DMA Stairlifts – Customer Privacy Notice
Privacy notice for customers
Under data protection law, individuals have a right to be informed about how DMA Stairlifts uses any personal data that we hold about them. We comply with this right by providing ‘privacy notices’ (sometimes called ‘fair processing notices’) to individuals where we are processing their personal data.
This privacy notice explains how we collect, store and use personal data about customers.
We, DMA Stairlifts are the ‘data controller’ for the purposes of data protection law. Our data protection officer is Mike Stutt.
Web browser cookies
Our Site may use ‘cookies’ to enhance Users’ experience. Cookies help us provide a
better service by enabling us to monitor which pages Users find useful and which
they do not. A cookie in no way gives us access to a User’s computer or any
information about a User, other than the data they choose to share with us.
Such information will not identify a User personally. It is used by us to analyse how
visitors interact with the site so that we can continue to develop and improve the
services we offer. All computers have the ability to decline cookies. This can be done
by activating web browser settings. If a User declines cookies, they may be unable to
access particular areas of the site.
The personal data we hold
Personal data that we may collect, use and store about customers includes, but is not restricted to:
- Contact details, contact preferences
- Details of any medical conditions, including physical and mental health
- Details of any products purchased, including service agreements
We use this data to:
- Quickly respond to callouts & breakdowns
- Advise when servicing is due on your lift
- Renewal of service contracts
- Applying for warranty from manufacturers
- Assess the quality of our services
- Comply with the law regarding data sharing
- Comply with the law regarding VAT exemption for disability aids
Our legal basis for using this data
We only collect and use customers’ personal data when the law allows us to. Most commonly, we process it where:
- We need to comply with a legal obligation
- We need it to perform an official task in the public interest
Less commonly, we may also process customers’ personal data in situations where:
- We have obtained consent to use it in a certain way
- We need to protect the individual’s vital interests (or someone else’s interests)
Where we have obtained consent to use customers’ personal data, this consent can be withdrawn at any time. We will make this clear when we ask for consent, and explain how consent can be withdrawn.
Some of the reasons listed above for collecting and using customers’ personal data overlap, and there may be several grounds which justify our use of this data.
Collecting this information
While the majority of information we collect about customers is mandatory, there is some information that can be provided voluntarily.
Whenever we seek to collect information from you, we make it clear whether providing it is mandatory or optional. If it is mandatory, we will explain the possible consequences of not complying.
How we store this data
We keep personal information about customers while they are using our products or services. We may also keep it beyond this time if this is necessary in order to comply with our legal obligations. We hold customer data for the periods of time as stated by HMRC.
Data sharing
We do not share information about customers with any third party without consent unless the law and our policies allow us to do so.
Where it is legally required, or necessary (and it complies with data protection law) we may share personal information about customers with:
- Our local authority – to meet our legal obligations to share certain information with it, such as safeguarding concerns and exclusions
- The customer’s family and representatives
- Suppliers and service providers – to enable them to provide the service we have contracted them for
- Central and local government
- Our auditors
- Health and social welfare organisations
- Professional advisers and consultants
- Police forces, courts, tribunals
Customers’ rights regarding personal data
Individuals have a right to make a ‘subject access request’ to gain access to personal information that we hold about them.
If you make a subject access request, and if we do hold information about you, we will:
- Give you a description of it
- Tell you why we are holding and processing it, and how long we will keep it for
- Explain where we got it from, if not from you
- Tell you who it has been, or will be, shared with
- Let you know whether any automated decision-making is being applied to the data, and any consequences of this
- Give you a copy of the information in an intelligible form
Individuals also have the right for their personal information to be transmitted electronically to another organisation in certain circumstances.
If you would like to make a request please contact our Data Protection Officer.
Other rights
Under data protection law, individuals have certain rights regarding how their personal data is used and kept safe, including the right to:
- Object to the use of personal data if it would cause, or is causing, damage or distress
- Prevent it being used to send direct marketing
- Object to decisions being taken by automated means (by a computer or machine, rather than by a person)
- In certain circumstances, have inaccurate personal data corrected, deleted or destroyed, or Restrict processing
- Claim compensation for damages caused by a breach of the data protection regulations
To exercise any of these rights, please contact our Data Protection Officer.
Complaints
We take any complaints about our collection and use of personal information very seriously.
If you think that our collection or use of personal information is unfair, misleading or inappropriate, or have any other concern about our data processing, please raise this with us in the first instance.
To make a complaint, please contact our Data Protection Officer.
Alternatively, you can make a complaint to the Information Commissioner’s Office:
- Report a concern online at https://ico.org.uk/concerns/
- Call 0303 123 1113
- Or write to: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Contact us
If you have any questions, concerns or would like more information about anything mentioned in this privacy notice, please contact our Data Protection Officer:
Mike Stutt – Manging Director