1.1 In this policy, “we”, “us”, “our” refer to Sold Secure and “you” and “your” refer to our customers.
1.2 We are committed to protect the private data we receive and store from you and respect your rights under the General Data Protection Regulation.
1.3 This policy applies when we receive your data and we are acting as “data controller” and when we process it and we are acting as “data processor”.
1.4 For more information about us and how you can contact us, please see Section 9.
2.1 Sold Secure operates business to business and all the data collected is from you or your business. The private data we collect are names, e-mails and phone numbers.
2.2 We do not require an individual to provide his/her private details to us (e.g.: home address or personal phone number), we require contact details of the business such as business address, work phone number, work e-mail address.
2.3 We may receive your data from a third party, for example the details of a marketing person may be provided by a product manager to act as public contact (please see Section 3 (3.4) for more details).
3.1 In this section we explain how we use your personal data.
3.2 Your data will be use as correspondence data (Sold Secure may contact you by e-mailing or calling to give you updates on the product tested). The legal basis of processing the correspondence data is the performance of a contract between you and us, at your request, to enter into such a contract. The source of data will be individual himself/herself.
3.3 Your data will be used as transaction data and it may be used for financial records such as VAT invoices and it will be kept for 6 years. The legal basis of this processing are the “legal obligations” to which Sold Secure is subject.
Note: Sold Secure will not use the name of a natural person on the invoice, it will only use the details of the company.
3.4 Your data or the data of another individual provided by yourself as public data will be published on our website soldsecure.com and on Sold Secure Approved Products Catalogue that is printed once a year and is also available online on soldsecure.com and locksmiths.co.uk together with the product that has been approved by us. The legal basis of this processing is the performance of a contract between you and us, at your request, to enter into such a contract and the legitimate interest of the customer to receive promotion for the approved product.
4.1 This section explains how we store your private data and for how long.
4.2 Your correspondence data may be printed and secured in our filing cabinets. The cabinets are placed in the Sold Secure building that is secured by high level security and a monitored alarm system. Your correspondence data will be kept 15 years after the approval of the product has been ceased.
The legal basis of storing your details for 15 years is our legitimate interest to keep a record of the products that have been tested at Sold Secure and the natural person that has represented the business at the time.
4.3 Your correspondence data may be stored electronically on our servers that are based in the UK. Our computers are protected by password and anti-virus program, and they can only be accessed by our staff members. Your correspondence data will be kept 15 years after the approval of the product has been ceased.
The legal basis of storing your details for 15 years is our legitimate interest to keep a record of the products that have been tested at Sold Secure and the natural person that has represented the business at the time.
4.4 Your transaction data may be printed and stored in our secure filing cabinets. The cabinets are placed in Sold Secure building that is secured by high level security and a monitored alarm system. Your transaction data will be kept for 6 years after the Vat invoice has been raised.
The legal basis of storing your details for 6 years are the “legal obligations” to which Sold Secure is subject.
4.5 Your transaction data may be stored electronically on our servers that are based in the UK. Our computers are protected by password and anti-virus program, and they can only be accessed by our staff members. Your correspondence data will be kept for 6 years after the Vat invoice has been raised.
The legal basis of storing your details for 6 years is the legal obligations to which Sold Secure is subject.
4.6 Your or your employee public data will be disclosed to the public and it will be stored on our website. If you no longer wish to have your name on our website, please contact our data officer and your details will be permanently deleted in maximum 7 working days after the request has been sent.
5.1 This section explains how we delete/destroy your data once is no longer needed. For more details about the length of time we store your data please see Section 4.
5.2 Once your private data is no longer relevant/needed Sold Secure will permanently delete the electronic files.
5.3 Once your private data is no longer relevant/needed Sold Secure will hire a secure document shredding company, that complies to the GDPR, to destroy the documents.
6.1 Sold Secure has standard procedures to protect your details against data breaches such as passwords for electronic files, that are periodically changed (every 3 moths), alarms and secure filing cabinets for physical documents. For more details on how we securely store your documents please see section 4.
6.2 We back-up your data by creating an electronic copy of each document that is securely stored on our server based in the UK, that is protected by password and anti-virus program.
6.3 Sold Secure understands the legal requirement to report a data breach to ICO (Information Commissioner's Office) in maximum 72h hours from the event. We also commit to inform every person that has been affected by the data breach.
7.1 We may update this policy in order to improve our data management.
7.2 We will notify you of any significant changes to this policy by e-mail.
8.1 This section explains the rights, you have, as a data subject, in relation to your personal information.
8.2 To be informed about how, why and on what basis that information is processed.
8.3 To obtain confirmation that your information is being processed and to obtain access to it and certain other information, by making a subject access request— your request will be answered in maximum 7 days.
8.4 To have data corrected if it is inaccurate or incomplete.
8.5 To have data erased if it is no longer necessary for the purpose for which it was originally collected/processed, or if there are no overriding legitimate grounds for the processing (the right to be forgotten).
8.6 To restrict the processing of personal information where the accuracy of the information is contested, or the processing is unlawful (but you do not want the data to be erased), or where the employer no longer needs the personal information, but you require the data to establish, exercise or defend a legal claim.
8.7 To restrict the processing of personal information temporarily where you do not think it is accurate (and the employer is verifying whether it is accurate), or where you have objected to the processing (and the employer is considering whether the organisation’s legitimate grounds override your interests).
8.8 If you wish to exercise any of the rights in paragraphs, please contact the data protection officer on enquiries@locksmiths.co.uk
9.1 We are registered in the UK under registration number 03714663 and our registered office is at
1 Prospect Park, Valley Drive, Rugby, Warwickshire, CV21 1TF, that is also our principal place of business.
9.2 You can contact us:
LOGIN