Christie & Son is committed to preserving the privacy of our customers and employees. This privacy notice provides information about the personal information we process about you, in compliance with the General Data Protection Regulation (GDPR).
Certain rights in relation to personal data will not necessarily apply in all cases or to all personal data which is processed by us. For example, certain rights do not apply where we need to process personal data to comply with our legal duties.
- Christie & Son (Metal Merchants) Limited is a metal recycling business. ICO registration number Z6057914.
- Your rights: We are committed to protecting your rights to privacy. They include the right to:
- Be informed about what we do with your personal data.
- Have a copy of all the personal information we process about you.
- Rectification of any inaccurate or incomplete data.
- Be forgotten and your personal data destroyed.
- Restrict the processing of your personal data
- The personal data we process, why we process it and how long we keep it for: As a scrap metal dealer, we are required by legislation to keep certain records which may contain personal data. When determining the relevant retention periods, we will take into account factors including:
- Legal obligations under applicable law to retain data for a certain period of time.
- Statute of limitation under applicable law(s)
- (Potential) disputes, and, guidelines issued by relevant data protection authorities.
- Otherwise, we securely erase your information once this is no longer needed.
- Legitimate interests: We also process the following information because it is in our legitimate interests as a business buying and selling scrap metal to do so:
- CCTV footage
- Scrap metal dealer licence numbers, including documents related to our own licence
- Waste carrier registration numbers and any documentation related to our own licence
- Associated environmental permitting and waste shipment information
- Invoices, receipts and accounts, VAT and tax returns
- ID documentation such as passports, driving licences, utility bills.
Employee data: As an employer, we process personal data pursuant to contracts of employment with our employees and retained for no longer than is necessary for employment purposes and legal obligations.
- A full list of personal data held is supplied to our employees and includes information such as:
- Names, addresses and contact details. This may include next of kin details.
- Pay and Bank details. Curricula vitae, contracts of employment and appraisals, references.
- Health information with the employee's explicit consent, which may be withdrawn at any time.
- Photographs and copies of passport or other id documents.
- Sharing Personal data: We share personal data internally strictly on a need-to-know basis. Access to identity records and personnel files is limited to designated individuals. Hard copy documents are stored securely. Where these documents are stored electronically, they are protected and/or encrypted. We do not share personal data with anyone external to the organisation, other than:
- Cloud storage providers and IT support providers
- Accountants and other professional advisers
- HMRC and Companies House
- Police, Local authorities, SEPA, or other statutory bodies (where required by law).
- Pursuant to a court order.
- Banks are provided with bank account details in order for us to transfer payments due to you.
- Emergency services in the event that we need to report accidents or incidents or request emergency assistance
- Third parties to respond to any claims, and to establish, exercise or defend our legal rights
- Further information: If you have any concerns about the way your personal information has been processed, please contact our data protection office at - email@example.com and we will deal with your requests as quickly as possible.