---

Privacy Policy

Download this page as a PDF

Introduction
All Companies of the EBB Group (Elliott Baxter & Co Ltd & UniBoard Ltd) are committed to safeguarding your privacy and personal data in lines with the Data Protection Act 2018 and the Privacy and Electronic Communications Regulations 2003.
Personal data is any information relating to an identified or identifiable individual. An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as name, date of birth, location or social identity.

Information that we hold and how we use this information
EBB collects personal data as a result of its various activities. Below is an explanation as to what data is collected:

• Customer account information which you would have provided us when opening an account. This typically includes name, job title, address, e-mail address, telephone numbers and bank details.
• Customer transaction records such as order placing, quotations, requests for information, paymentrecords and delivery information.
• Individuals who have provided information to third party buying groups or from telephone research conducted by EBB
• Companies who supply products or services to EBB
• Individuals who are prospective, current or former employees of EBB

We will not collect or store sensitive personal data about you without your explicit permission to do so

How we use personal information
EBB use your data to provide the following supply and services:

• To carry out contractual obligations required to operate your account with us
• To send you communications which you have requested or may be of interest to you, including details of any price changes
• To carry out contractual obligations arising from you providing us a service
• To carry out contractual obligations arising from employment at EBB

EBB do not use any automated decision making systems

How we share personal information
We only share your information with trusted third party service providers or to comply with legal andregulatory requirements. Your personal information is shared with computer and software providers, bankers, credit insurers and credit reference agencies.

It is our strict policy that this information cannot be used for third party sales and marketing purposes and can only be used in connection with the services they provide us.

How we secure personal information
Our data is kept on a secure private network that can only be accessed by authorised members of staff via a unique username & password. These passwords meet complexity requirements and are changed on a regular basis.

All email is scanned by a third party provider for potential virus threats, inadmissible content and spam, before they are then sent on to our Exchange server.

Internet connectivity is allowed to authorised members of staff, but is restricted to non-harmful and virus free websites via a proxy server.

All servers & Windows laptops are covered by anti-virus and anti-malware software.

Data is backed up to meet best practice Recovery Time Objectives and Recovery Point Objectives and copies are kept off-site. All backup data is exported to a duplicate set of live standby servers, which can be bought on stream in the event of a disaster.

How we use cookies
We use cookies on our website. You can control the use of cookies on your browser settings. You will still be able to visit our website if you choose to disable cookies. For more general information on cookies, please visit www.aboutcookies.org

Personal data access rights
You have a right to access the personal data that we hold about you. You can review, move, ask to transfer, copy, edit or delete your personal information by e-mailing us at [email protected] or by contacting any member of EBB staff.

Your rights include:

• Asking and viewing the personal information that we hold on you
• Request that personal information that we hold on you is corrected or updated
• Ask for us to stop processing your data if there are no contractual or legal obligations
• Request that you do not receive direct marketing from us. We also have a clear “opt out” of future e-mail communications
• Requesting that your personal data is erased once it is no longer required for contractual or legal obligation to do so

Changes to this policy
This Privacy Policy will be reviewed regularly and updated accordingly to reflect any changes to legislation or our procedures.