Supplier Privacy Policy

We take your privacy seriously and are committed to protecting your personal data. This privacy notice explains how we collect, use, share, store and protect your personal data in accordance with the UK General Data Protection Regulation (UK GDPR).

Please click here to see our Customer's Privacy Policy

Please click here to see our Unsubscribe from our marketing list

Who we are.

We are Tyson’s Ship Riggers Limited, Unit 4 Omega Business Park, Estate Road Number 6 Grimsby, North East Lincolnshire DN31 2TG, and we are the data controller responsible for your personal data. If you have any questions or concerns about our use of your personal data, please contact us using the details provided at the end of this notice.

The UK General Data Protection Regulation (UK GDPR) sets out seven key principles that we must follow when processing personal data.

These principles are:

• Lawfulness, fairness, and transparency: Personal data must be processed lawfully, fairly, and in a transparent manner.
  
  
• Purpose limitation: Personal data must be collected for specified, explicit, and legitimate purposes and not processed in a manner that is incompatible with those purposes.
  
  
• Data minimization: Personal data must be adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.
  
  
• Accuracy: Personal data must be accurate and, where necessary, kept up to date.
  
  
• Storage limitation: Personal data must not be kept for longer than is necessary for the purposes for which it is processed.
  
  
• Integrity and confidentiality: Personal data must be processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing, accidental loss, destruction, or damage.
  
  
• Accountability: We must be able to demonstrate compliance with the UK GDPR by implementing appropriate technical and organizational measures to ensure and be able to demonstrate that data is processed in accordance with the regulation.

What personal data we collect

We may collect the following types of personal data about you:

• Supplier Name/Business Name
• Email address
• Postal address
• Phone number
• Job title
• Company name
• Payment information

How we collect your personal data

Under the UK GDPR, any personal information that we collect about our suppliers must be processed lawfully, fairly, and transparently. We will only collect personal information that is necessary for the purposes for which it is being collected.

The ways in which we collect supplier information include:

• Information provided by the supplier: We may collect personal information about our suppliers directly from them when they provide us with information necessary for us to enter a contract with them, such as their name, contact details, financial information, and other relevant information required to establish and maintain a business relationship.
  
  
• Information from third-party sources: We may also collect personal information about our suppliers from third-party sources, such as credit reference agencies, to conduct background checks and ensure that they are creditworthy and suitable for a business relationship.
  
  
• Information generated during the business relationship: We may collect personal information about our suppliers during our business relationship, such as information about their performance, delivery history, and other relevant information.
  
  
• We will only use supplier information for the purposes for which it was collected, such as to maintain our business relationship, comply with legal obligations, and for legitimate business purposes.
  
  
• We will take appropriate measures to ensure the security and confidentiality of supplier information and will not disclose it to any third parties unless necessary for the purposes for which it was collected, or with the supplier's consent.

If a supplier has any concerns about the way in which their personal information is being collected, processed, or stored, they should contact us immediately.

How we use your personal data

The purposes of processing the supplier's personal data, in accordance with the UK GDPR, are as follows:

• To facilitate the placement of orders with suppliers on our system and to ensure that payments for invoices are sent to the correct address.
  
  
• To enable communication with suppliers for the purpose of placing and following up on orders.
  
  
• To send official orders to suppliers in writing via email.
  
  
• To process bank details in order to make BACS payments and pay supplier invoices.
  
  
• The main purpose of processing this data is to establish a contractual relationship between the customer and the supplier, which involves the exchange of goods and services.

Legal basis for processing your personal data.

We will only process your personal data if we have a lawful basis for doing so. The legal bases for processing your personal data are:

At Tyson's Ships Riggers Ltd, we process your general personal data in accordance with the lawful bases outlined in the UK GDPR.

Legitimate Interest: We have a legitimate interest in processing, collecting, and retaining the following data: supplier/business name, company address, contact telephone/fax numbers, and email addresses where permitted, and bank details for the processing of our purchase orders and purchase invoices.

Processing necessary for the performance of a contract with the data subject or to take steps to enter a contract: When we place an order by telephone or email, we enter a contract with (the supplier) and us, the customer. The supplier's part of the contract is to complete and deliver our order to us on time, and our part as the customer is to pay the supplier within the agreed terms that we have stated. This is agreed upon at the time by telephone or email.

How we share your personal data

Under the UK GDPR, any sharing of supplier information must be done in a manner that is compliant with the regulation. Personal information should only be shared with third parties if it is necessary for the purposes for which it was collected, or if the supplier has given their explicit consent.

There may be instances where we need to share supplier information with third parties, such as:

Service providers: We may share supplier information with service providers who are contracted to provide services to us, such as IT support, accountants to fulfil our tax obligations, to obtain financial advice, or to maintain accurate financial records. We will only share the information necessary for them to perform their services and will ensure that they are also compliant with the UK GDPR.

