HPAs personal data handling policy and procedures have been developed in line with the requirements the General Data Protection Regulation and applicable national law.
What personal data do we collect?
We collect and process personal data about you when you interact with us. The personal data we process includes:
- work address, email address and/or phone number;
- payment and delivery details, including billing and delivery addresses
- personal data related to the browser or device you use to access our website;
- internet browser and operating system;
- any other personal data you provide.
How do we use this personal data?
We process the personal data collected for the following purposes:
- to establish and fulfill a contract with you.
- to comply with applicable law and regulation;
- we may use information you provide to personalise our communications to you
- to monitor use of our websites and online services
- we may monitor any customer account to prevent, investigate and/or report fraud, terrorism, or other crime.
- we may use your information to invite you to take part in market research or surveys.
- We may also send you direct marketing in relation to relevant products and services.
Will we share your personal data?
- We may share your personal data with the following third parties:
- our professional advisors such as our auditors and external legal and financial advisors;
- our suppliers, business partners and sub-contractors; and/or
- search engine and web analytics.
- Personal data may be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if needed for the legal protection of our legitimate interests in compliance with applicable laws.
How long will you keep my personal data?
We will not keep your personal data for any purpose longer than necessary to fulfil the original or a compatible purpose.
Where you are a customer, we will keep your personal data for the length of any contractual relationship you have with us and after that for a period of up to 3 years.
Where you are a prospective customer, we will only retain your personal data for this purpose (a) until you unsubscribe from our communications; or, if you have not unsubscribed, (b) while you interact with us and our content; or (c) for 2 years from when you last interacted with us or our content.
What are my rights in relation to my personal data?
You have the right to ask us not to process your personal data for marketing purposes. You can exercise your right to prevent such processing by contacting us.
Where you have consented to us using your personal data, you can withdraw that consent at any time.
If the information we hold about you is inaccurate or incomplete, you can notify us and ask us to correct or supplement it.
You also have the right, with some exceptions and qualifications, to ask us to provide a copy of any personal data we hold about you.
If you have a complaint about how we have handled your personal data, you may be able to ask us to restrict how we use your personal data while your complaint is resolved.
In some circumstances you can ask us to erase your personal data (a) by withdrawing your consent for us to use it; (b) if it is no longer necessary for us to use your personal data; (c) if you object to the use of your personal data and we don't have a good reason to continue to use it; or (d) if we haven't handled your personal data in accordance with our obligations.
Download our brochure
Find out more about how ISO management system standards can benefit your company.