Login Create Account 01226 280999 Contact Sales
Basket Icon £0.00

Privacy Policy

The GDPR (EU General Data Protection Regulation) comes into effect on 25 May 2018. This is the new privacy legislation to better protect the personal data of European citizens. From this date, SABUR will have a privacy policy in place to ensure that our customers are optimally informed about the processing of their personal data in terms of purchases and services from SABUR. The protection of our customers’ privacy is extremely important to us and to this end, we will keep you as well informed as possible and give you control over what happens to your personal data.

DEFINITIONS

▪ Processing of personal data: the processing of ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’). The term ‘processing’ is broad and covers, among other things, data collecting, recording, organizing, storing, updating, modifying, retrieving, consulting, using, distributing or making available in any way, merging, combining, archiving, erasing or eventually destroying the data.

▪ Controller: a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

▪ Processor: the controller can appoint an external subcontractor to process personal data. In such a case, the subcontractor is the ‘processor’. This can be a natural or legal person, a public authority, agency or another body that processes personal data on behalf of the controller.

SCOPE

Sabur Digital / Sabur ink systems Ltd, with its registered office at Unit 2 Middlewoods Way, Carlton, Barnsley, South Yorkshire S71 3HR under company registration number 8970146 & 3500681, is the controller of the personal data (hereinafter ‘SABUR’).

This privacy policy therefore only applies to the personal data that SABUR, as controller, processes with regard to its customers in terms of the sale of our products and/or services. In addition to our current customers, it also applies to former customers, potential customers, and ambassadors.

In the case of B2B customers, the processing of personal data is only applicable to natural persons. Where the B2B customer is a legal entity, the privacy policy applies only to the natural person or persons with whom we have direct contact in terms of sales or services.

This privacy policy also applies to customers who visit our registered office or website, participate in competitions or surveys, take part in promotions, participate in events or use our services in another way.

DATA CATEGORIES

SABUR processes the following categories of personal data of its customers:

▪ Personal identification data: data that enables us to identify and contact our customers such as surname, first names, address, telephone number and email address.

▪ Physical description: data that enables us to offer the most suitable products and services such as machinery used eg: printer-Roland.

▪ Financial data: invoicing and payment details, including data relating to the assessment of the creditworthiness of customers.

▪ Electronic identification data: IP addresses and cookies are processed to improve the usability of our online environments.

▪ Images or videos: SABUR may process images and/or videos of customers or customer machinery for promotional purposes.

More than one of the above data categories can be combined. SABUR does not process special categories of personal data that are prohibited in terms of Article 9 of the GDPR which reveal racial or ethnic origin, membership in interest groups, political opinions, ideological or religious views, health status, or data concerning a natural person’s sex life or sexual orientation. SABUR does not process genetic or biometric data with the aim of uniquely identifying a natural person.

PROCESSING GROUNDS

SABUR processes personal data for various purposes and will always try to process only data that is necessary in order to achieve specific objectives. The use of personal data is necessary in the following cases:

▪ In the preparation and execution of a placed order or implementation of a service (agreement).

▪ To comply with the legal obligations to which SABUR is subject.

▪ To represent our legitimate interests, always striving to ensure that these interests do not outweigh the respect for the privacy of personal data, especially when it concerns children.

If the processing of personal data is not needed for any of the above three purposes, we will always request explicit permission from the data subject to process the personal data.

CHILDREN

If SABUR is aware that it is collecting personal data from children under the age of 16, permission must be obtained from a parent or guardian, as required by law.

PROCESSING PURPOSES

SABUR collects personal data for the following specific purposes:

▪ To process a request for SABUR products or services people who are interested in the products and services of SABUR and contact SABUR(by telephone, email, or through its website) are asked to leave their personal details so that we can contact them in order to make an appointment.

▪ In order to provide personalised information and advice regarding our products and services, together with other companies within SABUR.

SABUR uses data in order to provide personal, specific advice about its products and services. This explicitly relates to presenting machinery & consumables that matches the needs of our (potential) customers with regard to model, design, technical characteristics and dimensions. This personal data is recorded for the purpose of customer management (preparation of quotations, (re)orders, invoices, follow-up payments) production follow-ups and after-service care, as well as the handling of complaints.

