Introduction

At UK Business Buddy, we take the privacy and security of your personal data very seriously. We are committed to ensuring that your data is handled in accordance with the General Data Protection Regulation (GDPR) and other relevant UK data protection laws. This GDPR Policy outlines how we collect, use, store, and protect your personal data, as well as your rights regarding the data we hold about you.

Data Controller

UK Business Buddy acts as the Data Controller for the personal information you provide to us. This means we are responsible for determining how your personal data is used and ensuring it is processed in compliance with GDPR.

What Data We Collect

We may collect the following types of personal data:

• Contact Information: Name, email address, phone number, business address
• Business Details: Company name, company registration number, VAT number
• Financial Information: Bank account details for setting up direct debits
• Transaction Data: Details of payments made, products or services purchased
• Technical Data: IP address, browser type, and other data related to your interactions with our website
• Communication Data: Any messages, emails, or calls you have sent to us

How We Use Your Data

We collect and use your personal data for the following purposes:

• To provide you with quotes for fuel cards and utility services
• To fulfil our contract with you, including processing payments and managing your account
• To communicate with you, including responding to your enquiries and providing customer support
• To send marketing and promotional materials, where you have consented
• To comply with legal obligations or to protect our rights and the rights of others

We only collect and use your data where we have a lawful basis to do so, including:

• Performance of a Contract: Processing your data is necessary to provide the services you have requested.
• Consent: Where you have provided consent, such as for marketing communications.
• Legitimate Interests: We may process your data when it is in our legitimate business interests, provided it does not override your rights.
• Legal Obligations: We may be required to process your data to comply with legal obligations.

How We Store and Protect Your Data

We take appropriate measures to ensure that your personal data is securely stored and protected against unauthorised access, alteration, or destruction. These measures include:

• Using secure servers and encryption technology
• Limiting access to personal data to authorised personnel only
• Regularly reviewing and updating our security practices

We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected or to comply with legal requirements.

Sharing Your Data

We do not sell or rent your personal data to third parties. However, we may share your information with:

• Service Providers: Companies that assist us in providing services, such as payment processors, IT support, and utility suppliers.
• Business Partners: Partners involved in delivering the fuel cards or utility services you request.
• Legal Authorities: If required by law or in response to legal proceedings, we may share your data with authorities or regulatory bodies.

International Data Transfers

Where we transfer personal data to countries outside the UK or European Economic Area (EEA), we will ensure appropriate safeguards are in place to protect your data, such as by using standard contractual clauses or transferring to jurisdictions deemed adequate by the UK or EU.

Your GDPR Rights

Under GDPR, you have the following rights regarding your personal data:

• Right to Access: You can request a copy of the personal data we hold about you.
• Right to Rectification: You can ask us to correct any inaccurate or incomplete information.
• Right to Erasure: You can request that we delete your personal data when it is no longer needed or if you withdraw your consent.
• Right to Restrict Processing: You can request that we restrict the processing of your data in certain circumstances.
• Right to Data Portability: You can ask us to transfer your data to another service provider in a structured, machine-readable format.
• Right to Object: You can object to the processing of your personal data in certain situations, such as for direct marketing.
• Right to Withdraw Consent: If you have given consent for us to process your data, you can withdraw it at any time.

To exercise any of these rights, please contact us using the details below. We will respond to your request within one month, as required by law.

Data Breaches

In the unlikely event of a data breach, we will notify you and the relevant supervisory authority without undue delay if the breach is likely to result in a high risk to your rights and freedoms.

Changes to This GDPR Policy

We may update this GDPR Policy from time to time to reflect changes in our data processing practices or legal requirements. We encourage you to review this page regularly for any updates.

Contact Us

If you have any questions about this GDPR Policy or wish to exercise your rights, please contact us at:

UK Business Buddy
Email: info@ukbusinessbuddy.co.uk
Phone:
Address:51 Station Road, Brough, HU151DZ