top of page

Privacy Policy

This Privacy and Data Protection Policy (the “Privacy Policy”) describes how we collect and use your personal data and information about you, in accordance with the General Data Protection Regulation (GDPR), the Data Protection Act 2018, and any other UK laws, regulations and secondary legislation, as amended or updated from time to time, (the “Data Protection Legislation”). 

​

Oak Tree Farm is committed to managing your personal data in compliance with all relevant Data Protection Legislation. As a part of this, we strive to ensure full transparency around how we process personal data.

 

This Privacy Policy outlines the following:

​

  • What data do we collect? 

  • How do we collect your data? 

  • Where do we store your data? 

  • Do we share your data with third parties? 

  • Your rights 

  • Cookies 

  • Mailing lists 

  • Security measures 

  • Other websites 

  • Complaints about the use of your data 

​

 1. What data do we collect?

In order for us to provide our services to our customers, we occasionally need to collect and use data and information. This may include some or all of the following:

​

  • Your personal details (such as your name and address);

  • Details of any contact we have had with you in relation to the provision, or the proposed provision, of our services; 

  • Details of any services you have received from us;

  • Our correspondence, communications and discussions with you; 

  • Information about any complaints and enquiries you make to us;

  • Information we receive from other sources, such as third parties or publicly available resources (e.g. Companies House).

​

We understand that all data and information – whether publicly available or not – is important and should be handled with care. 

​

2. How do we collect your data? 

Your data is typically collected in one of the following ways: 

​

  • When you submit a contact form on our website, or when you sign up to receive our newsletter or download any content from our website;

  • When you contact us by email, telephone or post;

  • When you engage us to provide our services, and during the provision of those services; 

  • When we collect publicly available information from third parties, such as your company website or Companies House.

​

3. Where do we store your data?

Client information is stored within our secure (password-protected and encrypted) online CRM and payments system. We will not keep your personal data longer than we need to. How long depends on several factors, including:​

​

  • Why we collected it; 

  • How old it is; 

  • Whether there is a legal/regulatory reason for us to keep it; 

  • Whether we need it to protect you or us.

​

4. Do we share your data with third parties? 

We will never sell your data to any third parties. However, we may share your personal data with third parties where we are required to by law, where it is necessary for the performance of our contract with you, to administer the relationship between us, or where we have another legitimate interest in doing so.  â€‹

​

We will not transfer the personal data we collect about you outside of the European Economic Area (EEA). 

​

5. Your rights

Every user has the following rights:

​

  • The right to be informed – this means anyone processing your personal data must make clear what they are processing, why, and who else the data may be passed to. 

  • The right of access – you have the right to request copies of your personal data. We may charge an administration fee for this service.

  • The right to rectification – you have the right to have your information corrected if you believe it is inaccurate. 

  • The right to erasure – under certain circumstances you can ask for your personal data to be deleted. This is also called “the Right to be Forgotten.” This would apply if the personal data is no longer required for the purposes for which it was collected, or your consent for the processing of that data has been withdrawn.

  • The right to restrict processing – you have the right to ask for a temporary halt to the processing of your personal data.

  • The right to data portability – you have the right to ask for any of your data being held to be provided in a structured, commonly used, and machine-readable format.

  • The right to object – you have the right to object to further processing of your data which is inconsistent with the primary purpose for which it was collected.

  • Rights in relation to automated decision-making and profiling – you have the right not to be subject to a decision based solely on automated processing.

 

If you would like to exercise any of these rights, please contact us.

​

6. Cookies 

Cookies are text files placed on your computer or device to collect standard Internet Log information and visitor behaviour information. Cookies are useful because they allow a website to recognise a user’s device and present them with tailored content. 

 

This website may utilise cookies supplied by third parties, to enable us to present you with information that we believe best suits your needs, based on your previous activity while visiting our website. If you wish, you can set your browser not to accept cookies.

​

7. Mailing lists 

When you subscribe to our newsletter or other communications, the email address you provide is passed to our secure (password-protected and encrypted) online CRM system. From there it may be exported directly and securely to an email marketing automation platform, in order to fulfil our newsletter or other communications.

 

You can opt-out of our newsletter or other communications at any time by utilising the “Unsubscribe” link at the bottom of every communication we send. When you unsubscribe from any communication, your details will remain on the list of past recipients. This is to ensure that you are not accidentally re-added to the distribution list. 

 

We never purchase mailing lists from third parties, and we will never sell any information to third parties. 

​

8. Security measures 

We believe in collecting the minimum amount of data from our clients that enables us to provide the highest level of commercial finance advice. Nevertheless, we have implemented commercially reasonable and appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.  

 

Furthermore, we limit access to your personal data to those employees, agents, contractors and other third parties who have a legitimate “need to know”. They will only process your personal data according to our instructions, and will be subject to a duty of confidentiality.

 

We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so. 

​

9. Other websites 

This website may contain links to other websites. This Privacy Policy applies only to our own website. If you click on a link to another website, you should read that website’s privacy policy.  

​

10. Complaints about the use of your data 

If you have any questions regarding this Privacy Policy, or if you would like to speak to us about anything in relation to how we collect, store and use your personal data, please get in touch.

 

You also have the right to make a complaint to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues, at any time. The ICO’s contact details are as follows:

​

Information Commissioner’s Office

Tel: 0303 123 1113 or 01625 545 745

https://ico.org.uk/concerns 

 

Policy updates 

This policy was last updated on 5th July 2022. 

Assigned Data Protection Officer: 

Antonia Stephenson

Tel: 01473 735218

antonia672@btinternet.com

bottom of page