▪ To announce new products and services

SABUR may use personal data to inform its customers (either electronically, in writing or by telephone) of new products, competitions, discounts, special promotions, or new services that have been added to the range. SABUR may also approach individuals &companies by mail or newsletter even if they are no longer a SABUR customer. This can be cancelled by unsubscribing to these services (opting-out).

▪ To retain statistics for internal use

SABUR may use personal data to generate internal reports and analysis in order to evaluate our own procedures and operational processes, allowing us to improve our products and service offerings, or to adapt them in accordance with the evolution of the market (trend analysis).

SABUR does not use automated decision making which may result in legal consequences, or which may similarly significantly affect those involved.

RECIPIENTS AND DATA TRANSFERS

SABUR does not sell personal data to third parties without permission and does not share personal data with third parties except in the following instances:

▪ Where necessary, and for the processing purposes as described above, personal data may be shared with other companies within the SABUR group within the European Union, which are directly or indirectly affiliated with SABUR or with a SABUR partner.

▪ Where necessary for the delivery of our products and services. SABUR may use third parties for the delivery of products and services, and as a result make its databases available for this purpose. These may include, for example, third party producers commissioned by us or

independent commercial entities that market our products. This data will solely be shared for the same purpose as which SABUR processed it and is limited only to the data needed for carrying out their instructions. SABUR guarantees that these third parties shall take the appropriate technical and organizational measures needed in order to protect the personal data which they are privy to.

▪ Subject to legal obligation. SABUR will share personal data with government authorities, legal services or police services when required to do so by law.

▪ When SABUR or a third party has a legitimate interest. SABUR will only share personal data with a third party if the right to privacy does not outweigh the purpose. For example, in terms of collection agencies, or partners when it comes to competitions offering prizes.

▪ Permission given. In all other cases, when SABUR shares personal data with third parties, the data subject will be notified in advance, with an explanation regarding the third party and the purpose. Where required by law, permission will naturally be requested first.

When personal data is processed outside of the European Union, SABUR will take appropriate contractual or other measures to ensure that this personal data is subject to the same or comparable level of protection as if it were protected within the European Union and in accordance with the GDRP legislation.

Consent to the use of cookies.

For our website to function properly we use cookies. To obtain your valid consent for the use and storage of cookies in the browser you use to access our website and to properly document this we use a consent management platform: CookieFirst. This technology is provided by Digital Data Solutions BV, Plantage Middenlaan 42a, 1018 DH, Amsterdam, The Netherlands. Website: https://cookiefirst.com referred to as CookieFirst.

When you access our website, a connection is established with CookieFirst’s server to give us the possibility to obtain valid consent from you to the use of certain cookies. CookieFirst then stores a cookie in your browser in order to be able to activate only those cookies to which you have consented and to properly document this. The data processed is stored until the predefined storage period expires or you request to delete the data. Certain mandatory legal storage periods may apply notwithstanding the aforementioned.

CookieFirst is used to obtain the legally required consent for the use of cookies. The legal basis for this is article 6(1)(c) of the General Data Protection Regulation (GDPR).

Data processing agreement

We have concluded a data processing agreement with CookieFirst. This is a contract required by data protection law, which ensures that data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.

Server log files

Our website and CookieFirst automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data is collected:

  • Your consent status or the withdrawal of consent
  • Your anonymised IP address
  • Information about your Browser
  • Information about your Device
  • The date and time you have visited our website
  • The webpage url where you saved or updated your consent preferences
  • The approximate location of the user that saved their consent preference
  • A universally unique identifier (UUID) of the website visitor that clicked the cookie banner

For more information, visit our Cookies Policy page.

SECURITY MEASURES

In order to protect the collected personal data used by SABUR , and to safeguard the privacy rights of data subjects, SABUR has implemented a number of technical and organisational measures:

▪ Organisational

▪ SABUR employees are informed how they should handle confidential personal data through periodic awareness campaigns.

▪ Certain designated employees within the SABUR organisation are specifically responsible for compliance with the privacy legislation, as well as this privacy policy, and are tasked to report to management periodically.

▪ When new projects are started within SABUR, whereby personal data is processed, one of the assessment criteria is the security and protection of personal data. Privacy concerns are always taken into account.

▪ In the field of information technology, we work together with specialised parties that ensure the safety of our information systems, IT infrastructure and web environment.

▪ Technical

SABUR employs various technical measures to protect personal data against unauthorised access, unauthorised use and loss or theft of data, including:

▪ Securing our systems and databases with a username and password.

