Pinnacle International Freight Ltd is committed to protecting your privacy and maintaining the security of any personal information received from you. We strictly adhere to the requirements of the data protection legislation in the UK.
The purpose of this statement is to explain to you what personal information we collect and how we may use it.
Your Personal Data is very important to us. We will endeavour to uphold your rights, treat your information with all due respect, and ever work to keep it held securely and in confidence.
We follow strict security procedures in the storage and disclosure of information which you have given us, to prevent unauthorised access in accordance with the UK data protection legislation.
We have sought to present this Privacy Notice in jargon-free plain-English. Some of the definitions below relate to legal concepts, so are provided for your reference. Should you ever have any query, please contact us and we will be happy to help.
We do not collect sensitive information about you except when you specifically knowingly provide it. In order to maintain the accuracy of our database, you can check, update or remove your personal details by sending an email via our contact page.
We use a technology called “cookies” as part of a normal business procedure to track patterns of behaviour of visitors to our site. A cookie is an element of data that our Website sends to your browser which is then stored on your system. You can set your browser to prevent this happening. Any information collected in this way can be used to identify you unless you change your browser settings
Information relating to living, identifiable individuals, such as job applicants, current and former employees, agency, contract and other staff, customers, suppliers and marketing contacts.
Personal Data we gather may include:
● Individuals’ contact details,
● Educational background,
● Financial and pay details,
● Details of certificates and diplomas,
● Education and skills,
● Marital status,
● Job title, and
Special categories of Personal Data:
Sensitive Personal Data shall by definition include:
● Personal Data about an individual’s racial or ethnic origin,
● Political opinions,
● Religious or similar beliefs,
● Trade union membership (or non-membership),
● Physical or mental health or condition,
● Criminal offences, or related proceedings
Any use of sensitive Personal Data should be strictly controlled in accordance with this policy.
The purposes for which Personal Data may be used by us: Personnel, administrative, operational, financial, regulatory, payroll and business development purposes.
Business purposes include the following:
● The legal and lawful delivery of our services
● Compliance with our legal, regulatory and corporate governance obligations and good practice
● Gathering information as part of investigations by regulatory bodies or in connection with legal proceedings or requests
● Ensuring business policies are adhered to (such as policies covering email and internet use)
● Operational reasons, such as recording transactions, training and quality control, ensuring the confidentiality of commercially sensitive information, security vetting, credit scoring and checking
● Investigating complaints
● Checking references, ensuring safe working practices, monitoring and managing staff access to systems and facilities and staff absences, administration and assessments
● Monitoring staff conduct, disciplinary matters
● Marketing our business
● Improving our services
The electronic and physical locations where we store Personal Data.
Our business is the Data Controller for the Personal Data we directly capture from Data Subjects.
Our business acts as a Data Processor for other organisations for whom we deliver services. Similarly, our own subcontractors, and other service providers to whom we entrust Personal Data for the delivery of our services are legally considered our own Data Processors.
This is a legal consideration under data protection legislation. Data Subjects provide Consent for their Personal Data to be used for one or more explicit purposes relevant to the services provided by our business.
A Data Subject is a living, identifiable individual located within the European Union.
Personal Data Breach:
A Personal Data Breach is the unauthorised disclosure of Personal Data into an untrusted environment. One example may be accidentally emailing a spreadsheet containing Personal Data to an unintended recipient.
Who we are:
Where you submit Personal Data to us directly, Pinnacle International Freight Limited is legally obligated as a ‘Data Controller’. In a capacity where we have been provided with your Personal Data by a partner organisation, we are legally obligated as a ‘Data Processor’.
Should you wish to interact with us regarding any query on Personal Data, our contact details are provided below;
Contact: Jonathan Munton Development Director
Telephone: 08456 216111
Address: Pinnacle International Freight Limited, Unit 1 Swannington Road, Broughton Astley, Leicester LE9 6TU
Registration Number: 1059368
How and why we use your Personal Data:
Pinnacle International Freight Limited provides the following types of service:
In order to be able to provide these services to you, we must be able to identify you in some manner, to be able to deliver your service to you specifically.
Where we are capturing your Personal Data to provide a service, we will always seek your Consent in order to do so.
We use your personal information to update you about new products/services. We will not pass your email address to any third party.
Where we are provided with your Personal Data to legally fulfil a service to you that you have requested, we will endeavour to make you aware that we have processed and handled your Personal Data.
This Privacy Notice lays out how we will fulfil our obligations to you in the safe and legal treatment of your Personal Data. Should you have any queries, please contact us at any time using the contact details provided above.
We will never use your Personal Data for a business purpose without your explicit consent. If we require your Personal Data for any other Purpose we will seek you consent prior to undertaking any processing activity. For reference our business will only provide services to individuals aged over 18 years.
We will not transfer your information outside the EEA (European Economic Area) without first obtaining your consent.
Your Personal Data:
It is your responsibility to ensure the Personal Data we hold about you is accurate and up-to-date. Please contact us if you have any queries regarding your Personal Data.
