Privacy

 

Dust Rust Lust (DRL)

HOW WE USE YOUR INFORMATION

This privacy notice tells you what to expect when Dust Rust Lust (DRL) collects personal information.

It applies to the information we collect when:

1.You visit our website

2.You contact us via social media

3.You email us

4.You use our services

5.You apply for a job with us

6.You subscribe to our marketing information

7.You are one of our suppliers

1) WHEN YOU VISIT OUR WEBSITE - When someone visits www.dustrustlust.com we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make any attempt to find out the identities of those visiting our website.

1a) Cookies - We may use cookies and pixel tags to collect information about your use of our website to help us make improvements to our website. Cookies are small data files that are sent to your browser and pixel tags are needed in order to read cookies. Some cookies sent to your browser will help to save you time. You have the ability to accept or decline cookies by modifying the settings in your browser. However, you may not be able to use all the interactive features of our site if cookies are disabled. Cookies are usually automatically enabled, but you can choose not to accept them, you can choose to delete existing cookies from your browser or, by editing your browser options, choose not to allow cookies in future.

1b) Measuring website usage (Google Analytics) - We use Google Analytics on an ongoing basis to collect information about how people use the website. We do this to make sure we are meeting our users' needs and to understand how we can improve the site. Google Analytics stores information about what pages you visit, how you got here and what you click on. We do not collect or store any personal information (e.g. your name or address) so this information cannot be used to identify you. We do not allow Google to share our analytics data. We use Google Analytics Demographics and Interest Reporting to more accurately determine visitors by age, gender and interests. This helps us better establish the types of content we make available and what we produce online is relevant to our audiences. You can opt out of Google Analytics by implementing the Google Analytics Opt-out Browser Add-on .

2) WHEN YOU CONTACT US VIA SOCIAL MEDIA - If you send us a private or direct message via social media the message will not be shared with any other organisations.

3) WHEN YOU EMAIL US - We use Transport Layer Security (TLS) to encrypt and protect email traffic. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit. We will also monitor any emails sent to us, including file attachments, for viruses or malicious software.

4) WHEN YOU USE OUR SERVICES - When you use DRL for your event, we need to store sufficient personal information to allow us to complete our contract with you.

4a) What information does DRL collect? DRL collects a range of information about you. This includes your name, company address and contact details, including your company email address, company postal address and telephone number (fixed line and/or mobile line as you choose to provide us); Data will be stored in our management information system.

4b) Why does DRL process personal data? DRL needs to process data this information so that we can contact you regarding your project. If you are an existing client of Dust Rust Lust, we will send you information we believe will interest you. You will always be given the option to opt out of receiving further information. As a new or potential client, we will always ask you whether you want to opt-in to receiving information from us before we send you anything. You will always be given the option to opt out of receiving further information. Further details on what happens when you subscribe to our marketing information is given below.

4c) Who has access to data? Your information may be shared internally for the purposes of completing our contract with you and IT staff if access to the data is necessary for the performance of their roles. DRL will not share your data with third parties. DRL will not transfer your data outside the European Economic Area.

4d) How does DRL protect data? DRL takes the security of your data seriously. It has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees, or consultants contracted on its behalf in the proper performance of their duties.

4e) For how long does DRL keep data? We will keep your data whilst you are a client indefinitely unless you request its removal from our systems.

4f) Access to personal information and how to get it corrected or deleted - Individuals can find out if we hold any of their personal information by making a ‘subject access request’, in writing to the address at ‘How to Contact us’ below. If we do hold information about you, we will give you a description of it, tell you why we are holding it, tell you who it has been/could be disclosed to, let you have a copy of the information. You may also request that your information is corrected or deleted which we will do and confirm to you that this has been done unless a regulatory or legal reason prevents this. We will explain to you why we cannot delete your data if a regulatory or legal reason prevents this. We will ask you for proof of identification before we correct or delete your information.

