Data security
Our site uses TLS encryption technology, to keep the information you give us as secure as possible. We only accept orders through web browsers that allow communication through Transport Layer Security (TLS – The successor to the SSL protocol) protocol.
However, please bear in mind that the Internet cannot be guaranteed to be 100% secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
We employ a variety of security technologies and measures designed to protect information from unauthorised access, use, or disclosure. The measures we use are designed to provide a level of security appropriate to the risk of processing your personal information.
Where we have given you (or where you have chosen) a password that enables you to access certain parts of our website, you are responsible for keeping this password confidential. It’s important that you also take responsibility for protecting your account information. Make sure your password is strong, don’t share it with others, and try not to use the same one for lots of online accounts. Don’t send your password by email – we’ll never ask you to do so. We won’t ask you for your password information over the phone; we’ll advise you on how to reset it.
We only use third-party services, such as Amazon Web Services, that are fully vetted and adhere to the highest levels of privacy and security practices.
All staff (including any contractors) undergo initial training to ensure a proper understanding of all security-related processes.
Every InkPanel Systems Ltd employee and contractor goes through background checks and an onboarding process that includes a trial period where access to customer data is provided only when working directly under the supervision of another staff member.
Data retention
We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to provide you with a service you have requested or to comply with applicable legal, tax, or accounting requirements).
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.
Your data protection rights
As part of GDPR, if you wish to access, correct, update, or request deletion of your personal information, you can do so at any time by contacting us.
In addition, you can object to the processing of your personal information, ask us to restrict the processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us.
You have the right to require us to erase or anonymise your personal data which we are handling in the following circumstances:
We no longer need to use your personal data for the reasons we told you we collected it for.
Where we needed your consent to use your personal data and you have withdrawn your consent and there is no other lawful way we can continue to use your personal data.
You object to our use of your personal data and we have no compelling reason to carry on handling your personal data.
Our handling of your personal data has broken the law.
We must erase your personal data to comply with a law we are subject to.
You have the right to receive the personal data we hold about you in a structured, standard machine-readable format and to send this to another organisation controlling your personal data.
This right only applies to your personal data that we are handling because you consented to us using it or because there is a contract in place between us.
You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” link in the marketing emails we send you. You can also opt-out of marketing emails and other forms of marketing, via the “Marketing Preferences” page in your “My Account” area.
Similarly, if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
You have the right to lodge a complaint with the Information Commissioner’s Office, the supervisory authority for data protection issues in England Scotland and Wales.