Where you directly contract us to provide a service:
We will only collect the necessary Personal Data to fulfil the service you have requested. Your Personal Data will be retained for no more than 12 months after the required purpose, except where we are bound by other legal obligations to do so.
Where we are provided with your Personal Data to fulfil a service on behalf of a partner:
We will only accept the minimum Personal Data to be able to deliver the service. Your Personal Data will be retained for no longer than 12 months following the delivery of the service. The originating service provider may retain your Personal Data for longer, and you should speak with that party if you have any queries.
Your rights as a Data Subject:
● You have the right to know what Personal Data we hold about you.
● You have the right to request we cease processing your Personal Data.
● You have the right to revoke your consent to your Personal Data being processed (except where necessary to legally delivery a contracted service).
● Your have the right to request we not make decisions about you automatically and can prefer human intervention (where possible).
● Your have the right to request that we not profile you based on your Personal Data without human intervention (where possible).
● You have the right to request we delete all Personal Data we hold about you (where legally we are able to do so).
● You have the right to request a copy of any Personal Data we hold about you, which must be provided to you in a commonly used electronic format.
● You have the right for your Personal Data to be stored and processed securely and have confidence that it will not be disclosed to an unauthorised party.
● You have the right to make a complaint if you are dissatisfied with the how we have honoured your rights.
It must be noted that there is no charge to request information from us. We are only permitted to make a charge if:
● Your request is unfounded.
● Your request is excessive.
● Your requests are repetitive in nature.
Interacting with us regarding your rights:
Making a Subject Access Request;
You have the right to request a copy of the Personal Data we hold about you. This request must be made in writing, by email or post, to the contact details provided above.
We will acknowledge receipt of your request and will respond to the request at the latest within 20 working days from said receipt. When making your request, you must provide all necessary information to support your query, including:
● Your name and contact details
● The reason for your request
● How we can contact you
There are exemptions to Subject Access Requests that may prevent us from honouring your request. This may include the request being overly broad, or your request may infringe the rights of another individual. We will always attempt to honour your request and will fully explain, if we are unable to do so, why, and what can be done to progress the request further.
Your right to receive data in a commonly used electronic format:
Due to the nature of the services we provide, it may be that we are unable to honour all requests. We will always seek to provide you with data that you or your service provide can easily reuse.
Your right to request we restrict processing:
You have the right to request that we restrict processing any Personal Data we hold about you. This request should be made in writing to the contact identified above, stating the reason for your request, and the timeframe required for processing to be restricted. Will will acknowledge your request and respond within 5 working days.
Your right to request the deletion of Personal Data:
You have the right to request that we delete or destroy any Personal Data that we hold on you. This request should be made in writing, by post or email, to the contact identified above. We will acknowledge your request and respond within 5 working days. We may be unable to honour requests that infringe on our other legal obligations, or in relation to a dispute, or where the deletion affects the rights of another party.
Your rights in relation to automated decision making and profiling:
We do not make use of Personal Data for automated decision making or profiling in the delivery of our services to you. If you believe this not to be the case, please contact us.
Making a complaint:
You have the right to make a complaint if we fail to honour your rights. We hope you never have need to complain about our service, however if you do, our business operates a three-stage complaints process, as follows:
1. In the first instance please send in writing, by post or email, your complaint to the contact named above. We will acknowledge receipt of your complaint. You will receive a response within two working days.
2. If we fail to resolve your issue with our response, you may escalate your complaint to our Managing Director. Please indicate in writing, again either by post or email, for your desire for the complain to be escalated. We will acknowledge receipt of your complaint and will respond to you within 5 working days.
3. If you remain dissatisfied with how we have handled your complaint, you have the right to seek redress through the data protection supervisory authority. Please assemble all necessary information and submit your complaint here: http://www.ico.org.uk
Securing your Personal Data:
We undertake comprehensive technical measures to reduce the likelihood your Personal Data will be accessed by an unauthorised party. For security we cannot disclosure all measures undertaken, however we are able to comment that our organisation seeks at all times to comply with (at the very least) the requirements of the following specifications:
• Cyber Essentials
• GDPR Essentials
We will always endeavour to store and process your Personal Data within the geographic confines of the European Economic Area (‘EEA’). If we are unable to do so, we will always ensure that our Data Processors comply with the same or greater level of assurance over use of your Personal Data than ourselves.
In the event of a Personal Data Breach:
As a responsible Data Controller and Data Processor, in the event that Personal Data is disclosed to unauthorised individuals, we will notify you in writing as soon as possible. We take a great number of precautions to prevent this from happening, however should an incident arise we will detail what Personal Data was affected and the steps we are taking to manage the issue going forwards.
Our use of Data Processors:
It is possible that we may entrust your Personal Data to other businesses to help us deliver our service to you. Our business will only operate with partners that adhere to a similar or greater level of assurance than ourselves. When you request a service from us, to legal discharged the contract entered into, we must always assume your Consent for Personal Data to be shared with partners where strictly necessary to do so.
Your feedback is very important to us. Should you have any queries, or desire any clarification regarding this Privacy Notice, please contact us and we will be happy to discuss with you.