We are registered as a data controller with the UK Information Commissioners Office (ICO) to ensure our compliance with the data protection legislation (Registration Number Z4603369). Our strict compliance with the legislation ensures we process your personal data in a suitable and secure manner. We are certified with Cyber Essentials to ensure our IT systems are secure.
The purpose of this statement is to explain to you what personal information we collect and how we may use it.
When you purchase books from our website, we collect personal information to allow us to supply your goods.
We do not collect any financial information when you purchase - all information goes directly to Barclays bank.
We process personal data regarding customers and suppliers for legitimate business reasons to support the commercial arrangements that we have in place. With your consent, we process personal data for business development purposes.
We will only contact you with your consent.
We follow strict security procedures in the storage and disclosure of your information to prevent unauthorised access in accordance with the applicable data protection legislation.
We do not collect sensitive personal information about you.
We will not transfer your information outside the EEA (European Economic Area) without first obtaining your consent.
At any point in time, you may request access to, amendment of, and deletion of personal data held by us. We shall use reasonable measures to verify the identity of a data subject before responding to such requests. We will not respond to requests from unverified sources and shall not provide personal data to unauthorised recipients.
Upon request for access to personal data from a verified data subject, we shall provide the data that we have. These data shall be accompanied by explanations of: the purpose for which the personal data are processed; the period for which the personal data are processed; the recipients of the personal data and the logic involved in any automatic data processing. This information will be provided in electronic format, if requested. We shall respond to a verified data subject’s request within one month.
All queries relating to Data Protection should be addressed to SyntheSys’ Data Protection Officer and sent to firstname.lastname@example.org.