Gorringe’s is committed to ensuring that your privacy is protected. Should we ask you to provide certain information by which you can be identified when using this website, then you can be assured that it will only be used in accordance with this privacy statement.
Gorringe’s may change this policy from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from May 2018 and has been updated in accordance with GDPR compliance processes.
What we collect
We may collect the following information:
- Contact information including email address
- Demographic information such as postcode, preferences and interests
- To obtain a copy of the information we hold about you, please email firstname.lastname@example.org
We may also collect general user tracking information related to our website use using Google Analytics (see below). This information is collected and stored whenever a request is made for any page or image on our servers. This information can be analysed and presented in the aggregate or organized by user sessions.
What we do with the information we gather
We require this information to understand your needs and provide you with a better service, and in particular for the following reasons:
- Internal record keeping.
- We may use the information to improve our services.
- We may periodically send promotional emails about our Auctions, specific lots or other information which we think you may find interesting using the email address which you have provided.
- From time to time, we may also use your information to contact you for market research purposes. We may contact you by email, phone, or mail. We may use the information to customise the website according to your interests.
- We may use general tracking information (generated by Google Analytics, see below) for analysis and reporting on site activity. For example, we may want to know how long the average user spends on our site, or which pages or features get the most attention. This information is used to analyse the success of our website, i.e. to gauge the popularity of one feature or offering over another, or on our ability to understand how people use our website. Tracking and aggregating usage information will allow us to develop this understanding.
A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. NOTE This may prevent you from taking full advantage of the website as it will NOT work correctly.
Controlling your personal information
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. We may use your personal information to send you newsletters, information you may be interested in and notification of upcoming sales.
Online Payment and Live Bidding Security
PCI DSS (Payment Card Industry Data Security Standards) is the most rigorous standard in the payment industry today. PCI DSS standards are enforced by VISA, MasterCard and the banks and specify the technical aspects of a payment service as well as operational policies and procedures. Gorringe’s are working with AIB, WorldPay, the_saleroom, Bidlogix , Invaluable to ensure that all these security obligations are being fulfilled and your data is as safe as can be.
How we keep our systems secure
We have security measures in place to protect the loss, misuse and alteration of the information under our control. These security measures include firewalls, data backup procedures and where appropriate, encryption and secure internet transactions. Despite these measures, "perfect security" on the internet does not exist.
Storage of your personal data
We will only keep your personal data for as long as we need to in order to fulfil the relevant purpose(s) it was collected, as set out above in this Notice, and for as long as we are required to keep it for legal purposes. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this policy.
Data Subjects' rights
Data protection laws provide data subjects with the following rights, (subject to certain exemptions and conditions in some cases) to:
- request access to their personal information (commonly known as a “data subject access request”). This enables them to receive a copy of the personal information we hold about them and to check that we are lawfully processing it;
- request correction of the personal information that we hold about them. This enables them to have any incomplete or inaccurate information we hold about them corrected;
- request erasure of their personal information. This enables them to ask us to delete or remove personal information where there is no good reason for us continuing to process it. Data subjects also have the right to ask us to delete or remove their personal information where they have exercised their right to object to processing (see below);
- request the restriction of processing of their personal information. This enables them to ask us to suspend the processing of personal information about them, for example if they want us to establish its accuracy or the reason for processing it;
- request a copy of their personal information which they have provided to us, in a structured, commonly used and machine-readable format and the right to transfer it, or to require us to transfer it directly, to another controller; and
- complain to the supervisory authority, which in the United Kingdom is the Information Commissioner’s Office.
Data subjects also have the right to object to the processing of their personal information where we are relying on a legitimate interest (or those of a third party) and there is something about their particular situation which makes them want to object to processing on this ground. They also have the right to object where we are processing their personal information for direct marketing purposes.
Data subjects will not have to pay a fee to access their personal information (or to exercise any of the other rights above). However, we may charge a reasonable fee if their request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from the data subject to help us confirm their identity and ensure their right to access the information (or to exercise any of their other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
If you have any queries, comments or requests regarding this Policy, or you would like to exercise any of your rights as a data subject set out above, you can contact our Data Protection Officer in the following ways:
- by email to email@example.com
- by telephone at 01273 472503; or
- by post to Data Protection Officer, Gorringes LLP, 15 North Street, Lewes, East Sussex, BN7 2PD.