5) WHEN YOU APPLY FOR A JOB WITH US - As part of any recruitment process, DRL collects and processes personal data relating to job applicants. DRL is committed to being transparent about how it collects and uses that data and to meeting its data protection obligations.

5a) What information does DRL collect? DRL collects a range of information about you. This includes: your name, address and contact details, including email address and telephone number; details of your qualifications, skills, experience and employment history; your current level of remuneration, including benefit entitlements; whether or not you have a disability for which DRL needs to make reasonable adjustments during the recruitment process; and information about your entitlement to work in the UK. DRL may collect this information in a variety of ways. For example, data might be contained in CVs, application forms, obtained from your passport or other identity documents, or collected through interviews. DRL may also collect personal data about you from third parties, such as recruitment agencies, references supplied by former employers and information from criminal records checks (e.g. from the Disclosure and Baring Service (DBS)), where this is relevant to role. Data will be stored in a range of different places, including on your application record, in HR management systems and on other IT systems (including email).

5b) Why does DRL process personal data? DRL needs to process data to take steps at your request prior to entering into a contract with you. It may also need to process your data to enter into a contract with you. In some cases, DRL needs to process data to ensure that it is complying with its legal obligations. For example, it is required to check a successful applicant's eligibility to work in the UK before employment starts. DRL has a legitimate interest in processing personal data during the recruitment process and for keeping records of the process. Processing data from job applicants allows DRL to manage the recruitment process, assess and confirm a candidate's suitability for employment and decide to whom to offer a job. DRL may also need to process data from job applicants to respond to and defend against legal claims. DRL may process special categories of personal data, such as information about ethnic origin, sexual orientation or religion or belief, to monitor recruitment statistics. It may also collect information about whether or not applicants are disabled to make reasonable adjustments for candidates who have a disability. DRL processes such information to carry out its obligations and exercise specific rights in relation to employment. For some roles, DRL is obliged to seek information about criminal convictions and offences. Where DRL seeks this information, it does so because it is necessary for it to carry out its obligations and exercise specific rights in relation to employment. DRL will not use your data for any purpose other than the recruitment exercise for which you have applied.

5c) Who has access to data? Your information may be shared internally for the purposes of the recruitment exercise. This involves HR (including any contracted HR Consultants), interviewers involved in the recruitment process, managers in the business area with a vacancy and IT staff if access to the data is necessary for the performance of their roles. DRL will not share your data with third parties, unless your application for employment is successful and it makes you an offer of employment. DRL will then share your data with former employers to obtain references for you, and the Disclosure and Barring Service (DBS) to obtain necessary criminal records checks (where this is appropriate for the role). DRL will not transfer your data outside the European Economic Area, unless your application for employment is successful and it makes you an offer of employment. Where a member of staff’s employment with DRL requires study, employment, or a placement at another organisation it may be necessary for DRL to transfer personal data to the external educational institution or employer, whether this is within the UK or abroad. This may require some data being sent outside the EEA to countries which may have lower standards for the protection of personal data.

5d) How does DRL protect data? DRL takes the security of your data seriously. It has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees, or consultants contracted on its behalf in the proper performance of their duties.

5e) For how long does DRL keep data? If your application for employment is unsuccessful, DRL will hold your data on file for 12 months after the end of the relevant recruitment process. At the end of this period your data will be deleted or destroyed. If your application for employment is successful, personal data gathered during the recruitment process will be transferred to your HR file and retained during your employment. The periods for which your data will be held will be provided to you in the HR Records Retention Policy. Further information on how data is used in the course of employment is detailed in DRL’s HR Privacy Notice.

5f) Your rights - As a data subject, you have a number of rights. You can: access and obtain a copy of your data on request; require DRL to change incorrect or incomplete data; require DRL to delete or stop processing your data, for example where the data is no longer necessary for the purposes of processing; and object to the processing of your data where DRL is relying on its legitimate interests as the legal ground for processing. If you would like to exercise any of these rights, please email contact@dustrustlust.com if you believe that DRL has not complied with your data protection rights, you can complain to the Information Commissioner.

