Information on the Collection and Processing of your personal data (for customer) 

Information on the Collection and Processing of your personal data (for customer)

January 2025

 

Care and transparency are the basis for a trusting cooperation with our customers. We therefore inform you about how we process your data and how you can exercise your rights under relevant Data Protection Laws, in particular, the Data Protection Act 2018 and UK GDPR. Which personal data we process for what purpose depends on the respective contractual relationship.

 

1. Who is responsible for the processing? 

The controller is:

  • Dave Davies. DVS Ltd. Unit 3, Vanguard Way, Neptune Point, Cardiff. CF24 5PG

 

2. Who do I contact if I have a question or concern?

The contact details for the person responsible for data protection within our organisation are as follows:

  • Responsible person: Dave Davies
  • Email: David.Davies@dvs.co.uk
  • By Post: DVS Ltd. Unit 3, Vanguard Way, Neptune Point, Cardiff. CF24 5PG

 

You also have the right to contact the Information Commissioner’s Office (ICO), (www.ico.org.uk) , the UK’s data protection supervisory authority if you feel we have been unable to resolve your query or complaint satisfactorily.

 

3. Which personal data do we use?

If you have an enquiry, have us prepare an offer or conclude a contract with us, we will process your personal data. In addition, we process your personal data, among other things, to fulfil legal obligations, to protect a legitimate interest or on the basis of a consent given by you.

Depending on the legal basis, the categories of personal data are as follows:

  • Name, Surname
  • Address
  • Communication Data (telephone, e-mail-address)
  • Date of birth
  • Nationality
  • Contract master data, especially contract number, duration, period of notice, type of contract
  • Invoice data / turnover data
  • Data on creditworthiness
  • Payment data / account data
  • Health data
  • Gender
  • Account information, in particular registration and logins
  • Video and image recordings

 

[In the course of contract initiation, we also use data provided to us by third parties. Depending on the type of contract, the following categories of personal data are involved:]

 

  • Information on creditworthiness (via a credit agency)
  • Results of PEP’s and Sanctions, and Anti-Money Laundering searches via 3rd party agencies.

 

4. From which sources does the data come? 

We process personal data that we receive from our customers, service providers and our suppliers.

We also obtain your data from the following sources:

  • Credit agencies
  • Publicly accessible sources: commercial or association registers, debtor registers, land registers
  • Other Group companies

 

5. For what purposes do we process your data and on what legal basis?

We process your personal data in particular in compliance with the relevant Data Protection Laws.

a) Data processing on the basis of a consent given by you.

If you have given us your voluntary consent to the collection, processing or transfer of certain personal data, then this consent forms the legal basis for the processing of this data. In the following cases we process your personal data on the basis of your consent:

  • Sending an e-mail newsletter
  • Personalised newsletter tracking
  • Market research (e.g. customer satisfaction surveys)
  • Marketing and advertising of customer profiles

b) For the performance of a contract

  • Register you as a new customer
  • To process and deliver your order including:
  • Manage payments, fees, and charges
  • Collect and recover money owed to us

c) To fulfil legal obligations

As a company we are subject to various legal obligations. The processing of personal data may be necessary to fulfil these obligations.

  • Control and reporting obligations
  • Creditworthiness, age and identity checks
  • Prevention of criminal acts .

d) On the basis of a legitimate interest of the controller

In certain cases we process your data to protect our legitimate interests or that of third parties:

  • Direct advertising and opinion research
  • Central customer data management within the Group
  • Measures for building and plant safety
  • Video surveillance for the protection of domiciliary rights
  • Consultation and data exchange with credit agencies
  • To determine creditworthiness and default risks
  • Ensuring IT security and operation

 

6. To whom will your data be passed on?

In order to fulfil our contractual and legal obligations, we will pass on your data to different public and internal places, as well as external service providers.

a) Companies within the Group:

  • Midwich

b) External Service Providers:

  • IT service providers (e.g. maintenance service providers, hosting service providers)
  • Service provider for file and data destruction
  • Printing services
  • Telecommunications
  • Payment service providers
  • Consulting
  • Service Provider for Marketing or Sales
  • Credit agencies  (data providers and collection services)
  • Authorised dealers
  • Service provider for telephone support (Call-Center)
  • Web hosting service provider
  • Letter shops
  • Auditors and accountants

c) Public bodies and authorities:

Furthermore, we may also be obliged to transfer you data to other recipients, such as public authorities to fulfil legal notification obligations.

