Privacy policy & data subject rights

Identity and contact details

Please click here to find out more about Jaguar Espresso Systems (Jaguar). Our postal address is Unit 12 Albury Close, Loverock Road, Reading, Berkshire, RG30 1BD.  Our telephone number is +44 (0) 118 959 9204.  You can contact us by email using [email protected]. We are IBERITAL UK. LIMITED, a limited company registered no. 04408688 (England and Wales), and we trade as Jaguar Espresso Systems.

Our designated supervisory authority under the UK's General Data Protection Regulation (GDPR) is the Information Commissioner’s Office (ICO). We are based in the United Kingdom.

To contact the individual in charge of Data Protection in our company please use [email protected].

What data we process

This policy aims to support your right to be informed. The document covers how we process the data of individuals who are clients, prospects, or suppliers.

Customers

Jaguar captures information on individuals in customers and prospective customers who have engaged with us either directly or through our website or contacted us using email or telephone.  We use a reason of ‘Contract’ to process this data as we are taking steps towards providing services to these individuals when we capture and process this data.   

Jaguar captures information on customers that we are in the process of providing services for so that we can effectively manage and communicate with them as we deliver our services.  We use ‘Contract’ to process this data.  We do not capture special category information on these customers. 

Prospects

Jaguar captures information on individuals who we believe could have a need for our services. We can either capture this data directly from the individuals in the process of selling to them, or we can licence this data from reputable data providers.

We use this data for direct marketing to the individuals who are corporate employees of the organisations that we target. We process this data using ‘Legitimate Interests'. We have conducted our gating and balancing tests to determine whether our legitimate interests do not outweigh the rights and freedoms of the individuals we are targeting. We do not process special category data on these individuals. 

Where regulations mandate that that we must obtain consent from individuals, for example if the data subject is not an employee of a business (a 'corporate subscriber') and we intend to use email to communicate, then we will use the lawful basis of Consent to process data to promote our services. This lawful basis of consent can include the use of a 'soft opt-in' where the individuals we are targeting have bought from us within the past 2 years. We do not process special category data on these individuals. 

Suppliers and partners

We process information on suppliers and partners so that we can purchase goods and services from them.  We use a lawful basis of contract to process this data.  We do not capture special category information on this data.

Any recipient or categories of recipients of the personal data

Jaguar pass data on to other data controllers for the following purposes:

  • For data relating to those applying to be members of staff or for staff who have found other employment after the end of a contract, we share data with third parties to obtain and provide references.
  • As the data controller of data, we may provide access to data processors that process data on our behalf, who will only process the data according to the written instructions in the Data Processing Agreements in place with them.
  • We share data with organisations with which we have a legal obligation to share data (for example HMRC).
  • We share data on staff with organisations where we are acting as an intermediary between the staff and an organisation providing benefits to the staff member (for example pension providers).

Details of transfers to third country and safeguards

We will not transfer your data to countries outside the UK to destinations that are not considered 'adequate' by relevant legislation without additional safeguards.

Retention period or criteria used to determine the retention period

  • We will retain information on customers for 7 years after the latest purchase as we will need to retain this information for financial purposes.
  • We will retain information that we use on prospective customers for the purposes of direct marketing for 3 years after the latest interaction with the individual where we use legitimate interests as a lawful basis for processing the data.
  • We will retain information that we use on prospective customers for the purposes of direct marketing for 3 years after the latest interaction with the individual where we use consent as a lawful basis for processing the data.
  • We will retain information on staff members for 7 years after their employment with us ends, as we need to retain information on staff members for legal reasons.
  • We will retain information on individuals who we have details on for recruitment purposes, but who have not gone on to be employees, for 3 months after the job role that they were being considered for has been filled.  If we believe that their details may be suitable for future roles, we will obtain their consent to retain their CVs for longer periods. 
  • We will retain the details of the suppliers or partners for as long as we might have a need for the services that the supplier or partner offer.   

If these data retention timescales clash with legal or contractual obligations then these other obligations will override the retention timescales outlined. For example, UK limited companies are required to retain records on tax paid for 6 years. 

All records are disposed of securely when deleted. 

How we look after data

We take reasonable technical and procedural precautions to prevent the loss, misuse or unauthorised alteration of personal data. We are Cyber Essentials certified (certificate IASME-CE-011481).

We store the personal data that we collect securely.

We do not publish the details of the safeguards we use to protect the personal data that we control as this could reduce the effectiveness of those safeguards.

Cookies

Cookies are text files placed on your computer to collect information about which pages you visit, and how long for. This information is used to track use of the website and to compile statistical reports on website activity.

When you visit our website you will be presented with a choice which will allow you to decide whether cookies are used or not. In a few cases some of our website features may not function if you choose not to allow cookies on our website.

Personal data may be shared with third parties to enable us to conduct web analytics to monitor use of our website. We use Google Analytics and you can opt out of Google Analytics by using this link: https://tools.google.com/dlpage/gaoptout?hl+en=GB.

Other websites

Our website contains links to other websites. This privacy policy only applies to this website, so when you link to other websites you should read their own privacy policies.

Your rights

Jaguar recognises the rights of individuals as defined in the UK’s GDPR.

We will always seek to uphold those rights and the links provided will enable you to communicate with us to exercise those rights, where relevant.

Jaguar recognises your right to lodge a complaint with a supervisory authority. You can access the ICO's website from this link.

Version control

Date

 

Alterations

Owner

Initials of reviewer

15 July 2021

 

Initial draft of document

 

 

12 Aug 2021

 

Updates