Echo Structures Ltd is committed to complying with the Data Protection Act and General Protection Data Regulations (GDPR). Safeguarding your personal data is very important to us and we want you to be confident that we process your data in a lawful, fair and transparent manner and that your data is kept securely in line with the requirements of GDPR.
We are the controller of the personal data provided to us for the purposes of applicable data protection legislation. This means it is our responsibility to ensure that the data we collect from you is controlled effectively and is protected at all times.
If you have any questions about the processing of your personal data, please contact us:
• By Post: Echo Structures Ltd., 139 Mungo Park road, Rainham, RM13 7PS
• By Phone: 020 3026 4469
• By Email: firstname.lastname@example.org
We receive, collect and store any information you enter on our website or provide us in any other way.
We may collect, use, store and transfer different kinds of personal data about you:
Contact Data includes data such as your email address, telephone number and correspondence address
Identity Data includes data such as first name, last name, username or similar identifier, date of birth, job title
Technical Data includes data such as internet protocol (IP) address, your login data, browser type and version, cookies, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our websites and any communications we may send to you.
Usage Data includes information about how you use our websites such as information about your visit to our site, including the full Uniform Resource Locators (URL) clickstream to and through, pages you viewed or searches you made, page response times, download errors, length of visit, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
Marketing Data includes your preferences in receiving marketing information
How we collect data?
From time to time you may provide to us personal data. This may be because:
You access and interact with any of our websites;
You purchase or enquire about purchasing products from us
You or your employer provide services to us;
You apply to work with us as an employee;
You provide feedback or reviews to us, respond to a survey or questionnaire;
You otherwise contact us including with queries, comments or complaints.
All personal data that you provide to us must be true, complete and accurate. If you provide us with inaccurate or false data, and we suspect or identify fraud, we will record this and we may also report this to the appropriate authorities.
When you contact us by email or post, we may keep a record of the correspondence and we may also record any telephone call we have with you.
Why we collect data?
We collect such Non-personal and Personal Information for the following purposes:
To provide and operate the Services;
To provide our Users with ongoing customer assistance and technical support;
To be able to contact our Visitors and Users with general or personalized service-related notices and promotional messages;
To create aggregated statistical data and other aggregated and/or inferred Non-personal Information, which we or our business partners may use to provide and improve our respective services;
To comply with any applicable laws and regulations.
Data Processors – Third Parties
We may on occasions share your information with third parties for the purposes of offering you the services in question or operating the business. Where we share your information we will take all reasonable care to ensure your data is handled in accordance with the GDPR and will make due diligence checks on the third parties in question. Some examples of the categories of third parties with whom we share your data are;
Government Agencies and Departments
Credit Reference Providers
Any other company to enable the performance of a contract between the parties
We will only share the information that is required in order to carry out the service provided.
Data we receive from others
If we reasonably believe that any of the personal data you have provided to us is inaccurate, we may receive further personal data from third parties, such as Companies House, credit reference agencies and the electoral register, confirming or otherwise, your identity.
We may also receive personal data about you from our third party service providers, including our payment service providers, and our analytic service providers.
If you apply to work with us, we may also receive personal data from your references.
Storage of Data
Your data may be stored electronically or in hard copy or both. Echo Structures Ltd. will take physical and technical measures to ensure the security, integrity and confidentiality of your data in the following manner;
Confidentiality means only those persons or organisations that need to know and are authorised can access and use your data.
Integrity means that we will endeavour to ensure all data is accurate and suitable for the purpose for which it is processed.
Security means that we will either password protect and or encrypt electronic data as appropriate and securely store hard copy documents in locked filing systems.
Our company is hosted on the Wix.com platform. Wix.com provides us with the online platform that allows us to sell our products and services to you. Your data may be stored through Wix.com’s data storage, databases and the general Wix.com applications. They store your data on secure servers behind a firewall.
All direct payment gateways offered by Wix.com and used by our company adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. PCI-DSS requirements help ensure the secure handling of credit card information by our store and its service providers.
Retention of Data
In accordance with GDPR requirements Echo Structures Ltd. will not retain your personal information for any longer than necessary. In deciding the retention period we will take into consideration the nature for which the information was collected and needs to be processed and contractual or legal requirements or if we believe there may be a need to bring or defend a legal claim. The length of time will be 7 years and for the purposes of performing a deed will be 13 years.
We shall process your personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage. In particular, access is restricted to employees who need to know your personal data, and we use appropriate password protection and appropriate strong encryption electronic measures within our electronic data management systems.
However, unfortunately, because of the nature of electronic storage, we cannot promise that your personal data or any other data you provide to us will always remain secure. If there is a security breach, we will do all that we can as soon as we can to stop the breach and minimise the loss of any data.
You may consent to receive marketing email messages from us about our websites and our services and business generally. You can choose to no longer receive marketing emails from us by contacting us or clicking unsubscribe from a marketing email. Please note that it may take us a few days to update our records to reflect your request.
If you ask us to remove you from our marketing list, we shall keep a record of your name and email address to ensure that we do not send to you marketing information. If you still have an account with us, we shall continue to email you in relation to your account only.
You have a number of rights under applicable data protection legislation. Further information is available on your rights, and the GDPR in general, from the Information Commission Office Website, www.ico.org.uk.
Right of access: You have the right to obtain from us a copy of the personal data that we hold for you.
Right to rectification: You can require us to correct errors in the personal data that we process for you if it is inaccurate, incomplete or out of date.
Right to portability: You can request that we transfer your personal data to another service provider if you initially provided consent for us to use the personal data or where we used the personal data to perform a contract with you.
Right to restrict or object to processing: In certain circumstances, you have the right to require that we restrict the processing of your personal information if you believe our processing impacts on your fundamental rights and freedoms. However, we may demonstrate that we have legitimate grounds to process your personal data not withstanding your rights and freedoms.
Right to be forgotten: You also have the right at any time to require that we delete the personal data that we hold for you, where it is no longer necessary for us to hold it. However, whilst we respect your right to be forgotten, we may still retain your personal data in accordance with applicable laws and when we respond to your request we shall notify you of any specific legal reasons that we have to retain your personal data
Right to stop receiving marketing information: You can ask us to stop sending you information about our products, but we will continue to email you about any order you
Whilst Echo Structures Ltd. will take all reasonable steps to comply with data legislation if it is felt that there is a breach of said legislation an investigation will be launched in a timely manner. If a breach is confirmed we will take the steps necessary according to GDPR.