Who we are
Premia GTR Limited
Our website address is: https://www.premia.limited
What personal data we collect and why we collect it
When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
This privacy Notice sets out how Premia GTR Ltd collects and uses (processes) information about individuals (referred to as your “personal information”). Personal information is information which by itself available to us can be used to identify you. In this privacy notice we describe:
- Who Collects Your Personal Information
- Type Of Personal Information That We Collect
- How We Use Your Personal Information
- How We Share Your Personal Information
- Other Information We Collect
- Marketing Preferences
- Your Rights
- Data Retention
- Other Important Information
You may be assured that we will treat all personal information as confidential and will not process it other than for a legitimate purpose. Steps will be taken to ensure that the information is accurate, kept up to date and not kept for longer than is necessary. Measures are also taken to safeguard against unauthorised or unlawful processing and accidental loss or destruction or damage to the personal information.
Since this notice contains important information, we encourage you to read it. Please use the links to access detailed information. Any questions in relation to this Privacy Notice of requests in respect of personal information should be directed to firstname.lastname@example.org in the first instance.
Who Collects Your Personal Information
Premia GTR Ltd is responsible for collecting and processing the personal information. Whenever we refer to “we” or “us” in this notice, we mean Premia GTR Ltd.
Type Of Personal Information That We Collect
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
Whether or not you become a customer we will hold and process data for our legitimate day to day business process and activities including the processing of your orders for supply and sale of our products, to manage the account or product you have ordered or to meet our Legal, Regulatory and Good Governance obligations and requirements (in particular in respect of anti-money laundering legislation including information on source of funds). This list is not exhaustive and may be updated from time to time as dictated by business needs and legal and regulatory requirements.
If you do not provide the information that we request, we may not be able to provide you with the requested products or services.
Processing is as defined in the Regulations, but could include obtaining, recording or holding information or data.
Personal data is information which can identify you as a living individual.
We will collect personal information when you:
- Access our products and services
- Create an account
- Participate in a promotion, contest or event
- Submit a review or participate in a survey
- Communicate with us via social media
- Contact us for assistance
- Submit an application for employment
- Interact with us on social media
Some of this information we collect directly from you either in person or via a website, Account Application and the Due Diligence Process or social media. Sources may also include third parties connected to you as the data subject (for example another service provider who provides services to you).
The Personal Information we may collect from you might include the following:
- Name, date of birth or country of residence
- Contact information such as email address, telephone number, address
- Financial information
- Account details such as user name, password and unique user ID
- Payment information such as debit or credit card details or bank account details
- Photographic proof of age
- Your reviews about our products and services, information about your preferences and consumption habits
- Marketing communication and cookie preferences
- Education and Employment history, salary expectations
- Details of your contact with us including recordings of any telephone calls
- Photographs and videos submitted by you or taken at one of our events
- Profile pictures and social media profile information
We also collect personal information about you from other sources. Such information from other sources may be:
- Information from credit references, court records of debt judgements and bankruptcies or that received as part of routine card verification (fraud prevention) checks.
- Joint marketing partners, when they share information with us.
- Publicly available data bases.
When we receive personal information about you from different sources, we may combine or link that information. Linking different sources of information enables us to provide a better customer support service when you contact us.
Some of the personal data may be kept in paper files, while other personal data will be included in computerised files and electronic databases.
We ask that you do not send us, and do not disclose, any sensitive personal information (e.g information related to racial or ethnic origin, political opinions, religion or other beliefs, biometrics).
How We Use Your Personal Information
We use data (including personal information of individuals) for legitimate business purposes for the following purposes (the below also confirming the lawful basis we are relying in each case):
Processing your personal order and to enter into a customer relationship
Lawful Basis for Processing
We use personal information to perform and fulfil the contract we have entered into with the individual and process orders, to take payment for items purchased from us, to dispatch items purchased or to process a return or request for a refund.
