GDPR Strategy

Paving the Way Since 1985

Introduction

The General Data Protection Regulation (GDPR) is a legal framework set up by the European Union in April 2016 to build upon existing data protection legislation. GDPR came into effect on 25th May 2018, and has introduced a range of fresh guidelines spelling out the rights of consumers and dictating how companies can store and share information.

As a hugely significant change to the global business landscape, it is critical that Country Garden Patio Centre Ltd embraces all aspects of GDPR to maintain full compliance.

Our Data Protection Notice

Country Garden Patio Centre Ltd collects, processes and stores the information and personal data you submit to our website in relation to [INSERT REASON FOR DATA PROCESSING]. All processing activities shall be carried out in accordance with your individual rights as defined by the European Union’s General Data Protection Regulation.

Please note that by submitting information about yourself through our website, you are agreeing for Country Garden Patio Centre Ltd to process and store that data. This data shall be stored only for the duration of the previously outlined purpose for collection. We never store or process your data longer than we need to, and we do not use your data for any purpose other than those you have agreed to.

The data you submit to our website will never be shared with or transferred to a third-party organisation. The following partners are exempt from this policy as they assist Country Garden Patio Centre Ltd in processing your personal data and delivering its services;

Google (Analytics & Search)

Facebook (Shop Integration)

Instagram (Linked to Facebook)

Twitter (Linked through Sharing Options)

 

You reserve the right to request that Country Garden Patio Centre Ltd update your personal data at any time. You can also request information about your personal data, withdraw your consent for us to process your information or request a transfer or deletion of your data.

For more information about Country Garden Patio Centre Ltd and how we protect and secure your data, consult our Privacy Policy.

Our obligations for GDPR compliance

Here at Country Garden Patio Centre Ltd, we fully appreciate and support the European Union’s focus on expanding upon digital rights. As a company, we strongly believe in the need for greater business transparency and accountability concerning the collection and handling of personal data.

That is why Country Garden Patio Centre Ltd is a firm advocate of GDPR and its many implications. These include among many other aspects:

  • The Right to Object to Processing

     

  • The Right to Be Forgotten

     

  • The Right to Data Portability

     

  • The Right to Withdraw Consent

     

As part of our commitment to GDPR and the rights of our customers and clients, Country Garden Patio Centre Ltd vows to ensure our organisation considers and actions all necessary changes surrounding data processing, data storage and the disposal of personal data.

This includes a commitment to fully fulfil Breach Disclosure Requirements by notifying authorities and concerned individuals of any compromise within 72 hours. Moreover, as part of our GDPR strategy, Country Garden Patio Centre Ltd will complete impact assessments wherever possible, to identify and deliver the best service possible, as well as to extend our customers a guarantee that data is being kept secure.

Furthermore, we pledge to uphold the following key values and responsibilities:

Country Garden Patio Centre Ltd’s strategic values and responsibilities

  • We vow to demonstrate full responsibility and dutiful respect as a keeper of customer, client and employee data.
  • We totally support GDPR and its requirements, and will do everything within our power to appropriately resource and fund any changes we must enforce to ensure Country Garden Patio Centre Ltd can meet its obligations.
  • We promise to maintain ownership and transparency concerning data protection and privacy across all elements of our company.
  • We pledge to create and maintain a purposeful data processing inventory documenting all data operations, including collection, processing and storage.
  • We guarantee to extend every possible show of support to individuals intent on exercising their rights as outlined under GDPR legislation.
  • We will conduct a regular review to assess the legality and purpose for the collection, processing and storage of personal data.
  • We vow to act upon identified gaps and develop robust processes to maintain full GDPR compliance.
  • We promise to clearly communicate the business purpose and legal grounds for any transfer of data – including transfer outside of the European Union.
  • We will contact all partner organisations, contractors or other third parties to identify their own GDPR commitments, establish relevant contract terms and solidify GDPR compliance controls.