GDPR and Data Protection

1. Introduction

• We are committed to protecting the privacy and personal data of our customers, suppliers, and employees.

• This policy explains how we collect, use, store, and protect personal data in compliance with the UK GDPR and the Data Protection Act 2018.

• All personal data is handled lawfully, fairly, and transparently.

2. Scope

• Applies to all personal data processed by the company, including that of customers, prospects, suppliers, and staff.

• Covers data in both digital and physical formats, including design files, proofs, emails, contracts, and job records.

3. Personal Data We Collect

• Contact information: name, company name, address, email, phone number.

• Billing and payment information.

• Vehicle details for graphics (e.g., registration numbers, fleet identifiers).

• Customer-supplied design assets that may contain personal data.

• Correspondence and communication records.

4. Lawful Basis for Processing

• Contractual necessity – to provide printing, production, and installation services.

• Legal obligation – to comply with accounting, tax, and regulatory requirements.

• Legitimate interests – for business operations, customer service, and service improvement.

• Consent – when required, especially for marketing communications.

5. How We Use Personal Data

• To create designs, proofs, and printed materials.

• To produce vehicle graphics and large-format signage.

• To manage orders, deliveries, and installations.

• To issue invoices and manage payments.

• To communicate project updates or respond to queries.

• To comply with legal obligations.

6. Data Storage and Security

• Personal data is stored securely with access limited to authorised personnel.

• Digital files are protected by passwords and IT security measures.

• Physical documents are securely stored.

• Security measures are regularly reviewed to prevent unauthorised access, loss, or misuse.

7. Customer Artwork and Design Files

• Customer-supplied artwork is treated as confidential.

• Files are used only for fulfilling the agreed project.

• Artwork may only be shared with trusted third parties when necessary to deliver services (e.g., installers), under appropriate safeguards.

8. Data Sharing

• We do not sell or trade personal data.

• Data may be shared with third parties only as necessary to deliver services.

• All third parties must comply with UK GDPR standards.

9. Data Retention

• Personal data is retained only as long as necessary to fulfil its purpose or meet legal obligations.

• Invoices and job records are kept according to accounting and tax requirements.

• Design files are securely deleted when no longer needed.

10. Individual Rights

Individuals have the right to:

• Access their personal data.

• Request correction of inaccurate data.

• Request deletion of data where applicable.

• Restrict or object to certain processing activities.

• Request data portability where relevant.

11. Data Breaches

• Any suspected personal data breach is investigated promptly.

• Breaches are reported to the Information Commissioner’s Office (ICO) and affected individuals where required.

12. Staff Responsibilities

• All staff handling personal data receive GDPR training.

• Staff must follow this policy and report data protection concerns immediately.

13. Policy Review

• The policy is reviewed regularly to maintain compliance with UK GDPR and Data Protection Act 2018.

• Updates are made as needed to reflect changes in law or business practices.

14. Contact Information

• Questions or requests regarding data protection should be directed to the company’s data protection contact.