5g) What if you do not provide personal data? You are under no statutory or contractual obligation to provide data to DRL during the recruitment process. However, if you do not provide the information, DRL may not be able to process your application properly or at all.

5h) Automated decision-making Recruitment processes are not based solely on automated decision-making.

6) WHEN YOU SUBSCRIBE TO OUR MARKETING INFORMATION - We want you as a client or potential client to understand how we can help you solve your design, innovation and technology challenges. We would love to send you relevant information about our business and the work we do, via email and post and telephone. If you are an existing client of Dust Rust Lust we will send you information we believe will interest you. You will always be given the option to opt out of receiving further information. As a new or potential client, we will always ask you whether you want to opt-in to receiving information from us before we send you anything. You will always be given the option to opt out of receiving further information.

6a) What information does DRL collect? DRL collects a range of information about you. This includes: your name, company address and contact details, including your company email address, company postal address and telephone number (fixed line and/or mobile line as you choose to provide us); the market sector you work in. Data will be stored in our management information system.

6b) Why does DRL process personal data? DRL needs to process data this information so that we can send you relevant information about our business and the work we do, via email and post and telephone. We do not use your data in ways we think you would find intrusive. We will use your personal data to do the following: Select material which we believe will be of interest to you based on the market sector you work in, Send you our e-newsletter which will include news that would be of interest in your market sector, examples of car events, car news, car photography and competitions. We expect to send you around 24 e-newsletters a year, Send you additional ad-hoc bespoke E-Newsletters sharing specific news that is of interest and relevant DRL events, news, photography and competitions to win tickets to events, Send you our e-Christmas Card in December, to wish everyone a Merry Christmas from DRL.

6c) Who has access to data? Your information may be shared internally for the purposes of the selecting and sending you relevant information and IT staff if access to the data is necessary for the performance of their roles. DRL will not share your data with third parties with the exception of loading your data into Squarespace mailing list which is the third party software we will occasionally use to distribute our marketing material by email. DRL will not transfer your data outside the European Economic Area.

6d) How does DRL protect data? DRL takes the security of your data seriously. It has internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by our employees, or consultants contracted on its behalf in the proper performance of their duties.

6e) For how long does DRL keep data? We will keep your data indefinitely unless requested.

6f) Access to personal information and how to get it corrected or deleted Individuals can find out if we hold any of their personal information by making a ‘subject access request’, in writing to the address at ‘How to Contact us’ below. If we do hold information about you, we will: Give you a description of it, Tell you why we are holding it, Tell you who it has been/could be disclosed to, Let you have a copy of the information. You may also request that your information is corrected or deleted which we will do and confirm to you that this has been done unless a regulatory or legal reason prevents this. We will explain to you why we cannot delete your data if a regulatory or legal reason prevents this. We will ask you for proof of identification before we correct or delete your information.

7) WHEN YOU SUPPLY TO US - We hold supplier details to allow us to place orders with suppliers and to process payments. The data we hold on suppliers is contact names, contact telephone numbers, organisation addresses, organisation email addresses, organisation bank details, data to allow us to qualify you as an approved supplier (ISO standards held, levels of insurance held,statements from you on your policies for health and safety, business continuity, governance and corporate responsibility. Supplier details are stored in our secure Management Information System and our secure IT systems. We do not contact any of our suppliers with marketing information.

8) HOW TO CONTACT US - If you would like further information on our privacy policy, please email contact@dustrustlust.com

9) COMPLAINTS - We believe it is essential to meet the highest standards when collecting and using your personal information. Please contact us straight away if you have any concerns or need any further information about how we process your personal information. If you want to make a complaint about the way we have processed your personal information, you can contact the office of the Information Commissioner at www.ico.org.uk/concerns.