Updated: November 2020 Date
of next review: November 2021
Introduction
In order to run our business, we collect
information about the people with whom we work. These are known as ‘data
subjects’ and may include shareholders, directors, employees, customers or
suppliers, current, past and prospective.
This personal information is handled according to
the requirements of the General Data Protection Regulation (Regulation (EU)
2016/679) ("GDPR"), the Privacy and Electronic Communications
Regulations (“PECR”) and all related UK regulations (collectively known as “DP
Laws”) in the course of complying with our obligations as an employer and/or
dealing with issues arising from the provision of goods and services to the
public. The Act gives certain rights to people whose 'personal data' we may
hold. We consider that the secure and ethical treatment of personal data is
integral to our successful operations and to maintaining the trust of the
persons we deal with.
WCF Ltd is registered to process personal data and is
named as the Data Controller under the register kept by the Information
Commissioner.
WCF Ltd have privacy policies for all its data
subjects which are published online and provided to data subjects in the
appropriate manner. We also have detailed policies for each category of subject
intended to help our employees process this personal data in accordance with
the requirements of the DP Laws.
Information
covered by DP Laws
The Act uses the term 'personal data' which
essentially means any recorded information held by us and from which a living
individual can be identified. It will include a variety of information
including names, billing and delivery addresses, telephone numbers, e-mail
addresses and other personal details, including digital information such as
social media metadata and IP address.
Data Protection
Obligations
WCF is committed to processing personal data in
compliance with the Principles below and to demonstrating such compliance. The fundamental
"Principles" relating to the processing of personal data are that it
should be:
(i)
processed
fairly and lawfully and in a transparent manner;
(ii)
obtained
only for specified, explicit and legitimate purposes and not used for other
purposes;
(iii)
adequate,
relevant and limited to what is necessary for the purpose for which it is
processed;
(iv)
accurate,
kept up to date and, where it is inaccurate, erased or rectified without delay;
(v)
kept in a
form that permits identification of data subjects for no longer than is
necessary for the purposes for which that personal data is being processed;
(vi)
processed
in a manner that ensures appropriate security, including protection against
unauthorised and against accidental loss, destruction or damage;
(vii)
processed
in accordance with the rights of data subjects under the GDPR; and
(viii)
not be
transferred outside of the EEA except where specific conditions are met.
WCF relies on one of the following as the legal
basis on which it processes personal data:
(i)
Where it
is necessary for the performance of our contract;
(ii)
Where it
is necessary for compliance with our legal obligations;
(iii)
Where it
is necessary for the purposes of WCF’s legitimate business interests; and in
some cases
(iv)
Where the
data subject has given their consent for the processing of their personal data
WCF may also rely on the following legal bases for
processing personal data (although this is likely to be rare):
(i)
Where we
need to protect the data subject’s vital interests (or someone else’s’ vital interests);
or
(ii)
Where it
is needed in the public interest
Individuals'
Rights
Data subjects have other rights under DP Laws in
relation to their personal data. This includes:
(i)
the right
to request that we rectify, or erase information held about them without undue
delay (“right to be forgotten”);
(ii)
the right
to ask us to limit the processing of this information;
(iii)
the right
(if we are processing information based on consent, such as for marketing
purposes) to withdraw such consent;
(iv)
the right
to object to certain processing of personal information (including the right to
object to processing of personal data for direct marketing purposes at any
time); and
(v)
the right
to obtain and re-use their data (i.e. ask us to move, copy or transfer it to
another organisation).
Subject
Access Requests
All data subjects have the right
at any time to request to see personal information held about them either
digitally or on file. All such requests
must be in writing and should be forwarded immediately to our Company Secretary
Pam Murray at Crawhall, Brampton, Cumbria, CA8 1TN or pam.murray@wcf.co.uk. We
have 30 working days to respond to the request and provide data subjects with a
copy of all the personal information we hold about them.
Our Commitment
We are committed to taking all reasonable steps and
measures to ensure that:
·
We comply
with DP Laws and follow good practice;
·
We
protect the rights of the data subjects whose personal data we hold;
·
We are
open about how we capture, process and retain personal data;
·
We only
hold personal data that is accurate and up to date and promptly rectify or
delete any inaccurate data;
·
We only
utilise personal data for the purposes for which it was obtained;
·
We do not
hold personal data for any longer than is necessary for the purposes for which
it was obtained;
·
We put in
place appropriate security measures against unauthorised or unlawful processing
of personal data held and against accidental, destruction or damage to, such
data;
·
We do not
disclose personal information to any third party except as set out in our
Privacy Policies;
·
We carry
out due diligence on our third-party data processors to verify that they have
appropriate technical and organisational measures to protect our personal data;
·
We do not
transfer any personal data outside the European Economic Area (“EEA”) without
the appropriate safeguards;
·
We deal
with any subject access requests promptly and courteously;
·
We report
any unlawful access to the ICO in accordance with DP Laws;
·
We will carry
out regular reviews of our data policies and ensure that our Privacy Policies
are updated; and
·
We ensure
that our employees are appropriately trained to understand the contents of our
data policies and their contribution to compliance with the requirements of the
DP Laws;
Jo L
Ritzema Phil Murray
Managing
Director Deputy
Managing Director
November
2020
For over four decades, Allan Stobart Fuels has
been your trusted local fuel supplier and we take pride in delivering
exceptional customer service and competitive prices. Proudly serving homes,
farms, and businesses across Cumbria and southern Scotland, we provide reliable
fuel solutions tailored to your needs. Please take advantage of our Savers Plan Direct
Debit scheme, where you can pay a manageable monthly amount and build credit
for future heating oil deliveries. This flexible plan ensures you're always
prepared, making it easier to budget for your heating needs throughout the
year. Allow us to track your fuel levels and schedule deliveries as needed with
our tank monitoring service so that you can focus on what matters most without
worrying about your tank running low.
Use our fuel cards nationwide at a wide network of UK Fuels sites to streamline your fuelling process and benefit from
competitive prices and monthly invoicing.
In addition to fuel, we also offer a wide range
of fuel tanks, lubricants and additives, and our dedicated team is always on
hand to assist you, ensuring you receive the best products and service every
step of the way. Whether you're heating your home, fuelling your farm, or
powering your business, Allan Stobart Fuels is here to ensure you receive
top-quality fuel with a commitment to excellence.
