Privacy Policy and GDPR

It is our policy here at Brand Impact to treat our customers in exactly in the way that we would like to be treated ourselves.

Our privacy policy covers the collection and use of any information that may be collected when you visit our website, contact us or purchase from us.

The information we hold for customers is name, address, email address and a phone number where applicable. This is purely for the purpose of processing your order unless you have also opted-in to our mailing list.

We do not under any circumstances disclose any of your personal information to a third party unless required to by law.

Wherever possible communications in relation to orders are made via email. The only time we would contact you by phone is if there is a problem with your order and we have been unsuccessful at contacting you via email.

Brand Impact does not operate any telesales or telephone marketing schemes.

We do not hold or keep a record of any customer bank account or credit/debit card details in our office or on our PCs. All online payments are made securely via PayPal or by credit card through Paypal Virtual Terminal, by Cheque or by Bank Transfer.

Any information collected from your visit to our website us is used purely for the purpose of processing your order, improving our products and services and keeping you informed of promotions and / or items which may be of interest to you should you opt-in to receive our newsletter.

We use this data to contact the database with relevant offers and information via e-mail. A contact can unsubscribe from our mailing list at any time by clicking the unsubscribe link which is on the footer of all mailers and requesting unsubscribe.

 

GDPR and Data

Brand Impact hold data from prospects, customers and suppliers on our internal ERP System.

The data is from people in companies who have previously contacted us with an interest or enquiry regarding our services and have provided their contact details to us at that time.

We do not share this data with any other companies.

Our data is held on our software systems on two secure servers that are protected by a two step log-in via username and passwords.

We regularly audit and update the contact information that we hold.

Director Ross MacCallum is the designated Data Protection Officer.

Contacts have a right to request that we remove their data from our systems at any time, when this is requested then we comply immediately.

Contacts have the right to be informed, access, rectification, erasure, restrict processing, data portability, right to object and the right not to be profiled.

In the unlikely event of a data breach, this would be detected, reported on and resolved immediately.

All data is handled with care and diligence.