Privacy Notice

1. PURPOSE OF NOTICE

At C&T Matrix Limited we are committed to protecting the privacy and security of your personal information. This privacy notice aims to inform you on how we collect and process your personal data.

It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data.

C&T Matrix Limited is the data controller in respect of your personal data. We are required under data protection legislation to notify you of the information contained in this privacy notice.


C&T Matrix Limited are part of the Synnovia group of companies.

2. WEBSITE AND THIRD-PARTY LINKS

Our website uses cookies and may include links to third party websites and applications, which may also use cookies. Clicking on those links or enabling those connections may allow third parties to collect or share data about you.

We do not control these third-party websites or applications and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy notice of every third-party website you visit.

3. DATA WE COLLECT

Personal Data

"Personal data", or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).


Categories of Data

We will collect and process the following categories of personal data:

Identity Data including personal details such as name and job title, company name.

Contact Data including personal contact details, addresses, telephone numbers, and email addresses.

Financial Data including bank account details, your debit or credit card information, your credit rating information (which we acquire from credit reference agencies) and other banking information.

Technical Data includes internet protocol (IP) address, your login data for online ordering, browser type and version, time zone setting and location, operating system and platform. 

Transaction Data including your billing history and products and services you use and anything else relating to your account.

Profile Data including information you provide to us in your communications with us, including, for example, information you provide to us when participating in market or product surveys and information on how you use our products and services, the industry or industries you or your company are engaged in and the products or services you enquire about or purchase from us.
Marketing and Communications Data including your preferences in receiving marketing information from us and our third parties and your communication preferences.

We will only collect personal data which is relevant in the context of our relationship with you.


Special Categories of Personal Data

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences. 


Failure to provide Data

Where we need to collect personal data by law or under the terms of our contract (or proposed contract) to provide products or services to you and you fail to provide that data when requested, we may not be able to perform the contract we have, or are trying to enter into, with you. In such event, we may have to terminate the contract (or any negotiations in relation to a proposed contract) but we will notify you if this is the case at the time.


Change of Data

It is important that personal data we hold about you is accurate and up to date and we ask you to keep us informed if your personal data changes during your relationship with us.

4. HOW WE COLLECT YOUR DATA

We collect data from and about you in different ways including through:

Direct Interaction

You may give us your personal data when you use our website, purchase our products or use our services, become a supplier or during the sales process or in the course of our providing products and services to you throughout the period of your contract with us.


Automated technologies or interactions 

As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, and other similar technologies. 


Third Parties or Publicly Available Sources

We may receive personal data and additional information from third parties including credit reference agencies or other background agencies and business directories and public sources such as Companies House.

5. HOW WE USE YOUR DATA


Legal Basis

We will only use your personal data for a particular reason and where there is a legal basis to do so.

We will use your personal data in the following circumstances in particular:

  • Where we need to perform a contract we have entered into with you or are taking steps to enter into with you.

  • Where we need to comply with a legal or regulatory obligation or are required to do so by law.

  • Where you have consented to such use.

  • Where it is necessary for the purposes of our own legitimate business interests (or those of a relevant third party) and your interests and fundamental rights do not override those interests. 


Marketing and Advertising
 

We will only use your personal data to determine which products, services or offers we think you may want or need or that may be of interest to you.

You will receive marketing messages from us if you have requested information, or purchased products or services, from us and you have not opted out of receiving such messages.


Opting Out

You can ask us to stop sending you marketing messages at any time by contacting us at any time using the details below.

Where you opt out of receiving these marketing messages, this will not apply to personal data already provided to us as a result of a product/service purchase, product/service experience or other commercial transaction.


Cookies

As previously indicated, our website uses cookies, which allows us to distinguish you from other users of the website. This helps us to improve the website and provide you with as worthwhile and relevant an experience as we can when you browse the website.

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of our website may become inaccessible or not function properly.

6. DATA SHARING


Sharing Personal Data with Third Parties

We may share your personal data with third parties where required by law, or where it is necessary to perform our contract with you or where we have a legitimate business interest in doing so.

"Third parties" may include third party service providers, being parties, for example, which provide software, technical or professional services to us, and may also include other members of the Synnovia group, for example as part of a sales or project process or fulfilling our contract with you.

Any third-party service provider with whom your personal data has been shared will be required to take appropriate security measures to protect such data in line with our policies and the law and to process your personal data only for specified lawful purposes in accordance with our instructions and not for their own purposes.

Transfer outside the EU

We will not transfer your personal data outside the EU without your consent and then only on terms approved by us.

7. DATA SECURITY

Security Breach

We have put in place appropriate security measures to prevent personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed and to deal with any suspected data security breach.

We will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

Limiting Access

We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and will be subject to a duty of confidentiality.

8. DATA RETENTION


Length of Retention

We will only retain your personal data for as long as is necessary to fulfil the purposes it was collected for, including the purposes of satisfying any legal, accounting, or reporting requirements.

By law, for example, we are required for tax purposes to keep certain information about our customers (including Contact, Identity, Financial and Transaction Data) for a period of time after they cease being customers.

Determination of Retention Period

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of your personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purpose for which such data is being processed and any applicable legal requirements.

9. YOUR RIGHTS IN CONNECTION WITH DATA


Access, Correction, Erasure and other Rights

By law you have the right in certain circumstances to:

  • Request access to your personal data (commonly known as a "data subject access request"). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.

  • Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected if it is wrong.

  • Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no lawful reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to the data being processed (see below).

  • Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and your particular circumstances justify your objecting to processing on this ground.

  • Request the restriction of processing of your personal data. This enables you to ask us to suspend the processing of personal data about you, for example, if you want us to establish its accuracy or the lawful basis for processing it.

  • Request the transfer of your personal data to another party.

Procedure

If you wish to exercise any of these rights, please contact our Data Protection Manager in writing

No Fee Usually Required

You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances. 

What we may need from you 

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Time limit to respond 

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

10. WITHDRAWAL OF CONSENT

In those circumstances where you have provided your consent to the collection, processing and transfer of your personal data for a particular purpose, you have the right to withdraw your consent for that specific processing at any time.  To withdraw your consent, please notify our Data Protection Manager in writing.

Once we have received notification that you have withdrawn your consent, we will no longer process your data for the purpose you originally agreed to, unless there remains another lawful basis for doing so.

11. DATA PROTECTION MANAGER AND QUESTIONS

Details and Contact Information

If you have any questions about this privacy notice or how we handle your personal information, please contact Tracy Myers, our Data Protection Manager, using the contact details below. 

Full name of legal entity: C&T Matrix Limited

Name or title of Data Protection Manager: Tracy Myers

Email address: sales@candtmatrix.com

Postal address : C&T Matrix Ltd, Sanders Road, Wellingborough, NN8 4NL

Telephone number: +44 1933 273444

12. COMPLAINTS

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). However, as we take our obligations seriously in relation to your personal information, we would ask and encourage you to contact us first if you have any issues or concerns so that we may address and try to resolve these before you approach the ICO.

13. EFFECTIVE DATE AND UPDATE


Effective Date

This version is effective 23rd January 2023.


Update

We may change this privacy notice from time to time in order to reflect changes in the law and/or our privacy practices. We encourage you to check this privacy notice for changes when you visit our website.