SURA Ltd and EDGE 4x4 Ltd trading as respectively EDGE Garage and EDGE Offroad are a company registered in England and Wales (hereinafter referred to as "We", "Our" or "Us") that operates a number of online e-commerce stores namely (“edgeoffroad.co.uk”, “edgegarage.co.uk”, – hereinafter collectively referred to as our “Sites”, “Storefronts” or “Online Shops”.
Maintaining the security of your data is of paramount importance to us and we are committed to respecting your privacy rights.
This notice, which including without limitation applies when using our sites, provides you with information about:
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the General Data Protection Regulation (EU Regulation 2016/679, when applicable, the “GDPR”), and the EU Data Protection Directive (Directive 95/46/EC), the data controller is SURA Ltd and EDGE 4x4 Ltd trading as respectively EDGE Garage and EDGE Offroad of The Old Paint Factory, New Road, Brixham TQ58NF.
Information we may collect from you and other sources
Although the precise details of the personal information collected will vary according to the specific purpose for which we are collecting the information, we may collect and process the following data about you:
Uses made of the Information
We use information held about you in the following ways:
Our sites may include links to third-party sites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party sites and are not responsible for their privacy statements. When you leave our sites, we encourage you to read the privacy notice of every site you visit.
For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive. They help us to improve our sites and to deliver a better and more personalised service. They enable us:
Many of our sites save the contents of your basket when you haven’t completed a transaction. If you quit our sites without placing an order the system will remember the items you added to your basket and send you an email with a reminder. We do this to make sure your shopping experience is as hassle free as possible. If you do not want to receive these emails in the future, please click on the unsubscribe link at the bottom of the email you have received.
Disclosure of your information
In order to make certain services available to you, we may need to share your personal data with third parties.
It is sometimes necessary for us to share your data outside of the European Economic Area (EEA). This generally occurs when our service providers are located outside of the EEA or you are based outside of the EEA.
If this happens, we will ensure that the transfer will be compliant with the relevant data protections laws including the GDPR.
Our standard practice is to use standard contractual clauses which have been approved by the European Commission for such transfers. Those clauses can be accessed here. Where standard contractual clauses are not used and your data is transferred to the United States, we will ensure that the service providers have signed up to the EU-US Privacy Shield which is a framework designed to protect the fundamental rights of anyone in the EU whose personal data is transferred to the United States for commercial purposes.
How do we protect your data
We are committed to keeping your personal data safe and secure and employ a number of security measures such as:
We use reasonable, organisational, technical and administrative measures to protect personal information under our control. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our sites; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
Legal basis for processing your personal data
The personal data that you provide to us in order to purchase goods and other personal data generated for transactional agreements is processed as it is necessary for the performance of a contract with you.
All other personal data is processed for our legitimate interests (as set out below) and to comply with our legal obligations.
In general, we only rely on consent:
You have the right to withdraw your consent at any time.
Our legitimate interests
The normal legal basis for processing customer data, is that it is necessary for our legitimate interests including:-
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
All of the above requests will be forwarded on should there be a third party involved in the processing of your personal data.
You can also exercise the right at any time by contacting us by any of the means outlined below.
Our sites may, from time to time, contain links to and from the sites of our partner networks, advertisers and affiliates. If you follow a link to any of these sites, please note that these sites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these sites.
Our Obligations as a Data Processor
Where you declare the personal details of another individual, such as setting someone other than yourself as a recipient of an order, we agree not to use this 3rd party data for any other purpose than for carrying out the service for which you have requested. 3rd party details will not be shared across databases but may be retained on any sales related documentation for as long as is required for legal or accounting purposes.
We will redact or remove all 3rd party information from our commercial databases after the companies maximum warranty period (30 months) unless otherwise instructed by yourself.
How long do we keep your data?
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.
We retain customer/subscriber data within our database for 30 months (2.5 years) from the date of last sale / date of consent to cover warranty periods and average service intervals but will present opportunities to amend your data and contact preferences on an annual basis either by way of the sites or through electronic mail. However this option is available upon request at any time to all individuals for whom we process personal data. We may be required to hold payment records and invoices for long subject to HMRC rules prevailing at the time.
The email marketing unsubscribe function will remove your details from marketing lists and confirmation of your removal will be sent to your email address. We have introduced means to throttle the communication you receive if you would just rather reduce the frequency of communication.
Data back-ups can take up to 60 days to remove specific data from the system.
We will take reasonable steps under Article 17 of the GDPR to meet subject access requests.
If you have any questions about how we use your personal data that are not answered here, or if you want to exercise your rights regarding your personal data, please contact us by any of the following means:
You have the right to make a complaint at any time to the local data protection supervisory authority which, for the UK, is the Information Commissioner's Office (ICO (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.