GDPR PRIVACY NOTICE
We ask that you read this privacy notice carefully as it contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have a complaint.
1. WHO WE ARE
Datatag ID Ltd with its registered offices at 1 Brassey Road, Old Potts Way, Shrewsbury, Shropshire, SY3 7FA and its offices at Marine House, Thorpe Lea Road, Egham, Surrey, TW20 8BF collects, uses and is responsible for certain personal information about you.
When we do so we are regulated under the General Data Protection Regulation which applies across the European Union (including in the United Kingdom) and we are responsible as ‘controller’ of that personal information for the purposes of those laws.
2. THE PERSONAL INFORMATION WE COLLECT AND USE
2.1 Information collected by us
In the course of providing our Scheme Services or our Products to you we collect the following personal information when you provide it to us:
Information you submit via our website such as when placing your product order and through the use of emails and cookies to identify you, information that you provide when filling in our registration forms on our Website including your name, address, date of birth, gender, email address, the make and model of your asset, including the colour, registration, chassis/VIN and engine number; your credit or debit card details, change of asset ownership details.
2.1.1 Personal Data collected for all products ( except ICE labels see 2.1.2 d) below):
Username, Name Title, Forename, Middle name, Last name, Company, Company Contact, Address (including Town, County and Postcode), Country Code, Email Address, Contact Telephone Number, Mobile Number, Work Telephone Number, Date of Birth, Gender, Insurance Renewal Date, Insurance name, Insurance Policy Number, Agreement Number, Agreement Start Date, Agreement End Date, Marketing Consent, Last Login Date, Terms Agreed.
2.1.2 Additional data collected by asset type:
a) MASTER/MOTORCYCLE SCHEME
The type of Powered Two Wheeler (PTW) asset, make, model, colour, vehicle identification number (VIN), engine number, vehicle registration number (where applicable), power to weight ratio, fuel type (diesel, petrol, electric, other), cubic capacity (cc), seating capacity.
If you have been the victim of a crime we also collect data such as the date your vehicle was stolen, crime reference number and the police station at which the crime was reported.
We also collect information relating to your use of our Website and your computer, phone or tablet in accordance with our Cookies Policy https://www.datatag.co.uk/cookies.php
b) CESAR SCHEME
The equipment type, make, model, colour, vehicle identification number (VIN), serial number, vehicle registration number (where applicable), ignition key number, date of equipment manufacture, date of first registration, registration year, certification of conformity number, country of equipment origin, wheel plan, fleet number, fuel type (diesel, petrol, electric, other), livery, gross weight, engine number, cubic capacity (cc), mileage, hours worked, equipment condition, attachments, gearbox number, HOSDB category, transmission serial number, transmission module number, cab serial number.
If you have been the victim of a crime we also collect data such as the date your vehicle was stolen, crime reference number and the police station at which the crime was reported.
We also collect information relating to your use of our Website and your computer, phone or tablet in accordance with our Cookies Policy https://www.datatag.co.uk/cookies.php
c) COMPASS SCHEME
The type of marine asset, the date of manufacture, length, unit of length, engine type (inboard/outboard), inboard engine make, hull identification number, horse power (for motors), fuel type (diesel/petrol/electric/other), sail number (where appropriate), name of craft, serial number, distinguishing marks/features, valve (range) and images.
If you have been the victim of a crime we also collect data such as the date your asset was stolen, crime reference number and the police station at which the crime was reported.
