Carbon Enterprises Ltd. holds personal data on our customers, suppliers and third parties to enable us provide our services. Further information we hold that is not relevant is deleted in an appropriate way.

We only collect, and maintain information we acquire that is appropriate to the service we provide. This document covers the information we retain, process and share relating to the business of our customers, suppliers and third parties. Our aim is to ensure the accuracy and security of any information we retain, as well as its relevance and to ensure that there is no unauthorised access or disclosure we have suitable physical, electronic and managerial procedures in place.

This document details how Carbon Enterprises Ltd. uses the personal data we collect, the type of information we collect, how it is collected and the manner in which it is processed.

EU Regulation 2016/679. The General Data Protection Regulation or GCPR defines personal data as `any information relating to an identifiable person who can be directly or indirectly identified by reference to an identifier`. In its basic form it covers like a persons name, address, phone and email details, in other words any information that enables you to be contacted by another party.

Whilst going about our day to day business information comes to us during face to face conversations, telephone conversations, via the internet or other, pertaining to employees, prices and other provided by our customers, suppliers and service providers.

The types of information we may process includes the following.

- Customer employee details not limited to name, gender, function, contact details and geographicial location.
- Supplier provider employee details not limited to name, gender, function, contact details and geographicial location.
- Service provider employee details not limited to name, gender, function, contact details and geographicial location.
- Company identification not limited to data such as registration numbers VAT numbers etc
- Financial information not limited to banking detail such as IBAN, Sort codes, account numbers and also tax information and credit checks.

Carbon Enterprises does not access or store sensitive personal data on businesses or employees of those businesses.

Purposes for processing personal information

These will depend on the information concerned and the context in which we collect it. Normally we will `collect` personal information from our customers, suppliers and service providers either where we have consent to do so or for the purposes of conducting our day to day business with those entities.

We have controls in place for the purpose of ensuring that data is not lost, misused ,disclosed without authorisation and only accessed, used or shared for specific legal purposes.

Contractural purposes

We hold and use this information when it is necessary for the provision of our services and for our dealings with those who provide services to us.

Legal purposes

We may use information where it is considered necessary in order to comply with the law under judicial request or authorisation or in circumstances of lawful request or instruction by public authorities for the purposes of law enforcement or other.

Legitimate interest

We may gather, store and use personal information when it is necessary for other legitimate purposes such as conducting our business more effectively and efficiently.

Information to be shared with other entities

We will only allow access to information to those who require such access such as UK and overseas entities and individuals that provide services such as domestic and overseas haulage, seafreight, warehousing, insurance and others whose services are required by us to conduct our business effectively and efficiently on a day to day basis. The provision of any such information to other parties is made purely on a need to know basis.

Data retention

Information whether on individuals, or entities will be retained for the period of time that they remain a supplier, customer, provider of services or other to Carbon Enterprises Ltd. and for six years thereafter as applicable by law.

Cookies we use

Cookie Name Cookie Owner Cookie Description
DYNSRV Hosting Provider This cookie is believed to be used for load balancing to manage server traffic demand.
wp-settings-time- WordPress WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
wp-setting- WordPress WordPress also sets a few wp-settings-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
wordpress_test_cookie WordPress WordPress sets this cookie when you navigate to the login page. The cookie is used to check whether your web browser is set to allow, or reject cookies.
wordpress_sec WordPress Essential WordPress session management cookies for logged in users.
wordpress_logged_in WordPress After login, wordpress sets the wordpress_logged_in_[hash] cookie, which indicates when you’re logged in, and who you are, for most interface use.
gdpr_popup Carbon Enterprises Used to detect if the GDPR popup has been shown previously

Data privacy rights

Under data protection rules individuals and entities have rights with regard to information retention.
- The information can be accessed by individuals and/or entities
- Consent to our processing of information can be withdrawn at any time
- Request/s can be made at any time for changes to be made to the information we hold about an individual and/or entity to ensure accuracy
- `Right to be forgotten`. An individual or entity may request us to erase all or part of the information we hold concerning them at any time
- Our processing of held information can be halted or restricted at any time
- A request can be made by an individual or entity to transfer a part or all of the information we hold about them. `Data Portability`

To exercise any of your rights please do so in writing to

The Data Controller,
Carbon Enterprises Ltd.
10 Orchard Way
Esher
Surrey
KT10 9DY
United Kingdom

You have the right to complain to the Information Commissioners office about any aspect of our gathering, using, retention of any information pertaining to an individual or entity, at https://ico.org.uk