Our projects Xmas4Schools & Mugs4Schools collect information to process orders. In the first instance this starts with collecting and storing information surrounding the organiser of the project, their contact details and the school or nursery address. The exact details we collect and store are:
Full Name, Contact Telephone Number, Email Address, School/Delivery Address, Project Dates, Notes surrounding the job – i.e. phone conversations with specific operational instructions.
When X4S & M4S orders are received, we will collect and store the following:
Childs Name, Child’s Class, School Name, Parents Name, Contact Telephone, Email Address, Order Quantities, Order Image
No other data is collected or stored.
Data is collected via telephone, email and the use of a paper order form. Data is stored on an in house secure server that is maintained to the highest standards by MPR-IT and Hewlett Packard. The storage is remotely backed up with snapshot images of the data being taken every 24 hours. Our server is protected by SSL and external firewalls with all unused ports shutdown to prevent server attacks.
We collect data to process printed orders.
Specific job data is held for a period of 6x months before being erased from our servers.
Organisation details are held for a period of 12x months before being erased from our servers – where there is communication with an organisation within this period, our systems are set up to retain this information.
Physical security – where the server is located it is protected by coded alarm and CCTV systems.
We control and process data.
We will not sell or disclose your data without prior consent - When data is shared to an authorised party, it will be encrypted by way of password and sent via our SSL secured server.
As an organisation, we choose to outsource our data entry. To ensure the security of data we have built a secure system that displays only one record at a time to the input clerk, this stops harvesting of data. It is also not possible to download lists of data by using this system. Where we use external data input companies, we have signed non-disclosure agreements and identification for the companies data protection officer.
Since incorporation in 2001 we have not experienced a data breach. We review our data protection policy annually to ensure we do everything in our power to reduce the possibilities of a data breach.
In the event of a data breach we will within 7 working days from awareness of the breach, contact all parties involved in the breach explaining what data has been compromised. We have 24hr IT support ready to assist in securing a potential breach.
The only data collected is for participants or interested parties in one of our schools projects, or for persons who have already expressed an interest or are already customers of the company. This data is all given in person either over the phone or using an online form. None of this data is shared with any other organisation and is not used for any other purpose than necessary contact relating to business in progress.
You have the right to a copy of the personal data we hold about you. This can be requested formally via a Subject Access Request by writing to: Board of Directors, Print Junction, Cobbs Wood House, Cobbs Wood Industrial Estate, Ashford, Kent, TN23 1EP . Please note that there is a fee of £10 which must be included with your request. Upon receipt of this, our company will respond within 40 days in line with ICO Regulations.
Any person whose data we store has the right to request erasure. The request for erasure can be made over the phone, via email or in person. All valid requests for erasure will be processed within 7 days of the request. Such data will be permanently deleted from our records.
The Nature of Personal Data
Child’s Name, Child’s Class, School Name, Parent’s Name, Parent’s Email, Order Quantities
The purposes for which the data is intended to be processed
The data collected is only processed in relation to the orders already placed for personalised printed products
The period during which the data is intended to be processed
The data is only processed during the period during which data entry takes place and the order is being fulfilled
The country or territory of origin of the information contained in the data
The country or territory of final destination of the information
Security Measures Taken in Data Transfer / Sharing
Transfer can proceed from the UK to the third country in compliance with the eighth principle.
We may take the following information about you:
1. Data about your use of our website including information about your visits such as the pages you viewed and the resources that you accessed. This information includes traffic data, location data and other communication information.
2. Information you give us voluntarily. So, when you register with us for information, or purchase a product.
3. Data you provide when you communicate with us in any way.
We might collect data about your overall internet use by using cookies. Where we use these, cookies are downloaded to your computer and stored on your computer’s hard drive. This data does not identify you personally. It is purely statistical. This data does not identify any of your personal details at all.
You are free to change the settings on your computer at any time to stop any cookies if you want to. This is easily done by activating the reject cookies setting on your computer. If you carry on using our website without making this adjustment, we will assume that you agree to receive all cookies on our website.
We use the data collected from you to provide our services to you. We may also use the information for the following purposes:
1. To give you information you request from us about our products or services.
2. To give you information about other products that you may be interested in. Such information will only be provided where you have agreed to receive it.
3. To tell you about any changes to our services, products or website.
If you have purchased goods or services from us, we may give you details of related products or services, that you may be interested in.
Where you have agreed, we may allow selected third parties the use of your information to provide you with information about unrelated products and services that we think may be of interest to you. Where such agreement has been given it can be withdrawn by you whenever you wish.
By providing us with your personal information, you consent to this transfer, storing or processing. We do our best to make sure that all reasonable steps are taken to store your information securely.
Unfortunately sending information via the internet is never totally secure and sometimes this information can be intercepted. We can’t guarantee the complete security of information that you choose to send us in this way. Sending us this data is at your own risk.
1. In the event that we sell any or all of our business.
2. Where we are legally required to disclose your personal data.
3. To assist with fraud protection.
In accordance with the Data Protection Act 1998 you have the right to access any data we hold relating to you. We reserve the right to charge a fee of GBP 10.00 to cover the costs of providing you with this information.
Further steps to protect Data
We take data protection seriously and review our systems annually.