top of page

 

PRIVACY POLICY

 

1. OVERVIEW AND WHO WE ARE

Welcome to the privacy policy for Serling Lake. We respect your privacy and are committed to protecting your personal data. This policy details how we collect, use, and protect your personal data when you visit our website or use our services, and tells you about your privacy rights and how the law protects you.

 

Serling Lake Ltd is the data controller and is responsible for your personal data.

Company Details:

  • Full Legal Name: Serling Lake Ltd

  • Company Registration Number: 11875317

  • Registered Office Address: Frassino House, Higher Brooks, Somerset, BA16 0TX

  • Email Address: privacy@serlinglake.com

2. THE DATA WE COLLECT ABOUT YOU

We may collect, use, store, and transfer different kinds of personal data about you, which we have grouped together as follows:

  • Identity & Contact Data: Includes first name, last name, email address, telephone numbers, and billing/delivery addresses.

  • Technical & Usage Data: Includes internet protocol (IP) address, your login data, browser type and version, time zone setting, operating system, and information about how you use our website and services.

  • Marketing & Communications Data: Includes your preferences in receiving marketing from us and your communication preferences.

 

3. HOW WE USE YOUR DATA AND OUR LEGAL BASIS

Under UK data protection law, we must have a valid legal basis to process your data. Below is a description of the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our specific legitimate interests are where appropriate.

 

To register you as a new customer and provide our services:

  • Data Used: Identity & Contact Data

  • Legal Basis: Performance of a contract with you.

 

To manage our relationship with you (e.g., notifying you of changes to terms, answering enquiries):

  • Data Used: Identity & Contact Data, Marketing & Communications Data

  • Legal Basis: Performance of a contract, legal obligation, and legitimate interests (to keep our records updated and maintain customer relations).

 

To administer and protect our business and website (e.g., troubleshooting, data analysis, system maintenance, fraud prevention):

  • Data Used: Identity, Contact, and Technical & Usage Data

  • Legal Basis: Legitimate interests (for running our business, provision of administration and IT services, network security, and preventing fraud).

 

To deliver relevant website content and marketing to you:

  • Data Used: Identity, Contact, Technical & Usage, and Marketing & Communications Data

  • Legal Basis: Consent (for electronic direct marketing to non-customers or where non-essential tracking is used) or legitimate interests (to study how customers use our products/services, to develop them, and to grow our business).

 

4. COOKIES AND AUTOMATED TRACKING

We use cookies and similar technologies to ensure our website functions securely and to improve your experience.

  • Essential & Low-Risk Cookies: We use certain strictly necessary cookies, as well as first-party statistical analytics to monitor site performance and security. These are deployed based on our legitimate interests in keeping the site operational and secure.

  • Non-Essential Cookies: For intrusive, cross-site, or targeted advertising tracking technologies, we will always ask for your explicit consent before placing them on your device. You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies.  

 

5. DISCLOSURES OF YOUR PERSONAL DATA

 

We may share your personal data with the following third parties for the purposes set out in Section 3:

  • Service Providers: IT, website hosting, accounting, and system administration providers.

  • Professional Advisers: Including lawyers, bankers, auditors, and insurers.

  • Regulatory Authorities: Law enforcement agencies, regulators, or other third parties where required by law.

  • Third Parties: Entities to whom we may choose to sell, transfer, or merge parts of our business or our assets.

 

6. INTERNATIONAL TRANSFERS

 

We share your personal data within our network of trusted third-party service providers, some of which are based outside the United Kingdom (UK). Whenever we transfer your personal data out of the UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the UK Government.

  • Where we use certain service providers, we may use specific contracts approved for use in the UK (such as the International Data Transfer Agreement or UK Addendum to the standard contractual clauses) which give personal data the same protection it has in the UK.

 

7. DATA SECURITY

 

We have put in place appropriate technical and organisational security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. Access to your personal data is limited to those employees, agents, contractors, and other third parties who have a business need to know.

 

8. DATA RETENTION

 

We will only retain your personal data for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements.

  • Customer/Contract Data: Kept for 6 years after the contract ends for legal and tax purposes.

  • Enquiries/Contact Data: Kept for 12 months after our last communication.

  • Marketing Data: Kept until you withdraw your consent or opt-out, plus a short suppression period of 12 months to ensure we respect your opt-out request.

9. YOUR LEGAL RIGHTS

 

Under certain circumstances, you have rights under UK data protection laws in relation to your personal data. You have the right to:

  • Request access to your personal data (a "data subject access request").

  • Request correction of the personal data that we hold about you.

  • Request erasure of your personal data.

  • Object to processing of your personal data where we are relying on a legitimate interest.

  • Request restriction of processing of your personal data.

  • Request the transfer of your personal data to you or to a third party.

  • Withdraw consent at any time where we are relying on consent to process your personal data.

To exercise any of these rights, please contact us at privacy@serlinglake.com. We try to respond to all legitimate requests within one month. We may refuse to comply with your request, or charge a reasonable fee, if your request is clearly vexatious or excessive.

 

10. CHILDREN

 

Our website and services are not intended for children under the age of 16, and we do not knowingly collect data relating to children. If we become aware that we have collected personal data from a child under 16 without appropriate consent, we will take steps to delete it.

11. COMPLAINTS AND CONTACTING THE ICO

If you have any concerns about how we handle your personal data, you have the right to lodge a formal data protection complaint directly with us. Please send your complaint to privacy@serlinglake.com. We will acknowledge your complaint within 30 days and will keep you informed of our investigation and the final outcome without undue delay.

If you remain dissatisfied with our response, or if you prefer, you have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK regulator for data protection issues:

 

Information Commissioner's Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Website: ico.org.uk

Telephone: 0303 123 1113

bottom of page