This Privacy Notice was last reviewed on 4th January, 2021.
The Management at Sterling Financial Print Limited is committed to ensuring that all Personal Data is handled responsibly, lawfully and securely. The Senior Management team are responsible for ensuring that the fundamental principles below are applied by all staff dealing with Personal Data:
data is processed lawfully, fairly and in a transparent manner;
data is only collected for specified, explicit and legitimate purposes;
data is accurate and properly maintained;
data is held only for as long as necessary; and
data is protected and handled securely.
Consent: “Consent” of the Data Subject means any freely given, specific, informed and unambiguous indication of the Data Subject’s wishes by which, he or she, by a statement or by a clear affirmative action, signifies agreement to the Processing of Personal Data relating to him or her.
Data Controller: “Data Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
Data Processor: “Data Processor” means a natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Data Controller.
Data Subject: “Data Subject” is the individual that the Personal Data relates to and identifies.
Filing System: “Filing System” means any structured set of Personal Data which are accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis.
Legitimate Interest: “Legitimate Interest” is a designation for the use of Personal Data where that data is controlled and/or processed by the company or processed by a third-party contractor of the company, except where such interests are overridden by the interests or fundamental rights and freedoms of the Data Subject, which require protection of Personal Data, in particular where the Data Subject is a child.
Personal Data: “Personal Data” means any information relating to an identified or identifiable natural person (the “Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Personal Data Breach: “Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.
Processing: “Processing” means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Special Category: “Special Category” data is Personal Data which reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the Processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health, sex life or sexual orientation.
Who We Are and What This Privacy Notice Covers
We are Sterling Financial Print Limited (Registered in England and Wales: 02273286) located at:
Dowgate Hill House
14-16 Dowgate Hill
This Privacy Notice aims to explain our approach to our interaction with your data, including its obtaining, handling, retention, disposal and protection throughout the life cycle, for us and our partners (where applicable) and your choices and rights within each of these.
This Privacy Notice applies to information that we collect about you arising from:
personal interactions via various forms of electronic messaging, voice and video communication or face to face;
communication of relevant marketing information that you have either Consented to or otherwise expect from us as part of an established relationship;
the use of third parties with whom you have agreed for them to share your data with us and
information used as part of managing your web browsing experience
Throughout this Privacy Notice we’ll refer to our products and services collectively as “Services.”
Below we explain how we collect, use, and share information about you, along with the choices that you have with respect to that information.
If you have any questions about this Privacy Notice, please contact us as detailed in the Contact Section.
Information We Collect
We only collect information about you if we have a reason to do so, to provide our Services, to communicate with you, or to make our Services better.
Information You Provide to Us
The amount and type of information you provide depends on the context and how we use the information. Here are some examples:
Basic Online Account Information: We ask for basic information from you in order to set up your account. For example, to activate an online account we require a username and email address, and that’s it. You may provide us with more information, like your name, but we don’t require that information to create your account.
Business Account Information: If you have a business account with us, we will require certain information in order to fulfil our obligations to you. This information will include contact details such as email, phone number and mailing address for individuals associated with your account as well as account preferences and service history in order to provide you with the best service possible.
Transaction and Billing Information: If you buy something from us, you will provide additional personal and payment information that is required to process the transaction and your payment, such as a name, credit card information, and contact information.
Communications with Us: You may also provide us information when you respond to surveys, communicate with our Helpdesk about a support question, or post a question in our public forums.
Marketing Information: We use business contact information in the context of B2B marketing activities, to communicate Services that we feel may be of interest to the recipient. We do this under Legitimate Interest and individuals have the right to request that we cease these types of communications.
Service Provision: Personal Data provided by you that we require to provide you with print and fulfilment Services, in line with your data processing agreements
The information we collect automatically generally comprises:
Log Information: Like most online service providers, we collect information that web browsers, mobile devices, and servers typically make available, such as the browser type, IP address, unique device identifiers, language preference, referring site, the date and time of access, operating system, and mobile network information. We collect log information when you use our Services in order to assess the performance of our systems.
