Astra Security are specialists in integrated security systems, and committed to safeguarding the privacy of its clients, sales prospects and visitors to this website in accordance with the General Data Protection Regulations (GDPR) and all other relevant regulation and legislation. This policy sets out how we capture, store and treat the personal information we use in our sales and marketing activities.
According to The General Data Protection Regulations (GDPR), all personal data we hold must be:
- Processed lawfully, fairly and in a transparent manner
- Collected for specified, explicit and legitimate purposes
- Adequate, relevant and limited to what is necessary
- Accurate and, where necessary, kept up-to-date
- Retained only for as long as necessary
- Processed in an appropriate manner to maintain security
We will only ever collect, process and store the essential information required for making contact with individuals or businesses. The personal data we collect is limited to first name, last name, email address, social profiles, business IP address, business name, job function and business address.
We will not process or hold any data irrelevant to the purposes of doing business with you, nor any special category data, including: race; ethnic origin; political opinions; religion; philosophical beliefs; trade union membership; genetic data, for the purpose of uniquely identifying a natural person; bio-metric data, for the purpose of uniquely identifying a natural person; health data; concerning a natural person’s sex life; or sexual orientation.
The data we collect will be used to communicate marketing and sales messages relating to Astra Security services via email, social media, telephone or any other marketing methods that may be relevant. You have the right to object from any method of correspondence at any time via the methods detailed below.
At Astra Security we procure data in a variety of ways, collected in line with the lawful basis of ‘Legitimate Interests’. If you have received correspondence from us, we will have procured your data in one of the following ways:
- You have requested information from Astra Security on a previous occasion
- Someone has sent us your e-mail address requesting information about our articles and/or services be sent to you
- You or someone else has expressly shared your contact details with us for the purpose of receiving information now and/or in the future
- We have previously met at an event and your business card or contact details were handed to us willingly
- You have previously connected with a member of our team and discussed our services
- A member of our team has found your business and your contact details online, believing that your business would genuinely be interested in Astra Security services, based on your job function aligning with our typical customer profiles they have made contact to introduce you to our product
As per the ICO guidance, Astra Security can confirm:
- We have checked that legitimate interests is the most appropriate basis
- We understand our responsibility to protect the individual’s interests
- We have conducted a legitimate interests assessment (LIA) and kept a record of it, to ensure that we can justify our decision
- We have identified the relevant legitimate interests
- We have checked that the processing is necessary and there is no less intrusive way to achieve the same result
- We have done a balancing test, and are confident that the individual’s interests do not override those legitimate interests
- We only use individuals’ data in ways they would reasonably expect
- We are not using people’s data in ways they would find intrusive or which could cause them harm
- We do not process the data of children
- We have considered safeguards to reduce the impact where possible
- We will always ensure there is an opt-out/ability to object
- Our LIA did not identify a significant privacy impact, and therefore we do not require a DPIA
- We keep our LIA under review every six months, and will repeat it if circumstances change
- We include information about our legitimate interests in our privacy notice
Using your personal information
We may use this data to:
- administer the website;
- improve your browsing experience by personalising the website;
- enable your use of the services available on the website;
- send you general (non-marketing) commercial communications;
- send to you marketing communications relating to our business which we think may be of interest to you by post, email or similar technology;
- send you email notifications which you have specifically requested;
- provide third parties with statistical information about our users – but this information will not be used to identify any individual user;
- deal with enquiries and complaints made by or about you relating to the website; and
- keep our website secure and prevent fraud.
- to the extent that we are required to do so by law;
- in connection with any legal proceedings or prospective legal proceedings;
- in order to establish, exercise or defend our legal rights (including providing information to others for the purposes of fraud prevention and reducing credit risk);
- to the purchaser (or prospective purchaser) of any business or asset that we are (or are contemplating) selling; and
- to any person who we reasonably believe may apply to a court or other competent authority for disclosure of that personal information where, in our reasonable opinion, such court or authority would be reasonably likely to order disclosure of that personal information.
Storage, security and retention of your personal information
We will take reasonable technical and organisational precautions to prevent the loss, misuse or alteration of your data.
We will retain the personal data we hold for as long as we consider it necessary for working with you, selling and marketing our services, or to comply with any legal obligations, and then we will securely delete your data. We will delete your data at an earlier date if you request it.
You have the right to rectification, erasure, restriction and objection.
You may instruct us to provide you with any data we hold about you. Provision of such information will be subject to the supply of appropriate evidence of your identity (for this purpose, we will usually accept a photocopy of your passport certified by a solicitor or bank plus an original copy of a utility bill showing your current address). We may withhold such personal information to the extent permitted by law. We may also refuse nuisance requests, where a person requests their data excessively on multiple occasions without legitimate reason.
You can at any time request that the information we hold about you is updated or corrected.
In all correspondence with you we will give you the right to object from receiving further correspondence from Astra Security. On any emails you receive from Astra Security there will be the option to ‘unsubscribe’ from receiving any further email correspondence. If you receive a telephone call from us, you have the right to request not to receive any further calls.
You can also make any request for rectification, erasure, restriction and objection by emailing: firstname.lastname@example.org or by writing to: Astra Security Ltd, Units 7 & 8, Northavon Business Centre, Dean Road, Yate, Bristol, BS37 5NH
All requests will be processed within 30 days. Your details will be added to a suppression file to ensure that your details cannot be processed by Astra Security systems in the future.
It is important to understand the difference between a right to object and a request for deletion. If you make a request for deletion, we will remove any data we hold about you from the Astra Security CRM system. This will also mean that we will remove you from our suppression files. If you are removed from our suppression files, there is a risk that your data may be processed again in the future if your details are re-added to our CRM system by a member of our sales team who genuinely believes that your business would benefit Astra Security services. If you do not wish for us to contact you again about Astra Security, we would recommend you request to object rather than a request for deletion, as this will ensure that your details are always suppressed from processing.
Astra Security website
The website also contains links to other websites. We are not responsible for the privacy policies or practices of third party websites.
ASTRA Integrated Security Systems
Units 7 & 8
Northavon Business Centre
Company Number: 02720811