We are committed to ensuring that we manage your personal data professionally and in compliance with all
applicable data protection laws. Part of this commitment is to ensure that there is transparency about how we
process personal data. This policy includes an explanation of:
▪ what data we are processing;
▪ why we are processing it and what we do with it;
▪ whether we will share it with anyone else;
▪ whether we will transfer it outside of the United Kingdom;
▪ how we keep your data safe; and
▪ your rights.
2. About us
Our company name is Indestructible Paint Limited and we are located at 16-25 Pentos Drive, Sparkhill,
Birmingham. B11 3TA. In this policy we have referred to Indestructible Paint as: we, us, our or IP
For any queries concerning your data please contact the Data Protection Co-ordinator, at the above address or
by email at Michael@Indestructible.co.uk or by phone on +44(0)121 702 2485.
3. Your personal data
3.1. We process your personal data if we understand that you may be interested in purchasing our products or
services. In this section 3 we provide more detailed information about how we will manage your personal data.
3.2. What data do we hold about you and how have we obtained this?
3.2.1.We will obtain information about you when you enquire about our products or services. Typically,
the information that we obtain will be your contact details and payment information.
3.2.2.If you have visited our website we may automatically collect some personal information including:
details of your browser and operating system, the website from which you visit our website, the
pages that you visit on our website, the date of your visit, and the Internet protocol (IP) address
assigned to you by your internet service. We collect some of this information using cookies – please
see Cookies in Section 5 for further information.
3.2.3.Our telephone calls are sometimes recorded for training purposes and may also be used to verify
any comments that were made during any conversation.
3.2.4.We have CCTV in operation at our facility for security purposes. It is therefore possible that images
of you will be recorded when visiting our site.
3.2.5.Sometimes you will have sent your information directly to us, but you may have provided your
information to one of our distributors who, in turn, has provided the information to us.
3.3 How do we use your personal data and what is the applicable lawful basis?
3.3.1.Where you have consented, we may provide you with marketing information about our products
and services. In addition, we will keep you informed of events that we think will be of interest to
3.3.2.Where we are required to do so to perform our contract with you, we may process your
information for completing services that we are contractually obliged to perform.
3.3.3.Where it is in your vital interests, we may use your information to organise and notify you about
safety and product recall notices.
3.3.4.We may process your information to comply with legal obligations including assisting HMRC, the
Police and the Driver and Vehicle Licensing Agency
3.3.5.We may process your information to allow us to pursue our legitimate interests including for:
▪ analysing our performance to further improve our customer services;
▪ market research, training and to administer our websites;
▪ the prevention of fraud or other criminal acts;
▪ undertaking credit checks for finance;
▪ complying with requests from you including if you exercise any of your rights noted in this
▪ the purpose of corporate restructure or reorganisation or sale of our business or assets;
▪ enforcing our legal rights or to defend legal proceedings and for general administration
3.4 Will we share your personal data with any third parties?
3.4.1 We may share your data with distributors that we have a contractual relationship with
3.4.2 We may disclose your information to our third-party service providers for the purposes of
providing services to us or directly to you on our behalf e.g. administrative service providers.
When we use third party service providers, we only disclose to them any personal information
that is necessary for them to provide their service and we have a contract in place that requires
them to keep your information secure and not to use it other than in accordance with our
3.4.3 If we sell all or part of our business to a third party, we may transfer your information to that
party to ensure that it can continue to provide information that you have requested or for any
of the other purposes that we have noted above.
3.4.4 We may transfer your data to government or other official bodies for the purposes of
complying with legal obligations, for enforcing our rights, or for the prevention or detection of a
3.5 How long do we keep your data?
3.5.1 If you have expressed an interest in buying products or services from us or our distributors, we
will retain your contact details and related information concerning your enquiry for 5 years
from the date that we last had contact with you.
3.5.2 If you have purchased goods or services from us or from our distributors, we will keep the data
relating to that purchase (e.g. order forms and invoices and related correspondence) for 7 years
from the date of the contract.
3.5.3 Voice recordings of telephone calls and CCTV images shall be kept for 2 months.
3.5.4 If you have requested that we do not send you marketing information we will always retain
sufficient information to ensure that we remember to comply with your request.
3.5.5 The periods stated in this section 3.5.1 may be extended if we are required by law to keep your
data for a longer period.
4. Transferring your data outside of the United Kingdom (‘UK’)
4.1. The information that you send to us may be transferred to countries outside of the UK. By way of example, this
may happen where any of our distributors are incorporated in a country outside of the UK or if any of our
servers or those of our third-party service providers are from time to time located in a country outside of the
UK. These countries may not have similar data protection laws to the UK.
