1) In line with current UK legislation and the new GDPR laws, Croft Design Studio Limited (hereafter referred to as “the company” or “we”) defines personal data as any information that could be used to identify an individual. This includes but is not limited to: name, address, banking details etc.

2) In order to fulfil our contractual obligations with our customers and suppliers, Croft Design Studio Limited may deem it necessary to hold specific personal data on our them. The data that we hold includes:

  • a. Name – we hold this in order to know the name of our customers and suppliers
  • b. Address – we hold this in order to visit your address to carry out the duties of our contract with you where necessary, as well as for verification purposes
  • c. Date of birth – we may hold this in order to verify customers’ identity for security reasons
  • d. Telephone number – we hold this to enable us to contact customers and suppliers regarding work
  • e. Email address – we hold this in order to contact customers and suppliers regarding work
  • f. Bank account details – we hold this information in order to carry out transactions for payment and/or refunds with our clients and suppliers

3) Croft Design Studio Limited uses a variety of secure cloud-based systems to store your data and reserves the right to upgrade our data storage and protection system periodically at the company’s discretion. Access to personal data is restricted to staff members on a need-to-know basis.

4) Croft Design Studio Limited holds any personal data, after the termination of our contract with customers and suppliers, in accordance with statutory retention periods.

5) To discover what personal data Croft Design Studio Limited holds, individuals must request in writing (letter or email) addressed to the Director who will respond to all reasonable requests within 30 days. In the case of requests that are considered unreasonable or repetitive in nature, Croft Design Studio Limited reserves the right to refuse the information request; in this instance you will be notified in writing the reason for the refusal.

6) Croft Design Studio Limited is committed to preserving the security and privacy of our customers and suppliers and will not hold data unnecessarily or without legitimate reason. Croft Design Studio Limited employs the latest and most robust data security measures to minimise the risk of data breach. In the event of a data breach of an individual’s personal data, Croft Design Studio Limited aims to notify all affected individuals within 14 days of the breach taking place.

7) All your data is held securely and we will not share it with any third parties without your permission.