We may also use personal data to protect against or identify possible fraudulent transactions. We will engage in these activities to manage our contractual relationship with the individual and/or to comply with a legal obligation
In instances where an individual has been provided with this Privacy Notice and provided personal data thereafter, the processing may be carried out on the basis of the consent. Consent may be withdrawn at any time by writing to email@example.com
Lawful Basis for Processing
If you as an individual contact us, or we contact you, we will use your personal information such as your purchase information and contact history for the purpose of providing you with assistance, handling enquiries and complaints.
We will engage in these activities to manage our contractual relationship with you as an individual, for our legitimate business reasons and/or to comply with a legal obligation.
To provide you with Marketing Information and /or Information about our Products, Events or Services which may be of interest to you and manage such mailings.
For the purposes of the legitimate interests of Premia GTR Ltd to process personal data to communicate with individuals on topics and events which may be of interest to them.
Where you as an individual have asked to receive marketing communications from us, we may send you information about our products, newsletters, promotions, offers or other information that we think might be of interest to you.
We use personal information to send you marketing communications.
We will seek to comply with your request(s) as soon as reasonably practicable.
Our business purposes including legal, regulatory and governance obligations
Lawful Basis for Processing
For the purposes of the legitimate interests of Premia GTR Ltd as a supplier of the products and related services to process the personal data to the extent necessary as follows:
We use the personal information we hold about you to accomplish and manage our business purposes and contractual relationships and or to comply with a legal obligation, including:
- To conduct data analysis, for example, to improve the efficiency of our services;
- To conduct audits, to verify that our internal processes function as intended and are compliant with legal, regulatory or contractual requirements;
- To monitor for fraud and security purposes, for example, to detect and prevent cyberattacks or attempts to commit identity theft;
- To meet our legal, regulatory and governance obligations including as may be necessary for compliance;
- To consider ways for enhancing, improving, or modifying our current products and customer services;
- To identify usage trends, for example, understanding which parts of our services are of most interest to users;
- To determine the effectiveness of our promotional campaigns, so that we can adapt our campaigns to the needs and interests of our users; and
- For operating and expanding our business activities, for example, understanding which parts of our services are of most interest to our users so we can focus our energies on meeting our users’ interests.
- For the purposes of our internal know – how and training
To ensure the security of Premia GTR Ltd’s systems, staff and premises (including the use of CCTV equipment)
Lawful Basis for Processing
For the purposes of the legitimate interests of Premia GTR Ltd to protecting its systems, staff and premises from being misused or the victim of any criminal activity
How We Share Your Personal Information
Subject to applicable data protection law, we may share your personal information with your consent or as necessary to complete any transaction or provide any service you have requested. Sometimes the provision of data to one entity within our group may result in that data being accessible by all other members of our group. Reasonable endeavours are made to ensure that the data is only accessible by those with a need for access to fulfil the purposes set out above. We do not share your personal information with any third-party companies for the purpose of marketing including our affiliates unless you have explicitly provided us with consent. We do not share your personal information with any third party outside of the European Union. The following are categories of recipients with whom we may share your personal data and for the reasons mentioned.
Business Transactions, Legal, Regulatory and Law Enforcement
Basis for Sharing Information
- We have a legitimate interest in disclosing or transferring your personal information to a third party in the event of any reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings). Such third parties may include, for example, an acquiring entity and its advisors.
- We may also disclose personal information to comply with legal and contractual obligations and our corporate policies and procedures and where we believe such action is necessary to – this may include:
- Fraud prevention agencies, credit reference agencies, debt collection agencies when we open your account, other organisations who use shared data bases for income verification and credit checks,
- Government bodies and agencies in the UK e.g. HM Revenue & Customs (HMRC),
- Any Registrar of a Public Register where the data is to be included in a Public Registry,
- Courts and Tribunals to comply with legal requirements and for the administration of justice,
- To protect the security, integrity, rights and privacy of our business operations,
- To other parties connected with your account e.g. guarantors and other people named on the application
- Anyone else where we have your consent or where it is required by law
Third Party Service Providers
Basis for Sharing Information
- We use third party service providers to process personal information on our behalf. This may include:
- Sub-contractors and other persons who help us provide our products and services, Companies and other persons providing services to us including those who provide customer support, web hosting (including cloud based) and data base server providers, social media platforms, customer data management and list enhancement companies, marketing agencies that host our events and promotions or other marketing initiatives, companies that fulfil product orders, warehouse management or coordinate mailings, delivery and courier companies, market research organisations,
- Payment processors, data analysis firms,
- Legal, and other professional advisors including our accountants and auditors,
- And where we enter into an engagement with a third party pursuant to which the data may be processed or shared by – with that third party, we will seek to enter into an agreement with that third party setting out the respective obligations of each party and we will endeavour to be reasonably satisfied that the third party has measures in place to protect the data against unauthorised or accidental use, access, disclosure, damage, loss or destruction.
