify you of the reasons for such delay at the outset.  
 
We aim to provide your SAR in electronic form, unless you require this in a hard-copy format. 
 
Your control over Your Personal Data 
 
You can gain full access to your personal data by accessing your account settings. 
 
You can update or delete your personal data directly within your account settings section.
 
1. If you are unable to perform these actions yourself, please contact us via: 1. ikramudl@gmail.com 
 
 
RIGHT TO OBJECT
 
You have the right at any time to object to the processing of your Personal Data.
 
Please contact the controller if you object.
 
Controller
Ikram Shaikh  
Email: ikramudl@gmail.com  
 
Controller
Rajni Vara 
Email: r.vara1@ntlworld.com 
 
 
By objecting this means that we will deactivate your account and you no longer will be able to use the website to purchase Products. 
 
In certain circumstances you may not have the right to object. 
 
We will notify you of this promptly if we cannot respond to such right. 
 
Changes To This Privacy Notice 
 
We may update our Privacy Notice from time to time. We will notify you of any changes by posting the new Privacy Notice on this page. We will do this by sending you an email or a text. 
 
Termination by you of our Services
 
You can at anytime deactivate the use of our Service. 
 
By deactivating use you will automatically delete all your personal data and you will no longer be able to use the Services. 
 
Contact Us
If you have any questions about this Privacy Notice, please contact us:
 
Controller
Ikram Shaikh  
Email: ikramudl@gmail.com  
 
Controller
Rajni Vara 
Email: r.vara1@ntlworld.com 
 
 
Complaints - In the event that you wish to make a complaint about how your personal data is processed by us then please make your complaint to the following person(s):
 
Controller
Ikram Shaikh  
Email: ikramudl@gmail.com  
 
Controller
Rajni Vara 
Email: r.vara1@ntlworld.com 
 
The contact details of the Information Commissioner’s Office are as follows: 
 
Tel: 0303 123 1113 
 
Please also request the firm’s ‘Complaint’s Policy’ from any member of the firm.