PRIVACY POLICY

Legal

CML is the trading name of Customs Management Limited, which is incorporated in the United Kingdom under company number 13276234. Registered office: Customs Management Limited, Rithe End, The DRive, Bosham PO18 8JG.

Privacy

CML take your privacy very seriously and in compliance with Data Protection Act 2018 and the General Data Protection Regulations is committed to ensuring that your data and privacy is protected. Should we ask you to provide certain information by which you can be identified when interacting with us, you can be assured that it will only be used in accordance with this privacy statement. CML is a data controller (referred to in this policy as ‘we’ or ‘us’) for data we collect through our website, when you make an enquiry. We are the data processor for the data we use in our relationships with our clients and whilst this data is mainly for business purposes and processing, we recognise that we will still be making use of personal data of the employees or business contacts with each client. We may change this policy from time to time by updating this page. You should check this page periodically to ensure that you are happy with any changes. This policy was last updated September 2022.

 

Data Collection

Personal data

CML offer administrative customs, customs advice/consultancy, data transformation and implementation services, and to provide you with these services we may collect personal information which we receive when you:

  • Register or enquire of our services

  • Download a report

  • Join our mailing list

  • Contact us or use our website

The data we may collect from you includes:

  • Your personal details, which include your email address, phone number, company, job title and industry

  • Your account login details, such as your username and the password that you have chosen

  • Information about your online browsing behaviour on our website

  • Information about any devices you have used to access our website (including the make, model and operating system, IP address, the address of the web site from which you linked, browser type and mobile device identifiers etc)

  • HTTP protocol elements (your server address and top-level domain name (e.g. .com, .gov etc), date and time of visit, etc)

  • Search terms

Why we collect personal data

Data we use is collected directly from you and is collected for the purposes of:

  • Fulfilling our contractual services with you

  • To provide you with services that you may request from us

  • For our legitimate interests in making you aware of areas that may be of interest to you or the let you know about other product and services offered

  • To provide you with updates when subscribing to our mailing list

  • For website and system administration

  • For research and development

For our web users we collect data for statistical purposes only (e.g. to measure the use/performance of the site) except in the event of a security breach when they could be used for tracing the breach. No information gathered from web logs is given or sold to any third party.

Any personal information that you provide to us will only be used for the purpose stated at the time we request it. This information will not be disclosed to a third party except where authorised by you or as otherwise permitted by the Data Protection Act and the General Data Protection Regulations.

How long we retain your personal data

We will retain a record of your personal information. This is done to provide you with a high quality and consistent service. We will always retain your personal information in accordance with law and regulation and never retain your information for longer than is necessary.

 

Data security

We are committed to ensuring that your personal information is secure and protecting it from being inappropriately or accidentally accessed, used, shared or destroyed, and against it being lost.

In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online and in paper form and only provide access to your data to staff who require it.

We use Squarespace security to keep our website data secure. Squarespace collect the IP address of visitors, user ID of logged in users, and username of login attempts are conditionally logged to check for malicious activity and to protect the site from specific kinds of attacks. Examples of conditions when logging occurs include login attempts, log out requests, requests for suspicious URLs, changes to site content, and password updates.

This site is scanned for potential malware and vulnerabilities. and is part of a network of sites that protect against distributed brute force attacks. To enable this protection, the IP address of visitors attempting to log into the site is shared with a service provided by Squarespace.com. For privacy policy details, please see the Squarespace privacy policy (https://www.squarespace.com/privacy ).

International data transfers

In our normal business activities, we share data outside the EEA both within our own Group companies and for the purposes of providing you with our services.

Any data transferred outside the EEA will potentially be processed in countries that are not deemed as safe territories within the Data Privacy legislation so CustomsTrack Limited will only undertake these transfers to companies that have accepted our terms of business, which documents their data protection responsibilities and where we consider appropriate safeguards and security measures are in existence or where we have consent from you.