We also collect information relating to your use of our Website and your computer, phone or tablet in accordance with our Cookies Policy https://www.datatag.co.uk/cookies.php
d) IN CASE OF EMERGENCY (ICE) LABELS SPECIAL CATEGORY DATA
Datatag have introduced their own In Case Of Emergency (ICE) label using QR code technology to link your emergency contact details through to a central secure database. This helps ensure that no matter what your condition, critical medical information is available to those who need it in the event of an emergency. The ICE label allows fast and accurate identification of a casualty by the emergency services in those vital first few minutes. Datatag collects the following special category data but only where you have given your clear and explicit consent to the collection of and processing of such data in the event of an emergency: medical Information*, allergies*, distinctive marks*, piercings*, special needs*. 2.2 Information collected from other sources
We also obtain personal information from other sources as follows:
1. Original equipment manufacturers who may have originally fitted Datatag’s security Products on their equipment particularly in the case of the MASTER (Motorcycle), CESAR and the COMPASS Schemes;
2. Dealers who may have fitted Datatag’s security Products onto your asset, particularly in the case of MASTER (Motorcycle), CESAR and COMPASS Schemes;
3. Insurers; where you may have been the victim of crime and your asset has been reported to insurers and the police, we may receive your information from insurers for crime and theft prevention purposes.
4. Police and other crime prevention authorities and agencies; we may receive information from crime prevention authorities.
2.3 We use your personal information to:
1. To complete your transaction request if you purchase our Products.
2. To register you in our Datatag Secure Database to provide you with Scheme Services where you have purchased our Products directly or through purchasing an asset which already has our Product fitted onto it (e.g. motorcycle).
3. For the purposes of crime prevention through recording your asset details and where necessary and or appropriate, assisting the relevant authorities should your asset be stolen.
4. Where you have given explicit consent we may use your personal information for marketing purposes from time to time.
2.4 Who we share your personal information with
We share your personal data with;
1. We use third party processors to assist us in maintaining the Datatag Secure Database and in providing Scheme Services. Please contact dataprotection@datatag.co.uk should you wish to receive full details.
2. We will share personal information with law enforcement or other public authorities and regulators if required by applicable law.
2.5 Whether information has to be provided by you, and if so why.
You will be required to provide your name, address, email address, telephone number, asset details to enable us to register you on the Secured Database to provide you with our Scheme Services. You will be informed at the point of which information is collected from you, whether you are required to provide the information to us. If you choose not to, we may not be able to provide our Scheme Services to you.
2.6 How long your personal information will be kept
We will hold your personal data until you notify us you no longer wish to receive our Scheme Services.
2.7 Reasons we can collect and use your personal information
We rely on legitimate interests as the lawful basis on which we collect and use, process and store your personal data. Our legitimate interests are crime prevention.
2.8 Consequences of our use of your personal information
We use your data so that if your asset is stolen we can aid in its recovery.
2.9 Transfer of your information out of the EEA
We may transfer your personal information to the following which are located outside the European Economic Area (EEA) as follows:
USA Insightly who provides us with our CRM services for our CRM software.
Such countries do not have the same data protection laws as the United Kingdom and EEA. Whilst the European Commission has not given a formal decision that others provide an adequate level of data protection similar to those which apply in the United Kingdom and EEA, any transfer of your personal information will be subject to the US-EU Privacy shield. The General Data Protection Regulation is designed to help safeguard your privacy rights and give you remedies in the unlikely event of a misuse of your personal information. Further information can be found on https://www.privacyshield.gov/participant?id=a2zt00000004EW0AAM&status=Active
If you would like further information please contact the Data Protection Manager in writing at Marine House, Thorpe Lea Road, Egham, Surrey, TW20 8BF. We will not otherwise transfer your personal data outside of the United Kingdom or to any organisation (or subordinate bodies) governed by public international law or which is set up under any agreement between two or more countries.
3. YOUR RIGHTS
Under the General Data Protection Regulation you have a number of important rights free of charge. In summary, those include rights to:
• Fair processing of information and transparency over how we use your use personal information.
• Access to your personal information.
• Require us to correct any mistakes in your information which we hold.
• Require the erasure of personal information concerning you in certain situations.
• Receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit that data to a third party in certain situations.
• Object at any time to processing of personal information concerning you for direct marketing.
• Object in certain other situations to our continued processing of your personal information.
• Otherwise restrict our processing of your personal information in certain circumstances.
If you would like to exercise any of those rights, please:
• Email, call or write to our Data Protection Manager.
Please let us have:
(i) Enough information to identify you e.g. your name, address and asset.
(ii) Proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill).
