Updated to reflect the General Data Protection Regulation (GDPR) 2018
ChimLees Ltd. is committed to keeping your personal data safe and secure, and handling it in accordance with our legal obligations. This policy explains the purposes for which we process your personal data, who we share it with, and the rights you have.
ChimLees Ltd. is the controller of all personal data collected and used for the purposes of providing our services. We decide how and why your data is used and we ensure that it is handled lawfully and safely.
We have appointed a Data Protection Officer who has responsibility within ChimLees Ltd. for ensuring your data is treated in accordance with this policy and the law.
Information you may provide to ChimLees Ltd. can include:
We also collect information about how you use our website using cookies and similar technology, including viewing history, IP address, device identifiers, time on pages and pages clicked.
Information is stored in a company database with access restricted to ChimLees Ltd. employees only. We do not disclose personally identifiable information to any organisation outside of ChimLees Ltd. or its group companies without your consent, except to prevent fraud or where required by law. Information is used only when necessary and only by those who need to see it.
If you would like more information about the data we collect, please contact us.
We process your personal data for the purposes listed above on the basis of our legitimate interests to operate and improve our services.
Where we use your email address for email marketing, we do so with your consent. You can withdraw consent at any time by following the unsubscribe instructions in any marketing email.
We keep your personal data for 5 years, after which we anonymise your information.
You are responsible for the security of the device you use to access this website. Email transmission is not guaranteed to be secure or confidential unless encrypted by you. Any information sent by email is at your own risk. If you have doubts, please write to or telephone us instead. We cannot accept responsibility for unauthorised access or loss of personal information beyond our control.
You can exercise your rights at any time. We may ask for proof of identity and further information to locate your data. We aim to respond within one month of receiving your request and any required information. For complex or numerous requests we may take up to three months and will let you know if this applies.
Subject access requests must be made in writing.
If you have questions about this policy or our processing of your personal data, please contact our Data Protection Officer via our contact page.
You have the right to complain to the Information Commissioner’s Office if you are unhappy with how we process your personal data. Visit www.ico.org.uk for details.
