About this Policy

This privacy policy and general privacy notice applies to Osbourne & Young. We at
Osbourne & Young take your privacy seriously. and this policy and notice has been
drafted in accordance with the requirements of the General Data Protection
Regulations (“GDPR”), with the support of the legal team at www.legalo.co.uk.
This privacy notice explains how we look after your personal data (in all situations
where we collect your data) and sets out your privacy rights and also explains how
the law and our approach to privacy and personal data protects you.
This privacy notice supplements any other privacy notices that we may provide to
you at the point that we collect data from you and should be read in conjunction with
those notices.
Our status and details
For the purpose of the GDPR we are the data controller and any enquiry regarding
the collection or processing of your data should be addressed to our [Data Protection
Officer OR Privacy Manager] using the contact details below:
Name or title: Isaac Young
Email address: [email protected]
Postal address: Burnbank House Church Lane, Witnesham, Ipswich, England, IP6 9JD
By using the Website you consent to this policy. We are registered with the
Information Commissioner’s Office for this purpose.
Information we collect
We will collect, process and store personal data only if it is directly provided to us by
you. You may do this in your capacity as the user of this Website, by enquiring in
relation to our goods or services, becoming a customer or supplier, or potential
Personal information covers any information which relates to you as an identifiable
person. Below are examples of the type of data that this may include:
(a) Identity Data including forenames, last name, maiden name, date of
birth, gender, marital status, and username or similar identifier.
(b) Contact Data may include invoicing; purchase order; home or work
address, email address and telephone numbers, personal or job title
and position.
(c) Financial Data may include bank account and payment card details.
(d) Special Category Data for example health or medical data, details
about your race, religion, sex and political opinions.

(e) Transaction Data may include payments made for products and
services you have purchased from us, or in relation to payments that
we have made to you.
(f) Technical Data may include internet protocol (IP) address, browser
type and version, time zone setting and location, browser plug-in
types and versions, operating system and platform and other
technology on the devices used to access this Website.
(g) Profile and Usage Data may include enquiries submitted by you,
purchases information, feedback and survey responses, and how you
use our website, products and services.
(h) Marketing Data may include details of any preference that you have
advised us of in relation to marketing communications from us.
We may also collect non-personal data such as Aggregated Data which is
data that may be obtained from your personal data, but which does not
directly or indirectly identify you. This may include Usage Data detailing
how you use our Website and the features and areas that you have
interacted with.
How do we collect your personal data?
A range of different methods may be used to collect data which may include
the following methods:
(a) Direct interactions with us in person, by post, phone, email or
otherwise. You may give us your Identity, Contact and Financial
(b) Automated technologies or interactions with our website, by using
the web enquiry form, [or the shopping cart on this website]. You may
give us Identity, Contact and Financial Information.
(c) Third parties or publicly available sources (third parties may be used
in processing Identity, Contact and Financial categories of personal data).
Data accuracy
It is important that the data that we hold about you is accurate and up to date. In the
event that your data changes please notify us so that we can update our records.
Use of your information
We may hold and process personal data that you provide to us in accordance with
the GDPR.
The information that we collect and store relating to you is primarily used:
(a) To enable us to provide our services to you, to communicate with you and to
meet our contractual commitments to you. This may include Identity, Contact,
Financial and Transactional data.