Other Information We Collect
We and our service providers also may collect other information that does not reveal your specific identity or does not directly relate to an identifiable individual (referred to as “other information”). This may include:
- Server log files and environmental variables
- App usage data
- Information collected through cookies, pixel tags and other technologies
- Demographic information and other information provided by you that does not reveal your specific identity
- Information that has been aggregated in a manner such that it no longer reveals your specific identity
If we are required to treat other information as personal information under applicable law, then we may use and disclose it for the purposes for which we use and disclose personal information detailed in this Policy.
Other information may be collected in a variety of ways, including:
- Through your browser or device
- Through your use of one of our mobile apps
Unless you have told us not to, we will send you marketing information relating to products and promotions that we think will be of interest and relevant to you. If you change your mind and no longer wish to receive these communication, you can tell us at any time by contacting us at firstname.lastname@example.org. If you have previously told us that you don’t want information on our products and promotions, we will continue to respect your wishes.
Data subjects in the European Union (or any jurisdiction with equivalent legislation to the European Union General Data Protection Regulation) have certain rights in respect of their personal data. We will respond to your requests consistent with applicable law. These rights are as follows:
- The right to be informed about our processing of your personal data
- The right to have your personal data corrected if it is inaccurate and to have incomplete personal data completed
- The right to object to processing your personal data
- The right to restrict processing of your personal data
- The right to have your personal data erased (the “right to be forgotten”) – if you do not want to receive promotional emails you may inform us at any time by contacting us at email@example.com
- The right to request access to your personal data and information about how we process your data
- The right to move, copy or transfer your personal data (“data portability”)
- Rights in relation to automated decision making including profiling
Should you wish to exercise your rights under the applicable data protection laws, please send such requests in the first instance firstname.lastname@example.org.
You have the right to complain to the Information Commissioner’s Office at www.ico.org.uk.
In any case in which a data subject chooses not to provide any personal data or where any of the rights set out are exercised to limit the processing of personal data, Premia GTR Ltd may be unable to provide the relevant products or services, or there may be a restriction on the services which can be provided.
We retain personal information only for as long as needed or permitted in light of the purposes (as set out above) for which it was obtained and consistent with applicable law. The criteria which we use to determine data retention periods for your personal data include the following:
- Retention in case of an ongoing relationship: The length of time we have an ongoing relationship with you and provide the products and services to you (for example, for as long as you have an account with us or keep using the services);
- Retention in accordance with legal, regulatory and statutory requirements: Whether there is a legal obligation to which we are subject and where the data cannot be deleted for legal, regulatory or statutory reasons; or
- Whether retention is advisable in light of protecting our legal position: In the case of disputes and court claims (such as in the case of termination of employment)
- Others: In the absence of any statutory requirement, our retention policies will be proportionate and designed using a risk-based approach.
Any requests for further information in relation to the continued processing of specific data and requests for the destruction of data should be made to email@example.com.
Other Important Information
Contact Details: Any questions and enquiries in respect of this Privacy Notice, or about any personal data we hold about you or any request to exercise any of the rights as set out above should be directed to the Data Protection Officer via firstname.lastname@example.org or by post at Data Protection Officer, Premia GTR Ltd, Mocatta House, Trafalgar Place, Brighton, East Sussex, BN1 4DU United Kingdom.
Changes to this Privacy Notice: We keep this Privacy Notice under review and any updates will appear here.
This Privacy Notice was last updated on 9th May 2023.