This is the Privacy Notice of Reflection X (company number 09036648) whose registered office is at 21 Church Road, Poole, BH14 8UF and Reflection X of 398-2416 Main St, Vancouver BC V5T 3E2, with registered business number: 70869 2090 BC 0002 (both ‘Reflection X’, “Company”, “we”, “our” or “us”) and sets out how we collect and process your personal data.
This Privacy Notice also provides certain information that is legally required and lists your rights in relation to your personal data.
This Privacy Notice relates to personal information that identifies ‘you’ meaning customers or potential customers/individuals/suppliers who use or browse our website and individuals outside our organisation with whom Reflection X interact.
We refer to this information throughout this Privacy Notice as “personal data” and paragraph 3 sets out further detail of what this includes. Please read this Privacy Notice to understand how Reflection X may use your personal data.
If you are an employee, contractor or otherwise engaged in work for us or applying to work for us, a separate privacy notice applies to you instead. This Privacy Notice is not intended for children and we do not knowingly collect personal data relating to children.
This Privacy Notice may vary from time to time so please check it regularly.
2. Contact Details.
2.1 Data controller and contact details
For the purposes of relevant data protection legislation, we are a controller of your personal data and as a controller we use the personal data we hold about you in accordance with this Privacy Notice.
If you wish to correct your personal data held by us or to opt out at any time from receiving marketing correspondence from us or to alter your marketing preferences please contact firstname.lastname@example.org.
If you need to contact us in connection with our use or processing of your personal data, or gain access to it, then our contact details are email@example.com | Reflection X, 21 Church Road, Poole, BH14 8UF and our representative is James Roadnight.
2.2 Data Protection Officer
Our Data Protection Officers are James Roadnight and Richard Orme and you can contact them at firstname.lastname@example.org.
3. Categories of Personal Data and What We Collect.
3.1 The categories of personal data about you that we may collect, use, store, share and transfer are:
We may also create Personal Data about you, for example, if you contact us by telephone to make a complaint, for example about our services or goods, then we may make a written record of key details of the conversation so that we can take steps to address the complaint.
3.2 We also obtain and use certain aggregated data such as statistical or demographic data for any purpose (‘Aggregated Data’). Aggregated Data may be derived from your personal data but does not directly or indirectly reveal your identity. For example, we may aggregate your Information Technology Data to calculate the percentage of users accessing a specific feature on our website. However, if we re-combine or re-connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Notice.
3.3 In addition, we may obtain certain special categories of your data (‘Special Categories of Data’), and this Privacy Notice specifically sets out how we may process these types of personal data. The Special Categories of Data are: (i) personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership; and (ii) the processing of genetic data, biometric data for the purposes of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
4. The Sources From Which We Obtain Your Personal Data.
4.1 We obtain your personal data from the following sources:
4.1.1 Directly from you, either in person (at our locations or otherwise), via our website, apps or by telephone or via hand held PDAs. This could include personal data which you provide when you:
(a) download a piece of content;
(b) register for an event;
(c) subscribe to our communications;
(d) request information on our products or services;
(e) create an account on our website;
(f) place an order for our products or services;
(g) enter into a competition or promotion; and
(h) complete a survey from us or give us feedback
4.1.2 Automated technologies, such as CCTV or other recording systems, cookies, server logs and other similar technologies. We may automatically collect Information Technology Data about your equipment, browsing actions and patterns by using cookies, server logs and other similar technologies. We may also receive Information Technology Data about you if you visit other websites or apps employing our cookies.