(b) To notify you about any changes to our business, such as improvements to
our Website or service/product changes, that may affect our service or
relationship with you. This may include Identity and Contact data.
(c) If you are an existing customer, we may contact you with information about
goods and services similar to those that were the subject of a previous sale to
you. This may include Identity and Contact data.
(d) Where you have consented to receive such information, to provide
information on other parties’ products or services that we feel may be of
interest to you. This may include Identity, Contact and Marketing data.
(e) Where you have consented to receive our e-newsletters to provide that to
you. This may include Identity and Contact data.
(f) Where we need to comply with a legal obligation. This may include Identity,
Contact and Transactional data.
(g) Where it is necessary for our legitimate interests (or those of a third party)
and your interests and fundamental rights do not override those interests.
This may include all types of data.
Where we collect your data for marketing purposes we will always request your
consent, at the point the data is collected, to use your data for that purpose.
We will always obtain your prior consent to sharing your personal data with any third
party for their marketing purposes. This may be to enable relevant third parties to
advise you of products or services that may be of interest to you.
We will only use your personal data for a reason other than the purpose for which it
was originally obtained if we consider that we need to use it for that other purpose
and have a legitimate interest in doing so.
Disclosure of your information
There are a range of circumstances where we may disclose your data to third parties.
These include:
(a) Regulatory bodies. We may disclose your data to regulatory bodies to enable
us to comply with the law and to assist fraud protection and minimise credit
risk. This may include Identity, Contact and Transactional data.
(b) Our Suppliers. We may disclose your data to third parties that are involved in
the fulfilment of our services to you. This may include Identity, Contact and
Transactional data.
(c) Third party marketing. Where you have consented for us to do so, we may
provide your data to selected third parties who may contact you about their
goods or services that you may be interested in. This may include Identity,
Contact and Marketing data.

(d) Business sale. We may disclose your personal data outside of our
organisation: (a) in the event that we sell or buy any business or assets, in
which case we may disclose your personal data to the prospective seller or
buyer of such business or assets; and (b) if Osbourne & Young’s business is
bought by a third party, in which case personal data held by it about its
customers will be one of the assets to transfer to the buyer. However, any
such transfer will only be on terms that the confidentiality of your personal
data is protected and that the terms of this privacy policy will continue to be
complied with by the recipient.
Please be advised that we do not reveal information about identifiable individuals to
our advertisers, but we may, on occasion, provide them with Aggregated Data about
our Website visitors and customers.
If you do not want us to share your data with third parties you will have the
opportunity to withhold your consent to this when you provide your details to us on
the form on which we collect your data, or you can do so by writing to us at the
address detailed above or sending us an email to [email protected] at any time.
Controlling the use of your data
Where we rely on consent as the lawful basis for processing your data you can
revoke or vary that consent at any time.
If you do not want us to use your data or want to vary the consent that you have
provided you can write to us at the address detailed in clause 2 or email us at [email protected]
at any time.
Data storage and the transfer your data
As part of the services offered to you, for example through our Website, the
information you provide to us may be transferred to and stored in countries outside of
the European Economic Area (EEA) as we use remote website server hosts to
provide the website and some aspects of our service, which may be based outside of
the EEA, or use servers based outside of the EEA – this is generally the nature of
data stored in “the Cloud”. It may also be processed by staff operating outside the
EEA who work for one of our suppliers, e.g. our website server host, payment
processing provider, or work for us when temporarily outside of the EEA.
A transfer of your personal data may happen if any of our servers are located in a
country outside of the EEA or one of our service providers is located in a country
outside of the EEA.
If you use our service while you are outside the EEA, your personal data may be
transferred outside the EEA in order to provide you with these services.
If we transfer or store your personal data outside the EEA in this way, we will take
steps with the aim of ensuring that your privacy rights continue to be protected, as
outlined in this privacy policy. Where we use suppliers based in the US, we may
transfer data to them if they are part of the Privacy Shield which requires them to
provide similar protection to personal data shared between the Europe and the US.

