Information that you provide by filling in forms on www.pattonair.com (our “Site”). This includes information provided at the time of registering to log-in to our customer or supplier portals (“Portals”), posting material or requesting further services. We may also ask you for information if you report a problem with our Site. If you contact us, we may keep a record of that correspondence. We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them. We may also retain:
We may collect information about the device you use to browse our Site, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users' browsing actions and patterns, and does not identify any individual.
A cookie is a small file of letters and numbers that we store on your browser or device if you agree.
We use the following types of cookies:
You can refuse to accept all or some cookies by modifying settings within your browser (for guidance on how to do this visit www.aboutcookies.org). However, if you block strictly necessary cookies, you may be unable to access certain parts of our Site.
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us, our parent company or for one of our suppliers. Since Pattonair is a global company, we often need to transfer personal data about our clients to other Pattonair branches located in different jurisdictions, including the United States. Where this happens, your personal data is protected by means of a data sharing agreement which we have put in place between the various Pattonair companies who have access to it.
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data once it reaches us, we cannot guarantee the security of your data transmitted to our site. Any transmission is at your own risk. Once we have received your personal data, we will employ a variety of physical and technical measures to keep it safe and prevent unauthorised access to, use or disclosure of it. We control who has access to your data (using both physical and electronic means). These means include an electronic firewall and other protection measures that involve virus-scanning, installation of security patches, vulnerability testing, backup and recovery planning and other steps designed to improve data protection. Our staff receive data protection training and we have a set of detailed procedures, which they are required to follow when handling personal data.
We will only use your personal data where the law allows us to do so. Most commonly, we will use it:
We use information held about you in the following ways:
We may rely on legitimate interests to process your personal data, provided that your interests do not override our own.
Where we rely on legitimate interests, these interests are:
We may disclose your personal data to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. We may disclose your personal data to third parties:
We may also share your personal data with credit reference agencies (CRAs) for the purpose of credit risk assessment and they will give us information about you, such as about your financial history. We do this to assess creditworthiness, check your identity, manage your account, trace and recover debts and prevent criminal activity. We will also continue to exchange information about you with CRAs on an ongoing basis, including about your settled accounts and any debts not fully repaid on time. CRAs will share your information with other organisations. The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail at http://www.experian.co.uk/crain/index.html.
Our Site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies.
We collect and store personal data for purposes connected with our business. As such, we will only retain your personal data for as long as necessary for those purposes. We verify our records periodically and if we learn that you are no longer involved with a business that is in our database, we will erase your personal data.
We keep information which forms part of our business record for a minimum of seven years. That is because we may need it in some way to support a claim or defence in court. That is also the period within which our tax collecting authorities may demand to know it. We may retain certain records for longer than seven years in a few specific cases where required by law.
You have the right to ask us not to process your personal data for marketing purposes, we will inform you if we intend to use your data for such purposes or if we intend to disclose it to any third party for such purposes. You can also exercise the right at any time by contacting us at our Data Protection Department, Pattonair Limited, Ascot Business Park, Longbridge Lane, Derby DE24 8UJ.
You have the right to access any part of the personal data that Pattonair holds about you. Your right of access can be exercised in accordance with data protection law. Any access request will be processed and completed within 1 month of the request being made.
You have the right to request the deletion or removal of personal data in circumstances where there is no compelling reason for us to continue to hold or process it.
You have the right to obtain and re-use your personal data for your own purposes across different services. Your right to data portability can be exercised in accordance with the GDPR. Any request will be processed without undue delay, and the data will be provided in a structured and readable form.
Please keep in mind that there are exceptions to the rights above and, though we will always try to respond to your satisfaction, there may be situations where we are unable to do so (for example, because the data no longer exists or there is an exception which applies to your request).
If you believe that your data protection or privacy rights have been infringed, you should contact the UK Information Commissioner's Office, which oversees data protection compliance in the UK. Details of how to do this can be found at www.ico.org.uk.