Welcome to our website at www.electway.co.uk and thank you for your interest in our services and company. We take the protection of your Personal Data very seriously and process your data in accordance with the UK`s Data Protection Act 2020 (“DPA”) and the General Data Protection Regulation (“GDPR”).
With the help of this Privacy Policy, we inform you comprehensively about the processing of your Personal Data by us and the rights to which you are entitled.
Personal Data is information that makes it possible to identify a natural person. This includes, your name, date of birth, address, telephone number, e-mail address, but also your IP address. Anonymous data as such only exists if no personal reference to the user can be made.
In accordance with the DPA and the GDPR, the person responsible for processing of Personal Data when using the website is:
We take appropriate technical and organisational measures, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of natural persons, in order to ensure a level of protection appropriate to the risk.
The measures include, in particular, ensuring the confidentiality, integrity and availability of data by controlling physical access to the data, as well as access to, input, disclosure, ensuring availability and segregation of the data. We also have procedures in place to ensure the exercise of data subjects’ rights, deletion of data and response to data compromise. Furthermore, we already take the protection of Personal Data into account during the development and selection of hardware, software and procedures, in accordance with the principle of data protection through technology design and through data protection-friendly default settings.
Databases or data sets that include Personal Data may be breached inadvertently or through wrongful intrusion. Upon becoming aware of a data breach, we will notify all affected individuals whose Personal Data may have been compromised, and the notice will be accompanied by a description of action being taken to reconcile any damage as a result of the data breach. Notices will be provided as expeditiously as possible after which the breach was discovered.
If, in the course of our processing, we disclose data to other persons and companies, transmit it to them or otherwise grant them access to the data, this will only be done on the basis of a legal permission (e.g. if a transmission of the data to third parties, such as to payment service providers, is necessary for the performance of the contract, you have consented, a legal obligation provides for this or on the basis of our legitimate interests (e.g. when using agents, web hosts, etc.). If we commission third parties to process data on the basis of a so-called “processing agreement”.
If we process data in a third country (i.e., outside the UK or the European Economic Area (EEA)) or if this is done in the context of using third-party services or disclosing or transferring data to third parties, this is only done if it is done in order to fulfil our (pre-)contractual obligations, on the basis of your consent, due to a legal obligation or on the basis of our legitimate interests. Subject to legal or contractual permissions, we only process or allow the processing of data in a third country if the special requirements of Art. 44 ff. GDPR are met. This means, for example, that the processing is carried out on the basis of special guarantees, such as the officially recognised determination of a level of data protection corresponding to that of UK or the European Union or compliance with officially recognised special contractual obligations (so-called “standard contractual clauses”).
Please contact us at any time with questions and suggestions regarding data protection and to enforce your rights as a data subject.
Further, have the right to make a complaint to a data protection supervisory authority at any time.
In the event that you wish to make a Data Subject Access Request, you may inform us in writing of the same using info@electway.co.uk.
We will respond to requests regarding access and correction as soon as reasonably possible. Should we not be able to respond to your request within thirty (30) days after receiving your request, we will inform you in writing within thirty (30) days of the time by which we will be able to respond to your request. If we are unable to provide you with any Personal Data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the respective legal regulations mentioned above).
Cookies” are small files that are stored on your device. Different information can be stored within the cookies. We may use temporary and permanent cookies and will explain this in our Cookie Policy. The legal basis for the use of cookies is either your consent or our legitimate interest.
The data processed by us will be deleted or its processing restricted in accordance with the DPA and GDPR. Unless expressly stated in this data protection declaration, the data stored by us will be deleted as soon as it is no longer required for its intended purpose and the deletion does not conflict with any statutory retention obligations. If the data is not deleted because it is required for other and legally permissible purposes, its processing will be restricted i.e., the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law.
As a matter of principle, we do not process special categories of Personal Data, unless these are components of commissioned processing. The purpose of the processing is the provision of contractual services, billing, and our customer service. We process data that is necessary for the justification and fulfilment of contractual services and point out the necessity of their disclosure. Disclosure to external parties only takes place if it is necessary in the context of the service
When processing the data provided to us within the scope of providing our services, we act in accordance with the instructions of the client as well as the legal requirements of processing and do not process the data for any other purposes than those specified in the service.
We delete the data after the expiry of statutory warranty and comparable obligations. The necessity of storing the data is reviewed every three years; in the case of statutory archiving obligations, the deletion takes place after their expiry (6 years).
In the case of data disclosed to us by the user within the scope of the service, we delete the data in accordance with the specifications of the service, in principle after the end of the service.
When contacting us (e.g., via e-mail, phone, or social media), the user’s details are processed for the purpose of handling the request and its processing. The user’s details may be stored in a customer relationship management system or comparable enquiry organisation. We delete the enquiries if they are no longer necessary. We review the necessity every two years; furthermore, the legal archiving obligations apply.
We do not sell Personal Data to third parties.
We are present on social media on the basis of our legitimate interest. If you contact us via social media platforms, you should note that the chat history can neither be deleted by us nor by you. And that, in accordance with the DPA and the GDPR, the relevant social media platform and we are jointly responsible for the processing of your data and enter into a so-called joint controller agreement. A Joint Controller Agreement itself is very legalistic and lengthy, but in a nutshell, it clarifies how the jointly responsible parties will fulfil the obligations arising from data protection laws that are applicable to them. The legal basis for the use of the relevant social media platform is our legitimate interest, your consent or, in the case of a (pre) contractual relationship with us, the initiation of a contractual service, if any.
Our services are restricted to users who are 18 years of age or older. We do not knowingly collect personal information from anyone under the age of 18. If you suspect that a user is under the age of 18, please contact us.
Because we’re always looking for new and innovative ways to improve our website and services, this policy may change over time. We will notify you before any material changes take effect so that you have time to review the changes.
If you have any questions or comments about our Privacy Policy or wish to exercise your rights under applicable laws, please contact us using info@electway.co.uk.
This Privacy Policy was last updated on Thursday, 16 February 2023