▪ The use of firewalls to shield our systems from external attacks.

▪ The use of anti-virus and anti-spam software to protect our systems and data against viruses, spyware, spam and the like.

▪ Shielding data through profiles and rights management so that only specific data is visible to employees who need it to carry out their tasks.

▪ Keeping all software up-to-date with the latest security updates.

▪ The use of VPN connections and rights to secure the access to files on our servers.

In the event of a data breach, which may hold adverse consequences for data subjects, SABUR will go through the legally prescribed procedures and personally inform the data subjects about this within the legally required period.

DATA RETENTION PERIOD

In accordance with the GDPR regulations, SABUR is not allowed to keep personal data longer than is necessary in order to achieve the predetermined purpose for which the data was collected. This means that the storage period can differ considerably for each purpose.

Personal data processed for customer management are retained for the period necessary to comply with legal requirements. For example, in order to meet accounting and tax obligations, is SABUR obliged to keep the invoicing data for a maximum of 7 years. Due to legal necessity, certain data such as invoices, complaints and correspondence must be kept for a maximum period of 10 years.

After the applicable storage period(s) have expired, personal data will be deleted or anonymised.

EXERCISING PRIVACY RIGHTS

Individuals whose personal data is processed by SABUR have a number of rights as set out in the latest regulations in the GDRP.

▪ Right to review

The data subject shall have the right to obtain from SABUR confirmation as to whether or not personal data concerning him or her are being processed and in those cases, have access to the personal data and the information regarding its processing purposes, including the categories of personal data concerned, the recipients or categories of recipient to whom the personal data have been or will be disclosed, the expected period for which the personal data will be stored, their privacy rights, the right to file a complaint and the existence of automated decision-making. SABUR shall be obliged to provide a free copy of the personal data undergoing processing in a commonly used electronic form.

▪ Right to rectification

The data subject shall have the right to obtain from SABUR, without undue delay, the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement. Where data has been provided to third parties, this will be disclosed to the data subject and the necessary changes will also be communicated to said third parties.

▪ Right to erasure (‘right to be forgotten’)

In a number of specific cases, the data subject shall have the right to obtain from SABUR the deletion of personal data concerning him or her and SABUR shall have the obligation to delete such personal data where one of the following grounds apply:

▪ The personal data is no longer necessary for the purposes for which it was collected or otherwise processed;

▪ The data subject withdraws consent on which the processing is based and where there is no other legal ground for the processing;

▪ The data subject objects to the processing and there are no overriding legitimate grounds for the processing;

▪ The personal data has been processed unlawfully;

▪ The personal data must be deleted for compliance with a legal obligation or law to which is subject;

▪ The personal data was collected when the person was still underage.

SABUR is not always obliged to delete personal data, for example, when the data is necessary in respect of instituting legal proceedings.

▪ Right to restriction of processing

Data subjects for whom SABUR stores data have the right to limit the scope of their processed personal data in the following cases:

▪ The accuracy of the personal data is contested by the data subject.

▪ The data subject has objected to the processing of their data and pending the verification whether the legitimate grounds of SABUR override those of the data subject, the data subject may request that the use of their data be restricted.

▪ The processing is unlawful, and the data subject opposes the deletion of the personal data and requests the restriction of their use instead.

– SABUR no longer needs the data, but the data subject requires it for him or herself.

▪ Right to transferability

Data subjects whose data is held by SABUR have the right to have their personal data that they provided transferred to another processor. This is only possible if the information was provided based on an agreement, or subject to the consent of the person concerned.

▪ Right to object

The persons from whom SABUR has collected data have the right to object to the processing of their data based on legitimate and justified grounds. SABUR will stop the processing of the data unless compelling or legal grounds can be shown to the contrary.

▪ Direct marketing

Data subjects have the right to oppose, free of charge, any processing of their personal data in terms of direct marketing (opt-out). This can be done without giving any reason and by contacting Customer Services, or by using the contact details below.

▪ Complaints

Data subjects have the right to file a complaint with the Commission for the Protection of Privacy.

CONTACT

For more information about this privacy policy or for questions and complaints related to the processing of personal data, SABUR can be contacted via the following email address: accounts@saburink.com

EFFECTIVE DATE

This Privacy Policy is effective as of 29th May 2018