The transmission of information via the Internet or email is not completely secure.
Although we will do our best to protect your personal data, we cannot guarantee the
security of data while you are transmitting it to our site; any such transmission is at
your own risk.
We have put in place security measures to prevent your data from accidental, loss or
disclosure. Once we have received your personal data, we will use strict procedures
and security features to try to prevent unauthorised access.
Where we have given you (or where you have chosen) a password so that you can
access certain parts of our site, you are responsible for keeping this password
confidential. You should choose a password it is not easy for someone to guess.
In the event of a data breach we will notify the ICO and you in the event that the
breach results in any likelihood of loss or damage to you.
Data retention
The length of time that we retain, and store data depends on the purpose for which it
was collected. We will only store data for as long as is required to fulfil that purpose,
or for the purpose of satisfying legal requirements.
It is a legal requirement that we keep certain data about our customers and suppliers
for at least six years. The type of data includes Contact, Identity, Financial and
Transaction Data.
Where you have requested that we provide you with marketing materials we will
retain your data until such time as consent is withdrawn by you.
Use of cookies
[Our use of cookies is detailed in our Cookies Policy] OR [Our Website does not use
cookies.] OR [Our Website uses cookies. We use cookies to gather information about
your computer for our services and to provide statistical information regarding the
use of our Website. Such information will not identify you personally – it is statistical
data about our visitors and their use of our Website. This statistical data does not
identify any personal details whatsoever.
We may also gather information about your general Internet use by using a cookie
file. Where used, these cookies are downloaded to your computer automatically. This
cookie file is stored on the hard drive of your computer, as cookies contain
information that is transferred to your computers hard drive. They help us to improve
our Website and the service that we provide to you.
All computers have the ability to decline cookies. This can be done by activating the
setting on your browser which enables you to decline the cookies. Please note that
should you choose to decline cookies, you may be unable to access particular parts
of our Website. Where we work with advertisers on our Website, our advertisers may
also use cookies, over which we have no control. Such cookies (if used) would be
downloaded once you click on advertisements on our Website.]
Your rights
The GDPR gives you a range of rights in relation to the personal data that
we collect from. You have the right to:

(a) Access your personal data. This right is commonly known as the
‘data subject access request’ and enables you to receive a copy of
the personal data we hold about you. You will not need to pay a fee
to access your personal data unless we can justifiably demonstrate
that the request is repetitive or excessive. We will respond to all
legitimate data access requests within one month, but we may need
to obtain further information from you in order to confirm your identity
and the legitimacy of the request.
(b) Request update of the personal data. This enables you to have any
incomplete or inaccurate data corrected.
(c) Erasure of your personal data. This enables you to ask us to delete
personal data where there is no justifiable reason for us continuing to
retain and process it. We may not always be able to delete the data
such as if there is an ongoing contractual relationship between us or
if we are legally required to retain the data.
(d) Object to processing of your personal data where we are relying on
consent or our legitimate interests (or those of a third party) as the
justification for processing the data.
(e) Restrict the processing of your personal data. This enables you to
ask us to change the processing of your personal data. For example,
you may wish to vary the basis on which we contact you.
(f) Request the transfer of your personal data to you or to a third party.
We will provide to you, or a third party you have chosen, your
personal data in a structured, machine-readable format.
(g) Withdraw consent. Where we are relying on consent to process your
personal data you may withdraw that consent. If you withdraw your
consent, we may not be able to provide certain products or services
to you. We will advise you if this is the case at the time you withdraw
your consent.
You can exercise these rights at any time by writing to us at the address detailed
above, or by email to [email protected].
Third party links
You might find links to third party websites on our website. If you click a link to a
third-party website and visit that site, you may be allowing that site to collect and
share certain data about you. These websites should have their own privacy policies,
which you should check. We do not accept any responsibility or liability for their
policies whatsoever as we have no control over them.
If you wish to raise a complaint regarding our use of your personal data then you can
contact the Information Commissioner’s Office (ICO), who are the UK supervisory
authority for data protection issues. ( www.ico.org.uk ).

If you do wish to raise a complain then we would welcome the opportunity to discuss
your concerns before you contact the ICO to see if we can resolve the issue for you.
Changes to this policy
We may update these policies to reflect changes to the website and customer
feedback. Please regularly review these policies to be informed of how we are
protecting your personal data.
We welcome any queries, comments or requests you may have regarding this
Privacy Policy. Please do not hesitate to contact us.
Version: June 2024

    Your Cart
    Your cart is emptyReturn to Shop