Paul Stephens Ltd are committed to protecting and respecting your privacy and personal data. This Privacy Policy describes how we will use your personal information and how you can exercise your rights under the General Data Protection Regulation (GDPR).
Data controller and contact information
The data controller is Paul Stephens Ltd. Our ICO registration number is ZA278375. If you have any questions, comments or requests regarding this Privacy Policy, please feel free to contact us at:
Data Protection Officer
Rebecca Stephens
Paul Stephens Ltd
Sudbury Road
Little Maplestead
Halstead
Essex
CO9 2SE
01440 714884
Purposes and lawful basis for processing personal data
We may collect, process and use your personal data in the course of supplying vehicles, goods and services to you and to manage our relationship with you, in the following ways:
Processed under the lawful basis of Contract:
When you enquire about or purchase a vehicle, goods or services from us, we will collect personal information to enable us to respond to your enquiry and to process and complete your purchase.
When you enquire about purchasing a vehicle on finance, we will collect information to enable third parties to provide finance quotes and agreements.
We collect personal information from you when you apply for a job with us to enable us to contact you and process your application.
Processed under the lawful basis of Legal Obligation:
We collect and process your personal information for producing invoices and accounting purposes which is required to meet HMRC legislation.
We collect personal information from employees to enable us to meet employment law obligations.
Processed under the lawful basis of Consent:
If you have given consent to receive marketing communications from us, we will collect information concerning your marketing preferences and send you communications based on those preferences.
Who we share your personal data with
We do not share your data with any other third parties except:
if you have given your consent.
if it is necessary to enable the provision of third party services you have requested (for example to facilitate warranty, insurance or finance quotes or agreements).
if we are under a duty to comply with any legal obligation.
Third party recipients of your data
Data processors are third parties who provide elements of our business management services for us, who process or store personal data on our behalf. The categories of these recipients are accounting, marketing, software, and website providers.
We have contracts in place with our data processors to ensure they are looking after your data to GDPR standards, which means they cannot use, share or do anything with your personal data unless we have instructed them to do so.
Retention periods
Unless otherwise listed below, your personal data will be kept for a period of 7 years in order to comply with HMRC requirements.
Personal data processed under consent will be kept for as long as you consent to its processing. We will seek to refresh your consent at appropriate intervals.
Your rights in regard to your personal data
You have a number of rights in regard to your personal data. These include the right to request access to, rectification or erasure of personal data we hold, or restriction of processing concerning your data, or to object to the processing as well as the right of data portability. If you wish to make any such requests please contact us in writing using the contact details at the top of this page.
Right to withdraw consent
Where we have processed your personal data on the lawful basis of consent, you have the right to withdraw this consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
Right to complain
If you have any concerns about how we have handled your personal data, please contact us so we may address them.
You also have the right to lodge a complaint with the supervisory authority, the Information Commissioner’s Office, about how we manage your data.
Provision of data
In most cases, the provision of your personal data is necessary to enter into a contract with us.
Changes to this policy
We will regularly review this privacy notice and update it where necessary. This policy was last updated in May 2018.
Whilst all Paul Stephens products are based on a genuine Porsche 911, Porsche AG or any of its subsidiaries has no association with Paul Stephens and has not endorsed or approved any of our products.
© Paul Stephens Ltd 2024
+44 (0) 1440 714 884
email@paul-stephens.com
Viewings by appointment only.
Paul Stephens Ltd, Sudbury Road, Little Maplestead Halstead, Essex CO9 2SE