  • HMRC
  • Customs
  • Other relevant Governmental bodies

 

7. Will your data be transferred to countries outside the UK?

On occasion, it may be necessary for us to transfer your data outside of the UK. This will only be done in accordance with relevant Data Protection laws.

 

8. For how long do we store your data?

We store your personal data for as long as necessary to fulfil legal and contractual obligations.

If the storage of your data is no longer necessary to fulfil the legal or contractual obligations, we will delete your data unless the transfer is necessary for one of the following purposes:

  • Fulfilment of commercial and tax storage obligations.
  • Criminal investigations
  • Preservation of evidence within the framework of the statutory limitation provisions

 

9. What rights do you have in connection with the processing of your data? 

Every data subject has rights under Data Protection Law. The rights available to you depend on our reason for processing your information.

  • Right to be informed. You have the right to be informed about the collection and use of your personal data.
  • Right of Access. You have the right to ask us for copies of your personal information. This right always applies. There are some exemptions, which means you may not always receive all the information we process.
  • Right to Rectification. You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. This right always applies.
  • Right to Erasure. You have the right to ask us to erase your personal information in certain circumstances.
  • Right to restriction of processing.You have the right to ask us to restrict the processing of your information in certain circumstances.
  • Right to Object. You have the right to object to us processing (using) your personal data at any time. This effectively means that you can stop or prevent us from using your data. However, this only applies in certain circumstances. There may be occasions when we may not need to stop if a strong and legitimate reason exists to continue using your data.
  • Right to data portability. You have the right to obtain and reuse your personal data for your own purposes across different services. This right only applies to information you have provided to us.

 

10. What right do you have in the event of data processing for legitimate or public interest?

You have the right to object at any time to the processing of personal data concerning you on the basis of:

  • data processing in the public interest – for the performance of a task carried out in the public interest
  • data processing in the public interest – for the exercise of official authority vested in you
  • legitimate interests

In the event of your objection, we will no longer process your personal data unless we can prove compelling grounds for processing that outweigh your interests, rights and freedoms, or the processing serves to assert, exercise or defend legal claims.

 

11. What right do you have in the event of data processing for direct marketing?

If we process your personal data for direct marketing purposes, you have the right to object to the processing of your personal data for direct marketing at any time. This also applies to profiling insofar as it is associated with such direct marketing.

a) Objection. In the event of your objection to processing for direct marketing purposes, we will no longer process your personal data for these purposes.

b)Revocation of consent. You can revoke your consent to the processing of your personal data at any time. Please note that the revocation is only valid for the future.

c) Right to information. You may request information as to whether we have stored personal data about you. If you wish, we will inform you of the data concerned, the purposes for which the data is processed, to whom this data is disclosed, how long the data is stored and what further rights you are entitled to with regard to this data.

d) Further rights. In addition, you have the right to have your data corrected or deleted. If there is no reason for further storage, we will delete your data, otherwise we will restrict processing. You may also request that we provide all personal information that you have provided to us in a structured, current and machine-readable format either to you or to a person or company of your choice.

In addition, there is a right to lodge a complaint to the responsible data protection supervisory authority.

e) Assertion of your rights. To exercise your rights, you can contact the following at any time by writing or emailing:

  • The Marketing Department, DVS Ltd. Unit 3, Vanguard Way, Neptune Point, Cardiff. CF24 5PG
  • Email: marketing@dvs.co.uk (please put ‘Unsubscribe’ in the subject line).

 

12. Is there an obligation to provide your personal data?

In order to enter into a business relationship, you must provide us with the personal data that is necessary for the execution of the contractual relationship or that we are required to collect by law. If you do not provide us with this data, it is not possible for us to carry out and process the contractual relationship.

 

13. Does an automated individual decision-making or profiling take place?

There may be occasions where, as part of processing your personal data, automated decisions may be made. If you require more information on automated decision making, please contact us by using the contact details above.

 

14. Changes to this information

If the purpose or manner of processing your personal data changes significantly, we will update this information in time and inform you about the changes.

 

DVS LTD,
UNIT 3,
NEPTUNE POINT,
VANGUARD WAY,
CARDIFF,
CF24 5PG

Opening Hours: Monday - Friday; 8.30 - 5.30pm
T
+44 (0) 2920 455 512
F
+44 (0) 2920 492 085
E
contact@dvs.co.uk
1 Web Order = 50p donated to Noah's Ark Children's Hospital Charity!
20841
©DVS Ltd 2025. All rights reserved