Privacy Policy

Who we are

The pages on this website (“Website”) are published by Bacton Transport Services Ltd, (“BTS”), a company registered in England and Wales with company registration number 8922456, whose registered address is at Tomo Industrial Estate, Tomo Road, Stowmarket IP14 5AY.

The security of your data and your right to privacy is a priority to BTS. We will handle your personal data legally and fairly at all times and we will be transparent about what data we collect about you and how we use it.

This policy provides you with details about:

  • what personal data we collect;
  • how we use your personal data;
  • how we maintain the privacy of your personal data;
  • your legal rights about your personal data.

Legal basis for using your data

BTS collects and uses personal data because is it necessary for:

  • the pursuit of our legitimate interests;
  • the purposes of complying with our duties and exercising our rights under a contract for the sale of goods or services to a customer; or
  • complying with our legal obligations.

We will contact customers for additional consent to send direct marketing communications.

Customers have the right to withdraw consent at any time.  Where consent is the only legal basis for processing, we will cease to process data after consent is withdrawn.

What personal data we collect

BTS may collect the following information about you:

  • your name, age/date of birth and gender;
  • your contact details: postal address including billing and delivery addresses, telephone numbers (including mobile numbers) and e-mail address;
  • purchases and orders made by you;
  • your on-line browsing activities on our websites;
  • your password(s) where applicable;
  • when you make a purchase or place an order with us;
  • your interests, preferences, feedback and survey responses;
  • your location;
  • your correspondence and communications with us; and
  • other publicly available personal data, including any which you have shared via a public platform (such as a Twitter feed or public Facebook page).

Our website is not intended for use by children and we do not knowingly collect data relating to children via our website.

This list is not exhaustive and, in specific instances, we may need to collect additional data for the purposes set out in this Policy. Some of the above personal data is collected directly, for example when you apply for a job or send an email to our operations or customer services teams; other personal data is collected indirectly, for example, your browsing activity. We may also collect personal data from third parties who have your consent to pass your details to us, or from publicly available sources.

How we use your data

BTS (or our suppliers and service partners acting on our behalf) uses your personal data:

  • to provide and services to you;
  • to make a website available to you;
  • to manage any registered account(s) that you hold with us;
  • to verify your identity;
  • for crime and fraud prevention, detection and related purposes;
  • with your agreement, to contact you electronically about our products and services;
  • for market research purposes - to better understand your needs;
  • to enable us to manage customer service interactions with you; and
  • where we have a legal right or duty to use or disclose your information (for example in relation to an investigation by a public authority or in a legal dispute).

Sharing data with third parties

Our service partners and suppliers

In order to perform our services for you as well as carry out our legal obligations, we may need to share your personal data with service partners or suppliers. These include our network partners, sub-contractors, IT and software companies and auditors.

The service partners and suppliers are obliged to keep your data securely and may only use your data to fulfil the services as contracted with BTS and for no other purposes. Once your data is no longer required to fulfil the service, your details will be disposed of in accordance with BTS procedures. 

Other third parties

BTS will not intentionally disclose your personal data to any third party, except as set out above. We will never sell or rent our customer data to other organisations for marketing purposes.

How long do we keep your data?

We will hold your data securely for as long as is necessary for the relevant activity, or as long as set out in any contract you hold with Bacton Transport Services and/or one of its members. In certain circumstances, for example, insurance or legal purposes, we may retain your data for longer periods of time.

How we protect your data

BTS is committed to keeping your personal data safe and secure at all times.  

Our security measures include: -

  • encryption of data;
  • regular cyber security assessments of all service providers who may handle your personal data;
  • regular scenario planning and crisis management exercises to ensure we are ready to respond to cyber security attacks and data security incidents;
  • regular penetration testing of systems;
  • security controls which protect our entire IT infrastructure from external attack and unauthorised access; and
  • internal policies setting out our data security approach and training for employees.

Cookies

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The table below explains the cookies we use and why.

Cookie name Description
__utma Used to distinguish users and sessions. The cookie is created when the javascript library executes and no existing __utma cookies exists. The cookie is updated every time data is sent to Google Analytics.
__utmz Stores the traffic source or campaign that explains how the user reached your site. The cookie is created when the javascript library executes and is updated every time data is sent to Google Analytics.
_ga Used to distinguish users.
_gid Used to distinguish users.
exp_last_activity Every time the state is updated (the page reloaded) the last activity is set to the current datetime. Used to determine expiry. This is essential for logged in users, but not for guests - it is set for both.
exp_last_visit Sets the datetime that the user last visited the site, and is set for both guests and logged in users. If not set, is automatically set to 10 years ago. Affects guests and logged in users.
exp_tracker Tracks the last 5 pages viewed by the user, and is used primarily for redirection after logging in etc. Affects guests and logged in users.
exp_csrf_token This cookie protects against Cross Site Request Forgery (CSRF). A CSRF attack forces a logged-on victim’s browser to send a forged HTTP request, including the victim’s session cookie and any other automatically included authentication information, to a vulnerable web application. This allows the attacker to force the victim’s browser to generate requests the vulnerable application thinks are legitimate requests from the victim.

 

How do I change my cookie settings?

Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit www.aboutcookies.org or www.allaboutcookies.org.

Find out how to manage cookies on popular browsers:

To find information relating to other browsers, visit the browser developer's website.

To opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout.

Your rights

  • Request correction of personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal information for direct marketing purposes.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party in certain formats, if practicable.
  • Request accessto your personal data subject to certain exemptions that may apply   
  • Make a complaint to a supervisory body which in the United Kingdom is the Information Commissioner’s Office. The ICO can be contacted at: https://ico.org.uk/concerns/

If you wish to exercise any of these rights please contact us using the contact detail below. 

Contact Information

If you have any questions about how BTS uses your personal data that are not answered here, or if you want to exercise your rights regarding your personal data, please contact us by emailing dataprotection@bacton.co.uk

You have the right to lodge a complaint with the Information Commissioner’s Office.  Further information, including contact details, is available at https://ico.org.uk.

TPN Connect

TPN Connect

Latest Tweets

By continuing to use the site, you agree to the use of cookies. You can change this and find out more by following this link

Accept Cookies