Version date: 25 March 2024

This privacy policy for Vision Engineering Ltd (‘we’, ‘us’, or ‘our’), describes how and why we might collect, store, use, and/or share (‘process’) your information when you interact with our services (‘Services’), such as when you:

  • Visit our website at visioneng.com, shop.visioneng.co.uk, or any website of ours that links to this privacy policy
  • Engage with us in other related ways, including any sales, customer services, marketing or events

Vision Engineering is the controller of your personal data.

  1. The type of personal information we collect

    The personal information that we collect is dependent on the context of your interactions with us, and the products and features you use. We may collect the following information:

    Personal identifiers, contacts and characteristics, e.g. first and last name, telephone number(s), email address, etc.

    Professional information, e.g. company name, company address, job title etc.

    Technical and usage information, e.g. browser type, time zone and location, how you use our website, products and services etc.

    Marketing and communications information, e.g. your preferences in receiving marketing from us and your communication preferences etc.

    Financial and Transactional information, e.g. details of products and services you have purchased from us and other payment details to and from you etc.

    Unless we inform you otherwise, this personal information must be provided if you wish to use our website, purchase our products or services, or otherwise engage with us. In some circumstances you can choose if you want to give us certain personal information and let us use it. Where that is the case, we will give you the choice before you give the personal information to us. We will also tell you whether declining to share that personal information will impact your use of our website, the provision of the goods or services or have any other relevant implication.

    We do not process any Special Categories of Personal Data about you.

How we process your personal information

Most of the personal information we process is provided to us directly by you for one of the following reasons:

  • Enquiry or purchase about our products or services
  • Account creation
  • Subscription to our marketing services
  • Request marketing to be sent to you
  • Enter a competition, promotion or survey

We also receive personal information indirectly. Interaction with our website may automatically collect device and usage information, language preferences, referring URLs, country, location, information about how and when you use our services and other technical information. This information is primarily needed to maintain the security and operation of our services, and for our internal analytics and reporting purposes.

This data is primarily collected by using cookies, server logs and other similar technologies. Please review our Cookie Policy for further information.

We may also collect limited data from third parties and public sources in order to enhance our ability to provide relevant marketing, offers and services as outlined below:

  • Analytics providers
  • Industry lead generators
  • Webinar providers
  • Search information providers
  • Web and email marketing providers
  • Sales and marketing automation platforms
  • Customer relationship management providers
  • Event ticketing and management providers
  • Payment and delivery providers

How we use your personal information

Personal data will only be used when the law allows us to. We have set out below a description of the ways we plan to use the various categories of your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.

To respond to inquiries/offer support: We may process your personal information to respond to your inquiries and solve any potential issues you might have with the requested service as this will be necessary for the performance of our contract with you and necessary for our legitimate interests (to manage our relationship with you).

To deliver and facilitate delivery of products or services: we may process your personal information because it will be necessary for the performance of our contract with you to provide you with the requested service.

To send administrative information to you: we may process your personal information to send you details about our products and services, changes to our terms and policies, and other similar information on the basis it will be necessary for the performance of our contract with you and necessary for our legitimate interests (to keep our records updated)

To fulfil and manage your orders: we may process your personal information to fulfil and manage your orders, payments, returns and exchanges made through the Services and on the basis this will be necessary for the performance of our contract with you and necessary for our legitimate interests (to recover debts due to us).

To request feedback: we may process your personal information to request feedback and to contact you about your use of our Services because this information is necessary for our legitimate interests (to study how customers use our products/services and to help us improve and develop our products and services).

To send you marketing and promotional communications: we may process the personal information you send to us for our marketing purposes, in line with your marketing preferences. You will receive marketing communications from us if you have requested information from us or purchased goods or services from us and you have not opted out of receiving the marketing. You can opt out of our marketing at any time. We will send you marketing and promotional communications on the basis it is necessary for our legitimate interests (to carry out direct marketing, develop our products/services and grow our business) or we have obtained your prior consent to receiving direct marketing communications

To deliver targeted advertising to you: we may process your personal information to develop and display personalised content and advertising tailored to your interests, location and more because it is necessary for our legitimate interests (to develop our products/services and grow our business) or we have obtained your prior consent to targeted advertising.

To protect our Services and this website: we may process your personal information as part of any troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data because it is necessary for our legitimate interests (for running our business, to keep our Services safe and secure, including fraud monitoring and prevention).

To identify usage trends: we may process information about how you use our Services because it is necessary to protect our legitimate interests (to better understand how we can improve our Services).

To determine the effectiveness of our marketing and promotional campaigns: we may process your information because it is necessary to protect our legitimate interests (to better understand how to provide marketing and promotional campaigns that are most relevant to you and to develop our business).

To save or protect an individual’s vital interest: we may process your information when necessary to save or protect an individual’s vital interest, such as to prevent harm because it is necessary to protect our legitimate interests (preserving the reputation of the business)

Common legal bases as follows:

Performance of a contract: we may process your personal information when we believe it necessary to fulfil our contractual obligations to you, including providing our Services or at your request prior to entering into a contract with you.

Legitimate interests: We may process your information when we believe it is reasonably necessary to achieve our legitimate business interests and those interest do not outweigh your interests and fundamental rights and freedoms.

