Privacy Policy

Compressed Air Systems UK are a UK based company, our offices at Compressed Air Systems UK, 15 Fortnum Close, Kitts Green, Birmingham B33 0LG.

What is GDPR?

GDPR is the abbreviation for the General Data Protection Regulation. It is Directive 95/46/EC and relates to the collection, storage, processing and movement of personal data.

What is Personal Data?

Personal Data is any information relating to an identifiable person who can be directly or indirectly identified.

What is Processing?

Processing can be one or more of the following activities; collection, recording, organising, structuring, storage, adaption, retrieval, consultation/use, disclosure by transmission, dissemination or otherwise by making available, alignment or combination, restriction, erasure or destruction.

What Classification Group

Ceased: defined as one that is either ceased trading, i.e. gone into administration, retired or has otherwise been terminated.

Dormant: defined where the account has been inactive for more than 2 years.

What is a Data Breach?

A data breach can be broadly defined as a security incident that has affected the confidentiality, integrity or availability of personal data i.e. when the data has been lost, destroyed, corrupted, disclosed or if the data has been rendered unavailable by being accidentally lost or destroyed or encrypted by ransomware.

What is a Cookie?

A Cookie is a small piece of data which is sent from a website that you are browsing and stored on your computer by the web browser while you are browsing. Depending on what cookies the web application finds on your computer, your browsing experience may become customised. Further information about cookies can be found at www.allaboutcookies.org

The data is under the control of the Compressed Air Systems UK Data Protection Officer (DPO). He/she can be reached for the purposes of privacy and data security at enquiries@tanaircompressors.com or contacted at the trading address above.

A cookie is a small file which asks permission to be placed on your computer's hard drive. Once you agree, the file is added.

Cookies allow web applications to respond to you as an individual by gathering and remembering information about your preferences.

We use traffic log cookies to identify which pages are being used. This helps us analyse web page traffic and improve our website to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.

Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Compressed Air Systems UK may hold your personal data for the purposes of fulfilling their contractual obligations in respect of marketing, sales and delivery of products and services offered by Compressed Air Systems UK.

• Key data collected includes: name, address/postcode, email address and contact telephone number(s).
• We may collect role/job function and other social information reasonably considered relevant to marketing, sales and delivery.
• Transactional data may include delivery instructions to regular or temporary delivery points.
• We collect payment method details, including bank/bank card/credit card details.
• Website accounts store name, email address, encrypted password and maximum basket value you may process.
• We do not hold data belonging to persons under 18; if identified, it will be removed.

Calls may be recorded for training and dispute resolution. CCTV is used for security and to assist with delivery/collection dispute resolution.

The legal basis for processing Key Personal data and Transactional data is the need to fulfil a contractual obligation. We may also process data where it is in our legitimate interests, including account management, payment collection, administration, and sharing business updates.

CCTV and call data logging are processed under legitimate interest to maintain security, assist with dispute resolution, and provide training feedback where necessary.

We do not trade or exchange data with third parties other than those providing delivery mechanisms and business services such as carriers, mailing fulfilment, EDI services, credit checking companies and credit card processors, hosting services, professional advisors, and IT services.

We may release information relating to your account to HMRC and other relevant authorities if required by law.

Data is primarily held on servers hosted in the UK under GDPR regulations and processing agreements are in place for safe storage.

We take reasonable precautions to ensure security, including password-protected access and limited accessibility, ongoing staff education, and safe-by-design systems.

• Cyber Essential Plus level of accreditation across network and processing facilities – with roadmap to IASME accreditation.
• Password protected access to storage of data and limited accessibility of processing areas.
• Ongoing education around responsibilities to protect clients' data.
• Safe-by-design approach to databases and systems.

Data is stored according to our data retention policies. Retention is based on the amount, nature and sensitivity of data, risk of harm, processing purposes, and legal requirements.

• Key data: held for duration of contract, and typically 7 years after an account becomes ceased or 2 years after it becomes dormant (whichever is first).
• Transactional data: up to 8 years.
• Telephone calls: up to 12 months.
• CCTV: up to 90 days.

We may profile Key data to keep customers up to date with product ranges and promotions, and to assess service effectiveness and performance. We do not profile transactional data for direct marketing.

We do not actively profile telephone calls or CCTV images unless required to resolve a specific issue or incident.

In the event of a product safety recall, we may process personal data to inform you of the safety issue using appropriate contact methods.

GDPR provides individuals with rights over personal data. More information can be viewed at the Information Commissioner's Office (ICO) at www.ico.org.uk.

• Object to processing in certain circumstances or request restriction.
• Request correction of personal data.
• Request erasure in certain circumstances.
• Request a copy of your personal data.
• Withdraw consent where consent is the lawful basis.
• Request a portable data file.

You may exercise these rights by contacting your Area Sales Manager or enquiries@tanaircompressors.com.

If you have concerns, please contact us first so we can investigate and respond. You may complain to the ICO at any time.

We apply appropriate technical, physical and organisational measures designed to protect personal information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. Access is restricted on a need-to-know basis and our information security programme is proportionate to the risks.

We may provide links to third parties' websites. Linked sites are not necessarily reviewed, controlled or examined by us. Each linked site may have its own terms of use and privacy notice. We are not responsible for the policies and practices of any linked site and encourage users to read linked sites’ terms and notices prior to use.