Privacy Policy

This privacy notice is provided to inform you about how and why your personal data is used so that we can be as transparent as possible and to ensure that you are aware of your rights under data protection legislation.

Who is the Data Controller?
Classic Services Group Limited is the Data Controller for your personal data. Our address is Classic House Genesis Business Park, Redkiln Way, Horsham, RH13 5QH. We can be contacted at +44 (0)1403 283172 or +44 (0)8445 610578 or by email at hradmin@classicservicesgroup.co.uk.

Which personal data do we process and why?
We process your personal data so that we can engage with you and supply our services.  We use your personal data for account management, maintaining communication, and providing service-based information.

We will process your personal data if you complete an enquiry through our website contact form, and we will obtain your consent to provide you with information about our services. This is in accordance with Article 6.1.a UK GDPR – consent. You may withdraw your consent at any time by contacting us. We may be provided with your contact details by a third party, for example, through network contact.

As a client or prospective client, we process your name and contact data as well as your job title and details and the type of organisation you work for. We will also process the name of the client service user and their physical address. The lawful basis we use for this is Article 6.1.f UK GDPR (Legitimate Interest).

The legitimate interest we pursue is to grow our business through expanding and retaining our client base and providing excellent customer service.  As with any legitimate interest processing, you have the right to object to this, and you can do so by contacting us using the information provided above.

If you fail to provide the information required, we will be unable to provide the agreed products and services to you.

We collect data through our website analytics some of which may identify you, such as an IP address. Our Cookie Policy details the cookies we use, and you can manage your preferences through our cookie consent platform.

Who are the recipients of your data?
As a general principle, we will not transfer your personal data to other recipients without your permission. There are some exceptions to this:

  • It is possible that we might be obliged to disclose personal information in response to a court order or other lawful obligation. Our lawful basis for this is Article 6.1.c -legal obligation.
  • We may share your data as part of a sale, transfer, or merge part of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. We would do this under the basis of Article 6.1.f – legitimate interest as we have a legitimate interest in developing our business.
  • We may also share data with law enforcement as part of our service response; our lawful basis for this is Article 6.1.f – legitimate interest.
  • We will share personal data with our external auditors, the legal basis for this is Article 6.1.b – legal obligation.

What about data processed by third parties on our behalf?
We use the services of other organisations in processing your data. We use cloud-based platforms for email and document storage, video conference, asset management, scheduling and workflow management. Our website processes limited personal data such as through our contact form. We also provide limited personal data to organisations that perform maintenance and service work on our behalf, such as our IT-managed service providers. We ensure these third-party providers manage your data and handle it in accordance with the requirements of the UK GPDR.

Do we transfer your data outside of the UK?
We transfer personal data outside of the UK to the USA and to Australia via our third-party providers. These transfers of data are facilitated through the UK extension to the EU – US Data Privacy Framework and the use of International Data Transfer Agreements.

How long do we keep your data?
We will retain your data only for the time we require it for the purposes stated and/or where we have a legal obligation or other legitimate purpose. We will retain the personal data of our clients for seven years for financial reporting purposes.

These are your rights:
The UK GDPR provides you with several rights in relation to the data of yours we process:

  • You have the right to get access to and copies of your personal data.
  • You can ask us to rectify any inaccurate information we may be holding.
  • You can request that we restrict the processing of your data.
  • You can ask us to erase your personal data if it is no longer required for the purpose we collected it or we have no legal obligation to retain it.
  • You have the right to object to the processing we undertake under a legitimate interest basis.

If you want to exercise any of these rights, please contact us using the above contact details.

Where we act as Data Processors.
When Classic Services Group Limited provides end users with services on behalf of our clients, we are acting as Data Processors as defined by the UK General Data Protection Regulation. This means that we have the responsibility to keep personal data secure in accordance with the law.

We will collect or process on behalf of our clients the following categories of personal data to provide the contracted services: business site address, telephone number, email address, and name.

We retain the end user’s personal data for the period that the user account is active and for one year after.

You have the right to lodge a complaint about our processing with a supervisory authority; in the UK, this is the Information Commissioner’s Office.

The Information Commissioner’s Office
Wycliffe House, Water Lane,
Wilmslow,
Cheshire SK9 5AF.
Helpline number: 0303 123 1113

Back To Top