(iii) The information to which your request relates.
If you would like to unsubscribe from any email newsletter from us you can also click on the ‘unsubscribe’ button at the bottom of the email newsletter. It may take up to 5 days for this to take place.
Keeping your personal information secure
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
We carry industry accreditation for privacy of information including Secure by Design and Loss Prevention Certification Board.
How to complain
We hope that our Data Protection Manager can resolve any query or concern you raise about our use of your information.
The General Data Protection Regulation also gives you right to lodge a complaint with a supervisory authority, in particular in the European Union (or European Economic Area) state where you work, normally live or where any alleged infringement of data protection laws occurred. The supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.
Changes to this privacy notice
This privacy notice was published in 2014 and last updated on 22nd May 2018.
We may change this privacy notice from time to time so you may wish to check for any updates.
How to contact us
Please contact us if you have any questions about this privacy notice or the information we hold about you.
If you wish to contact us please send an email to dataprotection@datatag.co.uk, write to us at Marine House, Thorpe Lea Road, Egham, Surrey, TW20 8BF or call us on 0345 070 0440.
The terms “we”, “our” and “us” when used in this Privacy Policy means Datatag ID Ltd. The terms “you” and “your” when used in this Privacy Policy means you as a user of our Website.
Personal Data includes but is not limited to username (chosen by a user and which is unique to the user), password, title, forename, middle name, surname, telephone number, date of birth, address and email address.
Products means all Datatag Products https://www.datatag.co.uk/consumer.php including those for the COMPASS, CESAR and MASTER Schemes.
Any other Asset Data means all Datatag Products which are not included within the Schemes such as Stolen Assets Data or other assets which are not marked with Datatag products but which assets which may have been stolen or recovered and notified to Datatag by law enforcement agencies, insurers or loss adjusters.
Asset Data means the COMPASS Scheme Asset Data, the MASTER Scheme Asset Data and the CESAR Scheme Asset Data.
COMPASS Asset Data; the type of marine asset (for example kayaks, canoes, motorboats, narrowboats, outboards, personal watercraft, RIBs, rowing scull, sailing yacht, speed boat, tender, trailers) the make, model, colour, material, the date of manufacture length, unit of length, engine type (inboard / outboard), inboard engine make, model, number (where appropriate), hull identification number (HIN), hire purchase, (for motors) fuel type (diesel / petrol / electric / other), sail number (where appropriate), name of craft, serial number, distinguishing marks / features, value (range) and image(s).
MASTER Asset Data; means the type of Powered Two Wheeler (PTW) asset, make, model, colour, vehicle identification number (VIN), engine number, vehicle registration number (where applicable), power to weight ratio, fuel type (diesel, petrol, electric, other), cubic capacity (cc), seating capacity.
CESAR Asset Data; means the equipment type, make, model, colour, vehicle identification number (VIN), serial number, vehicle registration number (where applicable), ignition key number, date of equipment manufacture, date of first registration, registration year, certification of conformity number, country of equipment origin, wheel plan, fleet number, fuel type (diesel, petrol, electric, other), livery, gross weight, engine number, cubic capacity (cc), mileage, hours worked, equipment condition, attachments, gearbox number, HOSDB category, transmission serial number, transmission module number, cab serial number.
Scheme means the COMPASS/MASTER/CESAR Scheme which are industry approved Schemes and for which Datatag has been appointed as the provider of the technology used in crime prevention, reduction and in the recovery of stolen assets.
Theft Data means The date the theft started and ended, the theft postcode, the location and description of the theft, the Police Force Area (for police users only), incident number (for police users only), a crime reference number (for police users only), a police description (for police users only), insurance company and insurance reference.
Recovery Data the date the Asset was recovered, the type of recovery, the police force name, the name of the police officer and the location of the recovery.
Scheme Services means the registration of your information and your asset in our Secure Database which can be checked in the event your asset is stolen in order to aid crime prevention agencies in the recovery of your asset.
Secured Database; the Datatag Database which has been accredited with ISO: 9001: 2015 LPS1224 ISO27001.