Usage Information: We collect information about your use of our Services. We use this information to, for example, provide our Services to you, as well as get insights on how people use our Services, so we can make our Services better.
How We Use Information
We use information about you as follows:
to provide print management and fulfilment Services to fulfil contractual requirements
to further develop our Services - for example by adding new features that we think our users will find of benefit, to satisfy a Legitimate Interest
to monitor and analyse trends and better understand how users interact with our Services, which helps us improve our Services and make them easier, to satisfy a Legitimate Interest
to monitor and protect the security of our Services, detect and prevent fraudulent transactions and other illegal activities to meet contractual and legal obligations
to provide you with marketing communications, to satisfy a Legitimate Interest
to keep you up to date on our Services, to satisfy a Legitimate Interest
to personalise your experience using our online Services, provide content recommendations, to satisfy a Legitimate Interest
Sharing of Personal Data
How We Share Personal Data
We do not sell our users’ personal information.
We share your Personal Data in the limited circumstances spelled out below and with appropriate safeguards on your privacy:
Subsidiaries, Employees, and Independent Contractors: We may disclose information about you to our subsidiaries, our employees, and individuals who are our independent contractors that need to know the information in order to help us provide our Services or to process the information on our behalf.
We require our subsidiaries, employees, and independent contractors to follow this Privacy Notice for personal information that we share with them. We may also request your Consent to process limited elements of your data in specific ways. Where we require this Consent, it will be presented to you in a way that allows you to have a clear understanding of what you are Consenting to and enable you to agree to this in a clear and positive way.
Sharing with Third Parties: We may share information about you with third party vendors who need to know information about you in order to provide their services to us. This group are the vendors that help us provide our Services. We require vendors to agree to privacy commitments in order to share information, this is documented within formal Data Processing Agreements – third party vendors and Clients agree to ensure that lawful grounds have been established and that all notices and Consents are in place for any Personal Data that they ask us to process on their behalf.
Third Party Vendors:
Direct mailing organisations
As part of delivering our Services we share personal shareholder names, addresses and shareholdings information with sub-processors for the purpose of mailing out shareholder information to those individuals.
Backup service providers
In order to protect your information, we hold backups of your data to protect against loss or corruption of data. This service is provided by third party backup service providers.
Mailing and courier providers
Mailing and courier companies are used to transport hard copy documentation as part of the Services we provide.
IT hosting providers
We use third party specialist hosting service providers to manage IT and storage infrastructure.
As Required by Law: We may disclose information about you in response to a subpoena, summons, court order, or other governmental request.
To Protect Rights and Property: We may disclose information about you when we believe in good faith that disclosure is reasonably necessary to protect our property or rights or those of the public at large.
Business Sale or Transfers: In connection with any merger, sale of company assets, or acquisition of all or a portion of our business by another company, or in the unlikely event that the company goes out of business or enters bankruptcy, user information would likely be one of the assets that is transferred or acquired by a third party. If any of these events were to happen, the new business owner(s) would be responsible for ensuring that all Personal Data to which this Privacy Notice relates, is handled in accordance with this Privacy Notice.
Aggregated and De-Identified Information: We may share information that has been aggregated or reasonably de-identified, so that the information could not reasonably be used to identify you. For instance, we may publish aggregate statistics about the use of ourServices.
Sale or Transfer: If we're discussing selling or transferring part or all of a business, we may share information about you to prospective purchasers - but only so they can evaluate that business. If we are reorganised or sold to another organisation, we may transfer information we hold about you to them, so they can continue to provide the Services to you.
Publicly Shared Information: Information that you choose to make public is, disclosed publicly. This means that any information like posts and other content that you make public on our system, will be public. Remember - public information may also be indexed by search engines or used by third parties. Please keep all of this in mind when deciding what you would like to share.
Cookies are used on our website to enhance security and improve your experience whilst browsing our website.
