This website is provided by Ardersier Port (Scotland) Limited (we, our or us). We are committed to protecting the privacy of individuals whose personal data we process (you or your).
We are Ardersier Port (Scotland) Limited, a company registered in Scotland under company registration number SC698452. Our registered office is at Ardersier Port Approach, Ardersier, Inverness, Scotland IV2 7QX.
We may collect and use certain personal data about you through your use of our website. When we do so we are subject to data protection laws in the United Kingdom including the UK General Data Protection Regulation (UK GDPR). We are the controller of personal data obtained and/or collected via our website, meaning we decide how and for what purposes it is used by us. You can contact us by email at email@example.com.
This website is not intended for children and we do not knowingly collect data relating to children. Children should not access or use our website. If you are aware that any personal data of any children has been shared with us through our website please let us know so that we can delete that data.
We may use different methods to collect data from you and about you including through:
The personal data we collect about you depends on the particular activities carried out through our website. We have grouped together the various types of data we may hold about you as a website user as follows:
We do not knowingly collect any sensitive personal data or special categories of personal data about you through our website (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data). Nor do we collect any information about criminal convictions and offences through our website. You must not submit special category data to us. If, however, you otherwise inadvertently or intentionally transmit special category data to us, you will be considered to have explicitly consented to us processing that special category data under Article 9(2)(a) of the UK GDPR. We will use and process your special category data for the purposes of deleting it.
If we consider it necessary to obtain your consent in relation to the use of your personal data you will be asked to provide this and/or we will contact you to request this consent. In such circumstances, we will provide you with full details of the personal data that we would like to process and the reason we need to process it, so that you can carefully consider whether you wish to consent. Where you do consent and we rely on consent to process your personal data, you have the right to withdraw your consent at any time, although that will not affect the lawfulness of processing based on consent before its withdrawal. To withdraw your consent, please contact us at firstname.lastname@example.org. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.
As a website user, your personal data may be processed by us or our sub-processors (or any of their affiliates, agents, employees, delegates or sub-contractors) for the following purposes:
We will only use your personal information as the law permits. We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
The legal bases we principally rely upon are these:
Where such processing is being carried out on the basis that it is necessary to pursue our legitimate interests, we will only carry out such processing if these legitimate interests are not overridden by your interests, fundamental rights or freedoms.
Where we need to collect personal data by law or in connection with our website and you fail to provide that information, we may not be able to give you full access to our website. We will notify you if this is the case.
Please note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us at the address above if you need us to confirm which of the legal bases set out below we relied upon in a specific type of processing for a particular category of personal data.
PURPOSE / ACTIVITY
TYPE OF DATA
LEGAL BASIS FOR PROCESSING
To respond to communications and submissions you make to us, including through submission forms on our website
Our legitimate interests of pursuing and developing our business and responding to queries, comments and communications
To use data analytics to improve our website
Our legitimate interests of understanding user behaviour and improving our website
To comply with legal and/or regulatory requirements
Compliance with our legal and/or regulatory obligations, including under data protection law to securely protect personal data
To scan and monitor emails sent to us (including attachments) for viruses or malicious software, to process and encrypt personal data to protect and manage email traffic, and to store personal data on our systems
Our legitimate interests including for document retention purposes and IT security
Compliance with our legal and regulatory obligations, including under data protection law to securely protect personal data
Such other actions as are necessary to manage our business activities including processing instructions, monitoring and recording electronic communications for quality control, analysis and training purposes and enforcing or defending our rights and/or interests
Compliance with our legal and regulatory obligations
Our legitimate interests of pursing and developing our business and effectively operating our website
To share your personal data with members of our group and third parties that will or may take control or ownership of some or all of our business (and professional advisors acting on our or their behalf) in connection with a significant corporate transaction or restructuring, including a merger, acquisition, asset sale, initial public offering or in the event of our insolvency
For our legitimate interests of protecting, realising and growing the value in our business
The legitimate interests of our shareholders including in managing their investment in our business
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for a different or unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
You will not be subject to decisions that will have a significant impact on you based solely on automated decision-making, unless we have a lawful basis for doing so and we have notified you.
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
We will not disclose personal information we hold about you to any third party except as set out below and where we have a lawful basis for doing so.
We may disclose your personal data to other affiliates in our group and to third parties who are providing services to us, including IT, document retention, backup and disaster recovery service providers and professional advisers.
We may also disclose personal data we hold to third parties in the following circumstances:
Whenever your personal data is transferred out of the UK or the European Economic Area ("EEA") by us, we ensure a similar degree of protection is afforded to it by ensuring either of the following safeguards is implemented:
Please contact us if you want further information on the specific mechanism used when transferring your personal data out of the UK or EEA.
We have put in place measures designed to ensure the security of the personal data we collect and store about you. We will comply with law in our approach to protecting your personal data from unauthorised disclosure and/or access, but we cannot guarantee the security of any data we collect and store.
In certain circumstances, by law you have the right to:
If you wish to exercise any of the rights set out above, please contact us at email@example.com.
You will not usually have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
The personal data we hold about you needs to be accurate and up-to-date in order to comply with data protection law. Please let us know of any changes to your personal data so that we can correct our records.