4.1.3 Third parties, such as:
(a) analytics providers (such as Google Analytics);
(b) advertising networks (such as Facebook, Linkedin, Google Adwords);
(c) data brokers or aggregators (such as Electric Marketing and DiscoverOrg)
(d) providers of social media platforms (such as Facebook, Twitter, LinkedIn, Google+ and Instagram) for example where you share our content through social media, for example by liking us on Facebook, following or tweeting about us on Twitter
4.1.4 Publicly available sources, such as:
(a) Companies House; and
(b) HM Land Registry;
5. How We Use Your Personal Data and Our Basis For Using It.
5.1 Where we are relying on a basis other than consent we may rely on one or more of the following legal bases when processing your personal data. We have set out below the purposes for which we may process your personal data:
5.2 Where we may rely on consent
5.2.1 We would like to use your personal data for a variety of different purposes. For certain of these purposes it is appropriate for us to obtain your prior consent. The legal basis of consent is only used by us in relation to processing that is entirely voluntary – it is not used for processing that is necessary or obligatory in any way. Where we rely on consent, you may at any time withdraw the specific consent you give to our processing your personal data by following the opt-out links on any marketing message sent to you or by contacting us at any time. Please contact us using the contact details set out in paragraph 2.
5.2.2 Please note even if you withdraw consent for us to use your personal data for a particular purpose we may continue to rely on other bases to process your personal data for other purposes.
6. Who Receives Your Personal Data?
We may disclose your personal data to:
7. Personal Data About Other People Which You Provide to Us.
7.1 If you provide personal data to us about someone else (such as one of your directors or employees, or someone with whom you have business dealings) you must ensure that you are entitled to disclose that personal data to us and that, without our taking any further steps, we may collect, use and disclose that personal data as described in this Privacy Notice.
7.2 You must ensure the individual concerned is aware of the various matters detailed in this Privacy Notice, as those matters relate to that individual, including our identity, how to contact us, the way in which we collect and use personal data and our personal data disclosure practices, that individual's right to obtain access to the personal data and make complaints about the handling of the personal data, and the consequences if the personal data is not provided.
8. Accuracy of Your Personal Information.
It is important that the personal data we hold about you is accurate and current and we take all reasonable precautions to ensure that this is the case but we do not undertake to check or verify the accuracy of personal data provided by you. Please keep us informed if your personal data changes during your relationship with us either by logging onto your account on the website or by contacting us. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete personal data that you provide to us.
9. International Transfers of Personal Data.
9.1 It is possible that personal data we collect from you may be transferred, stored and/or processed outside the European Economic Area, specifically in the United States or America and Argentina or by Reflection X Ltd.
In connection with such transfers we shall ensure the following safeguards or reasons applies:
9.1.1 the relevant safeguard in place is the standard data protection contractual clauses between us and the recipient and a copy can be obtained by contacting us using the contact details set out in paragraph 2; or
9.1.2 is made on the basis of an adequacy decision, including that:
(a) the Privacy Shield for transfers to the US;
(b) the European Commission has decided that the relevant non-EU country ensures an adequate level of protection; or
9.1.3 one of the derogations for specific situations in Article 49 GDPR applies to the transfer including for example explicit consent or necessary for the contract.
10. How Long Do We Store Your Personal Data For?
We will store your personal data the time period which is appropriate for the purpose for which the personal data is used. We keep the length of time that we hold your personal data for under review. These reviews take place annually.
11. Contractual or Statutory Requirements on You to Provide Personal Data.
11.1 In certain circumstances the provision of personal data by you is a requirement to comply with the law or a contract, or necessary to enter into a contract.
11.2 It is your choice as to whether you provide us with your personal data necessary to enter into a contract or as part of a contractual requirement. If you do not provide your personal data then the consequences of failing to provide your personal data is that we may not be able to perform to the level you expect under any contract with you. An example of this would be where we are unable to provide you with essential information around the service we offer you or confirmation of event registration as we do not have your full details, or where we cannot perform our contract with you at all because we rely on the personal data you provide in order to do so. Please see our terms and conditions for further details.
12. Your Rights in Relation to Your Personal Data.
Subject to applicable law including relevant data protection laws, in addition to your ability to withdraw any consent you have given to our processing your personal data (see paragraph 5.2), you may have a number of rights in connection with the processing of your personal data, including:
If you would like to exercise any of the rights set out above, please contact us using the contact details set out in paragraph 2.
13. Links to Other Websites.
15th March 2021