Everest recognises the importance of protecting the personal information and the privacy of data provided by you (and that which may personally identify you).
Email address: firstname.lastname@example.org
Postal address: The Data Protection Officer, Everest 2020 Ltd, Everest House, Head Office, Sopers Road, Cuffley, Hertfordshire, EN6 4SG
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
Information we may collect from you
If you enter your personal details on our website or otherwise make an enquiry about our goods and services, we'll ask you for your name, address, telephone numbers (mobile and land) and email address.
As part of our commitment to raising standards, we may monitor and record communications with you (including phone conversations, emails, text and webchat conversations) for quality assurance, legal, compliance and training purposes.
Each time you visit our website or otherwise communicate with us, we may automatically collect any of the following information:
a) Information about our website visitors:
- Technical information, including the Internet protocol (IP) address used to connect your computer to the internet, domain name and country which requests information, the files requested, browser type and version, browser plug-in types and versions, operating system and platform
- Your user name
- Your age
- Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time), time and length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page, traffic data, location data, weblogs and other communication data and information provided when requesting further service or downloads
- If you are a user of a mobile application, your location data so that we can help you to locate our products and services and, if you are a service provider, so that we can monitor the effectiveness and efficiency of any services that you provide to us
b) Information about the goods or services we provide to you:
- Information needed to provide goods or services to you (including information on account opening forms, details of your order, order history, payment details, delivery address, delivery requirements and restrictions, trade references and tax information)
- The name you give us for personalised products
- Customer services information
- Customer relationship management and marketing information
c) If you choose to use social media in order to contact us or find out about our products or services, your profile information (including your preferences and interactions with us on Facebook, Instagram and Twitter) and information which you post on message boards which are relevant to our business.
The legal basis we rely on
When we use your personal information, we are required to have a lawful basis for doing so. There are various different lawful bases on which we may rely, depending on what personal information we process and why.
If you are a customer or supplier of Everest, then the lawful basis on which we process your personal data is the performance of a contract under Article 6(1)(b) of the General Data Protection Regulation ("GDPR"). Our use of your personal information is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
We may collect personal information from you as a visitor to this website (such as your IP address and usage of this website) on the lawful basis of our legitimate interests under Article 6(1)(f) of the GDPR. These legitimate interests are: (i) to study how our customers and potential customers use our goods and services and our website; (ii) to grow our business and develop our goods and services, and our website; (iii) to inform our marketing strategy; (iv) to keep our website up to date and relevant; (v) to define types of customers for our goods and services.
Generally, we do not rely on consent as a lawful basis for processing your personal data, although we will get your consent before sending direct marketing communications or promotional offers to you. You have the right to withdraw consent to such communications at any time by contacting us. Where you opt out of receiving these, this will not apply to personal data provided to us as a result of your entering into a contract with us as a customer or supplier.
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
How we use this information
We collect, use and store your personal information for the following reasons:
- To allow our advisers, agents and sales representatives to follow up our service, either by email, telephone, text or mail, as part of our customer care procedure
- To help us to understand your needs and provide a better service
- To help us to improve our products and services
- To enable us to occasionally contact you for market research purposes
- To enable us to send you information about new products, special offers or other information that we think you may find interesting
- To administer our websites
- To improve your browsing experience by personalising the website
- To provide third parties with statistical information about our users - but this information will not be used to identify any individual user
- To facilitate our internal record keeping
- To enable you to participate in our competitions and promotions
- To carry out marketing analysis and applicant profiling (including with transactional information) and create statistical and testing information
- To help to prevent and detect fraud or loss
- To process orders which you place for goods or services from us
- To prepare before and after photographs of enhancements to your property to use for marketing purposes
- For improvement and maintenance of our website and the app and preparing reports or compiling statistics in order to improve our goods and services. Such details will be anonymised as far as is reasonably possible and you will not be identifiable from the information collected
- To monitor your interactions with us and our brand online, if you contact us on social media, including Messenger and WebChat, where it is in our legitimate interests to do so for market research and for planning future marketing campaigns
- To amplify an event to a broader audience and for internal presentation purposes, we may use your photograph or video footage from an event where it is in our legitimate interests for marketing and business development purposes or where we have your consent
- To contact you to invite you to write a news article about our products and services; to invite you to events, send you promotional material and for press releases if you are a journalist, where it is in our legitimate interests
- To provide relevant goods or services to you or your employer (including, to confirm and process orders, for administration of your account with us, customer loans, tax and export, billing and debt collection purposes and the collection of bottles (where applicable)
- To deal with any enquiries or issues you have about our goods and services, including any questions you may have about how we collect, store and use your personal information, or any requests made by you for a copy of the information we hold about you. If we do not have a contract with you, we may process your personal information for these purposes where it is in our legitimate interests for customer services purposes
- To send you certain communications (including by email or post) about our goods and services such as service announcements and administrative messages (for example, setting out changes to our terms and conditions and keeping you informed about our fees and charges)
- To allow you to attend our events or participate in competitions and to send you photos that you have permitted us to take of you
- For health and safety and quality assurance
- To carry out statistical analysis and market research
- To contact you (including by email or post) with information about our products and services which either you request, or which we feel will be of interest to you (including newsletters), but only where you have consented to this
- To identify and implement business efficiencies and for internal corporate reporting, business administration, ensuring adequate insurance coverage for our business, ensuring the security of company facilities, research and development
- To comply with any procedures, laws and regulations which apply to us - this may include where we reasonably consider it is in our legitimate interests or the legitimate interests of others to comply, as well as where we are legally required to do so
- To establish, exercise or defend our legal rights - this may include where we reasonably consider it is in our legitimate interests or the legitimate interests of others, as well as where we are legally required to do so
Where we rely on consent as the lawful basis to undertake any of the above, we will seek your consent for this first before we undertake the relevant activity.
How long we keep your information
Whenever we collect or process your personal data, we'll only keep it for as long as is necessary for the purpose for which it was collected. To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. At the end of that retention period, your data will either be deleted completely or anonymised, for example by aggregation with other data so that it can be used in a non-identifiable way for statistical analysis and business planning.
How we protect your information
We always hold your information securely and to prevent unauthorised disclosure or access to your information, we have implemented strong security safeguards including operating our website over the https protocol. We also follow stringent procedures to ensure we work with all personal data in line with current data protection legislation.
Controlling information about you
Your rights over your information
You have the right to request:
- Access to the personal data we hold about you
- The correction of your personal data when incorrect, out of date or incomplete
- The erasure of your personal data in certain situations
- That we stop using your personal data for direct marketing (either through specific channels, or all channels)
- That we stop any consent-based processing of your personal data after you withdraw that consent
- That we stop in certain other situations to our continued processing of your personal data
- That we provide to you the personal data that we hold about you in a structured, commonly used and machine-readable format (and that we transmit such data to a third party in certain situations)
- A review of any decision made based solely on automatic processing of your data (i.e. where no human has yet reviewed the outcome and criteria for the decision), which produce legal effects concerning you or significantly affecting you
If you wish to exercise any of the rights set out above, please contact us using the contact details above.
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.