4.2. If we transfer your information outside of the UK in this way, we will take steps to ensure that appropriate
security measures are taken with the aim of ensuring that your privacy rights continue to be protected. These
measures include imposing contractual obligations on the recipient of your personal information or ensuring
that the recipients are subscribed to ‘international frameworks’ that aim to ensure adequate protection. Please
contact us if you would like more information about the protections that we put in place.
4.3. If you use our services whilst you are outside the UK, your information may be transferred outside the UK to
provide you with those services.
electronic device) when you visit our website. This enables us to monitor how many times you visit the
website, which pages you go to, traffic data, location data and the originating domain name of your internet
5.2. You can find out more about the Cookies we use in our Cookies Policy available on the home page of our
5.3. You can set your browser not to accept cookies, however some of our website features may not function as a
5.4. For more information about cookies generally and how to disable them you can visit: www.allaboutcookies.org.
6. Data security
6.1. We have adopted the technical and organisational measures necessary to ensure the security of the personal
data we collect, use and maintain, and prevent their alteration, loss, unauthorised processing or access, having
regard to the state of the art, the nature of the data stored and the risks to which they are exposed by human
action or physical or natural environment. However, as effective as our security measures are, no security
system is impenetrable. We cannot guarantee the security of our database.
6.2. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do
our best to protect your personal data, we cannot guarantee the security of your data transmitted to our
website; any transmission is at your own risk. Once we have received your information, we will use procedures
and security features to try to prevent unauthorised access
6.3. Where we have given you (or where you have chosen) a password which enables you to access certain parts of
our website, you are responsible for keeping this password confidential. We ask you not to share a password
7. Links to other websites
Our website may contain links to and from other websites (e.g. social media sites such as Twitter, LinkedIn,
YouTube and Facebook). Unless we own such websites, we accept no responsibility for the way in which they
submit any personal data to it.
8. Social Plugins
8.1. We use so-called social plugins (buttons) of social networks e.g. LinkedIn.
8.2. When you visit our websites, these buttons are deactivated by default, i.e. without your intervention they will
not send any data to the respective social networks. Before you can use these buttons, you must activate them
by clicking on them. They then remain active until you deactivate them again or delete your cookies. Please see
8.3. After their activation, a direct link to the server of the respective social network is established. The contents of
the button are then transmitted from the social network directly to your browser and incorporated in the
8.4. After activation of a button, the social network can retrieve data, independently of whether you interact with
the button or not. If you are logged on to a social network, the network can assign your visit to the website to
your user account.
8.5. If you are a member of a social network and do not wish it to combine data retrieved from your visit to our
websites with your membership data, you must log out from the social network concerned before activating
8.6. We have no influence on the scope of data that is collected by the social networks through their buttons. The
data use policies of the social networks provide information on the purpose and extent of the data that they
collect, how this data is processed and used, the rights available to you and the settings that you can use to
protect your privacy.
9. Your rights
9.1. Your right to access data
9.1.1.We always aim to be as open as we can and allow people access to their personal information. Where we
hold your personal data, you can make a ‘subject access request’ to us and we will provide you with:
• a description of it;
• an explanation of why we are holding it;
• information about who it could be disclosed to; and
• a copy of the information in an intelligible form – unless an exception to the disclosure requirements is
9.1.2.If you would like to make a ‘subject access request’ please make it in writing to our contact email address
noted in section 2 and mark it clearly as ‘Subject Access Request’.
9.1.3.If you agree, we will try to deal with your request informally, for example by providing you with the
specific information you need over the telephone.
9.1.4.Unless you agree a different time, we will complete your subject access request within one month.
9.2 Right to stop marketing messages
You always have the right to stop marketing messages. We will usually include an unsubscribe button in any
marketing emails. If you do wish to unsubscribe, please just click the unsubscribe button and we will promptly
action that request. Alternatively, you can update your marketing preferences by contacting us at anytime. Our contact details are shown in section 2.
9.3 Right to be forgotten
If we hold personal data about you, but it is no longer necessary for the purposes that it was collected and
cannot otherwise be justified – you have the right to request that we delete the data.
9.4 Right to restrict data
If we hold personal data about you and you believe it is inaccurate you have the right to request us to restrict
the data until it is verified. You also have the right to request that the data is restricted where you have a right
to it being deleted but would prefer that it is restricted.
9.5 Transferring your personal data
9.5.1.Where we rely on your consent as the legal basis for processing your personal information or need to
process it in connection with your contract, as set out under Section 3, you may ask us to provide you with
a copy of that information in a structured data file. We will provide this to you electronically in a
structured, commonly used and machine-readable form, such as a CSV file.
9.5.2.You can ask us to send your personal information directly to another service provider, and we will do so if
this is technically possible. We may not provide you with a copy of your personal information if this
concerns other individuals or we have another lawful reason to withhold that information
9.5 Right to complain
You always have the right to complain to the personal data regulator, the ICO. You may also be entitled to seek
compensation if there has been a breach of data protection laws.