Legal obligations: We may process your information where we believe it is necessary to for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency.

Consent is generally not relied on as a legal basis for processing your personal data, other than in relation to direct marketing communications. You have the right to withdraw that consent at any time by contacting us.

Unless there is reasonable cause to do so, we will only use your personal data for the purposes for which it was collected. If we need to use your personal data for an unrelated purpose, you will be notified and we will explain our legal basis for doing so.

Disclosure and sharing of your personal information

Internal Third Parties

We may share your information with our affiliates, in which case we will require those affiliates to honour this privacy policy. Affiliates means our parent company, subsidiaries, joint venture partners, or other companies that we directly or indirectly control or that are under common control with us  (Affiliates).

External Third Parties

We may share your data with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf and require access to such information to do that work. We have contracts in place with our third parties, which are designed to help safeguard your personal information. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will also not share your personal information with any organisation apart from us.

The categories of third parties we may share personal information with are as follows:

  • Ad networks
  • Affiliate marketing programs
  • Cloud computing services
  • Communication & collaboration tools
  • Data analytics services
  • Data storage service providers
  • Payment processors
  • Performance monitoring tools
  • Sales & marketing tools
  • Website hosting service providers
  • Milturn Precision Engineering Ltd (trading as Milturn Finishing)
  • Service providers acting as processors and/or controllers
  • Professional advisors acting as processors or joint controllers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services
  • HM Revenue & Customs, regulators, courts or government agencies and other authorities acting as processors or joint controllers who require reporting of processing activities in certain circumstances
  • Credit reference agencies, business partners, agents, distributors, representatives, resellers, partners, suppliers, service providers and marketing automation providers acting as processors and/or joint controllers

We may also need to share your personal information in the following situation:

Business transfers: we may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

How we store your personal information

We have implemented appropriate and reasonable technical and organisation security measures designed to protect the security of any personal information we process. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. Although we will do our best to protect your personal information, transmission of personal information to and from our Services is at your own risk.

Data retention

We will only keep your personal information for as long as it is necessary for the purposes set out in this privacy policy, unless a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements).

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise such information, or, if this is not possible, then we will securely store your personal information and isolate it from any further processing until deletion is possible.

Our details

If you have any questions or comments about this policy, you may contact our Data Protection Manager by email at privacy@visioneng.co.uk or you can write to us at

Attention: Data Protection Manager

Vision Engineering Ltd

Freeman Building

Galileo Drive

Woking

GU23 7ER

Changes to this policy

This privacy policy may be updated from time to time. The updated version will be indicated by a ‘version’ date, and the updated version will be effective as soon as it is accessible. If material changes are made to this privacy policy, we may notify you either by prominently positing a notice of such changes or by directly communicating with you.

You should review this privacy policy frequently to be informed of how we are protecting your information.

Your duty to keep us up to date

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Third party links

Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy statements. When you leave our website, we encourage you to read the privacy policy of every website you visit.

International transfers

Our processing of personal data of individuals in the EEA, UK and any other country recognised as having suitable equivalent data protection standards is in accordance to the retained EU law version of the General Data Protection Regulation (EU) 2016/679 and the Data Protection Act 2018 (“UK GDPR”) in the UK, the General Data Protection Regulations (EU) 2016/679 (“EU GDPR”) and any other applicable local legislation for these territories.

Some of our Internal Third Parties and External Third Parties are based outside of the European Economic Area, the UK and/or other country recognised as having suitable equivalent data protection standards, so their processing of your personal data may involve a transfer of data outside of these territories. We comply with all applicable legal requirements to safeguard your personal data if a transfer outside of these territories is required. We use specific standard contractual terms approved for use in the UK which give the transferred personal data the same protection as it has in the UK, namely The International Data Transfer Addendum to the European Commission’s standard contractual clauses for international data transfers.

Your legal rights

If located in the EEA, the UK or other country recognised as having suitable equivalent data protection standards you may have rights under the applicable data protection laws, such as:

  • Your right of access – You have the right to ask us for copies of your personal information.
  • Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
  • Your right to object to processing – You have the right to object to the processing of your personal information in certain circumstances.
  • Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
  • Withdrawal of consent – Where consent is the legal basis for processing, you have the right to revoke consent of our processing your personal data at any time.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month the respond to you.

Please contact us at privacy@visioneng.co.uk if you wish to make a request. We may require proof of identity and account or reference numbers dependant on the nature of the request.

If you have any concerns about our use of your personal information you can make a complaint to us at privacy@visioneng.co.uk

Complaints

Should you wish to complain about how we have used your data, below is the information for the relevant supervisory authorities:

UK GDPR: The Information Commissioner’s Office https://www.ico.org.uk

EU GDPR:  The local supervisory authority for the relevant member state. A list of such authorities can be found here: https://www.edpb.europa.eu/about-edpb/about-edpb/members_en

Global data privacy standards

When we operate outside the UK or EEA, we always follow principles of good practice in all of our activities that involve the use of your personal data that complies with applicable local laws, which includes the following:

  • Personal data is used in compliance with applicable data protection legislation
  • We have a lawful bases to acquire and use personal data
  • We are open with individuals on how we will use their personal data
  • Personal data is handled with appropriate security
  • Personal data is only stored for as long as we need it
  • We respect an individual’s rights in relation to their personal data