As part of our website functionality, we ask you for permission to use non-essential cookies before using them. Any consent you give upon visiting our website can be changed at any time using the cookie settings panel.
Cookies that are currently use, including the reason for use and retention period are detailed below:
We employ a range of security controls throughout our organisation to ensure that we look after your Personal Data and protect it from loss, corruption or unauthorised access. This is delivered in the form of our ISO27001 Information Security Management System, which is independently audited and certified annually.
We only retain data for as long as is necessary to satisfy the following requirements:
Legal: We are required to meet legal obligations in terms of retention periods for some data, such as financial records and information (seven years for any document relating to financial transactions).
Contractual: Your data will be retained for the duration of your contract, as required by us to fulfil our contractual obligations. Following the end of the contract term, we retain your information for a period of 18 months for marketing and business analysis purposes.
Marketing: Where data is held for marketing purposes, then, we hold this for 18 months of inactivity prior to destruction.
Business Analysis: Where data is held for business analysis purposes, data is limited to only that necessary to perform the analysis. We retain business analysis data for 18 months.
We always aim to keep the amount of Personal Data we hold to a minimum and so, unless we have received a specific request from you to erase any of your data before the retention periods expire, we will either destroy or return to you any data that has reached the end of its retention period.
You have several choices available when it comes to information about you:
Limit the Information that You Provide: If you have an account with us, you can choose not to provide the optional account information and transaction and billing information. Please keep in mind that if you do not provide this information, certain features of our Services may not be deliverable (contact us for more information).
Opt-Out of Electronic Communications: You may opt out of receiving promotional messages from us. Just follow the instructions in those messages. You may still receive messages as part of the fulfilment of our contractual obligations or legal notices; if you also decide to opt out of these, this could result in a significant reduction of Service you obtain from us in the fulfilment of these obligations.
Set Your Browser to Reject Cookies: you can usually choose to set your browser to remove or reject browser cookies before using our website, with the drawback that certain features of the website may not function properly without the aid of cookies.
When it comes to Personal Data you have defined rights regarding how your data is collected, processed and shared. These rights are explained below:
The Right of Access: You have the right to request that we show you what Personal Data of yours we hold and process.
The Right to Erasure: In specific circumstances, you have the right to request that any data we hold on you be erased. This includes where:
Your Personal Data is no longer necessary in relation to the purpose for which it was originally collected/processed.
You withdraw Consent.
You object to the Processing and there is no overriding Legitimate Interest for continuing the Processing.
The Right to Object: There are cases where we may process some of your data in order to help us assess and improve our business. This type of Processing may not be supported by a contractual requirement or your Consent but would have been carefully assessed to ensure that we have a clear Legitimate Interest in doing so that does not adversely affect you as an individual. In these instances, we make you aware of these activities along with your right to object to this kind of Processing should you wish.
The Right to Rectification: If you become aware that any data we hold is incorrect you have the right to request that this data be corrected.
The Right to Data Portability: You have the right to request that we provide you with an electronic copy of any data you have given to us as part of a contractual relationship or following your Consent. This also includes any data about you that has been generated automatically as part of these agreements.
The Right to Restrict Processing: In some situation you may require us to restrict Processing, such as following an objection or if data accuracy is in question. Where you exercise your right to restrict Processing we shall not recommence Processing without first notifying you.
Other Things You Should Know
Transfer of Information outside of the EEA
From time to time we may transfer your personal information to our group companies, suppliers or service providers based outside of the EEA for the purposes described in this Privacy Notice. If we do this, your personal information will continue to be subject to one or more appropriate safeguards set out in the law. These might be the use of model contracts in a form approved by regulators.
If you have any complaints about the way in which your Personal Data is being handled, then please contact us using the contact details below:
The Data Controller
Sterling Financial Print Limited
Dowgate Hill House
14-16 Dowgate Hill
Alternatively, in the event that you feel we have not responded to you in a timely fashion, or have not fully responded or complied with your request(s), you may also contact the national supervisory authority to register a complaint, their details can be found at https://ico.org.uk.