Regulatory bodies: We may share supplier information with regulatory bodies or law enforcement agencies where we are required to do so by law or where it is necessary to comply with a legal obligation.

Other third parties: We may share supplier information with other third parties with the supplier's explicit consent.

We will take appropriate measures to ensure that supplier information is kept secure and confidential when shared with third parties. We will also ensure that any third parties with whom we share supplier information are also compliant with the UK GDPR.

Suppliers have the right to know if their information has been shared with third parties and the reasons for this sharing. If a supplier has any concerns about the way in which their personal information is being shared, they should contact us immediately.

International transfers of your personal data

We may transfer your personal data to countries outside the UK and the European Economic Area (EEA). We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the UK GDPR or have appropriate safeguards in place.

How long we keep your personal data.

Under the UK GDPR, personal information must not be kept for any longer than necessary for the purposes for which it was collected. This means that we will only keep supplier information for as long as it is needed to maintain our business relationship, comply with legal obligations, and for legitimate business purposes.

The length of time we keep supplier information may vary depending on the nature of the information and the business relationship. Some factors that we consider when determining how long to keep supplier information include:

• The duration of the business relationship: We will keep supplier information for the duration of the business relationship and for a reasonable period thereafter. This allows us to maintain accurate records and to comply with any legal or regulatory requirements.
  
  
• Legal requirements: We may be required to keep supplier information for a longer period to comply with legal or regulatory requirements, such as tax or financial reporting obligations.
  
  
• Other legitimate business purposes: We may keep supplier information for other legitimate business purposes, such as to defend against legal claims or to maintain our internal records.

Once the retention period for supplier information has ended, we will securely dispose of the information in a manner that is compliant with the UK GDPR.

Suppliers have the right to request that their personal information be deleted or erased if it is no longer necessary for the purposes for which it was collected. If a supplier wishes to exercise this right, they should contact us to discuss their request.

Security

We are committed to ensuring that your information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. For added security we use an SSL Security Certificate on our website. This means that any information you send to us via our contact forms is encrypted and secure. Please find below the appropriate and technical oragnizational measures that we have put in place to safeguard and secure the personal data we collect.

These measures include:

• Regular reviews of our information security policies and procedures
  
  
• Access controls to restrict access to personal data to authorized personnel only.
  
  
• Use of encryption to protect personal data in transit and at rest.
  
  
• Regular training for staff on information security best practices
  
  
• Regular testing and monitoring of our systems and networks to identify and address vulnerabilities.

Your rights

You have the following rights in relation to your personal data:

Under the UK General Data Protection Regulation (UK GDPR), individuals have a number of rights in relation to their personal data. These rights include:

• Right to be informed: Individuals have the right to be informed about how their personal data is collected, processed, and used. This information should be provided in a clear and transparent manner, typically through a privacy notice.
  
  
• Right of access: Individuals have the right to access the personal data that organizations hold about them, and to receive a copy of that data. This includes information about the purposes of the processing, the categories of personal data concerned, and the recipients or categories of recipients to whom the personal data has been or will be disclosed.
  
  
• Right to rectification: Individuals have the right to request that any inaccurate or incomplete personal data is corrected or updated.
• Right to erasure: Individuals have the right to request that their personal data is erased or deleted in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected or processed.
  
  
• Right to restrict processing: Individuals have the right to request that the processing of their personal data is restricted in certain circumstances, such as when the accuracy of the data is contested, or when the processing is unlawful.
  
  
• Right to data portability: Individuals have the right to receive their personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
  
  
• Right to object: Individuals have the right to object to the processing of their personal data in certain circumstances, such as when the processing is based on legitimate interests or when the data is being processed for direct marketing purposes.
  
  
• Rights related to automated decision-making: Individuals have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects or similarly significant effects on them.

If you wish to exercise any of these rights, please contact us using the details provided at the end of this notice.

How to make a complaint

If you believe that we have violated your data protection rights under the UK General Data Protection Regulation (UK GDPR), you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's independent regulator for data protection.

To make a complaint, you should first contact us directly to raise your concerns and try to resolve the issue. You can do this by following by following the below instructions provided below.

To exercise all relevant rights, queries or complaints please in the first instance contact Mr Jonathan Tyson (DPO) By post – Tyson’s Ships Riggers Ltd, Unit 4 Omega Business Park, Estate Road No 6, Grimsby, N E Lincs, DN31 2TG. By e-mail jonathan@tysonsriggers.co.uk or by telephone 01472 347065.

If this does not resolve your complaint to your satisfaction, you have the right to lodge a complaint with the Information Commissioners Office on 0303 123 1113 or via email or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England.

Changes to this notice

We may update this privacy notice from time to time to reflect changes to our data practices or for other operational, legal, or regulatory reasons. We encourage you to review this notice periodically to stay informed about how we are protecting your personal data.

To unsubscribe from our marketing list please email us on web@tysonsriggers.co.uk and you will no longer receive marketing information from Tyson’s Ships Riggers Ltd.