 

Cookies and similar technologies

A cookie (or such similar technology) is a text file containing small amounts of information that may be stored on your computer or mobile device ("terminal equipment”). For example, such technologies can be used by websites to: 

·       Identify visitors

·       Enable the website to function efficiently

·       Personalize content

·       Permit online behavioural target advertising

Similar technologies include pixels, tags, local storage, and device fingerprinting.

In the EU, UK & Switzerland, cookie laws are currently governed by the E-Privacy Directive. The cookie laws in these countries require website owners to take certain steps before dropping non-essential cookies on EU visitors. Websites that drop non-essential cookies must, through the use of a cookie banner, take the following minimum steps:

1.      Provide clear and comprehensive information regarding the website’s cookie usage.

2.      Display that information prominently so visitors can easily access it.

3.      Obtain consent from the website visitor to drop the non-essential cookies.

The GDPR changed the concept of consent required from visitors. Before the GDPR, websites relied on implied consent, where continued use of the website was considered sufficient consent to drop non-essential cookies. Now, unambiguous consent is required, meaning the visitor must provide “clear affirmative action consent” to the use of non-essential cookies. You must obtain affirmative consent before placing non-essential cookies on visitors' devices. The website must also allow the visitor to manage their cookies preferences.

 

CustomsTrack Limited do does not drop non-essential cookies and at present do not have, nor are required to have, a cookie banner. Should CustomsTrack Ltd change its Cookie Policy we will introduce cookie banners in a manner that meets EU, UK & Switzerland’s’ policies.

For more information on cookies and similar technologies, see the UK’s Information Commissioner’s Office recent and detailed guidance on cookies and similar technologies.

 

Sharing your data with third parties

Access to your personal information is only allowed when required by the law or is required as part our fulfilling our service obligations. We do not, and will never, sell or share your personal information with other third parties.

For our general data processing activities, we use the following to help us administer and monitor the services we provide:

  • External IT support to ensure our IT and security measures are sufficiently robust to protect your data

  • For database management of our client services

  • For the administration and monitoring of client transactions and maintaining records for compliance purposes

  • For financial accounting

  • To help us share information and administer the services when you subscribe to our mailing list

General

Links to other sites

We sometimes provide you with links to other websites, but these websites are not under our control. Therefore, we will not be liable to you for any issues arising in connection with their use of your information, the website content or the services offered to you by these websites. We advise you to consult the privacy policy and terms and conditions on each website to see how each supplier may process your information

Access to collected information

It is important that the personal information we hold about you is accurate and current. If you believe that any information, we are holding on you is incorrect or incomplete, please write to or email us as soon as possible. We will promptly correct any information found to be incorrect.

Under certain circumstances, you have rights under the EU General Data Protection Regulation 2016/679 (GDPR) in relation to your personal information. You may have the right to:

  • Access information held about you; your right of access can be exercised in accordance with data protection law

  • Object to us processing or ask us to restrict our processing of your personal information for any of the purposes listed in this policy, at any time

  • Ask us to update and correct any out-of-date or incorrect personal information that we hold about you free of charge

  • Ask us to erase or delete your personal information (in certain circumstances). We will do our best to respond to such requests, but these are subject to certain limitations such as legal requirements

  • Request a transfer of your personal information (in certain circumstances)

If you wish to exercise any of the above rights or to review, verify, correct or question anything detailed in this policy or are unhappy with any aspect of how we use your data please contact us at

  • Email: contactus@customs-mgmt.co.uk

  • Write: Customs Management Ltd, Rithe End, The Drive, Bosham PO18 8JG

You also have the right to make a complaint at any time to the UK’s Information Commissioner Office (ICO), the supervisory authority for data protection issues (https://ico.org.uk ). We would, however, appreciate the chance to deal with your concerns before you approach the ICO, so please contact us in the first instance.

Changes to our privacy policy

We may occasionally update this policy. If we make significant changes, we will notify you of the changes through the CML website or apps or through others means, such as email. To the extent permitted under applicable law, by using our services after such notice, you consent to our updates to this policy.

We encourage you to periodically review this policy for the latest information on our privacy practices.