Privacy Notice
Overseas Courier Service (London) Limited ("We") are committed to protecting and respecting your privacy.
Our company number is 1062887 and our registered address is Global House, Poyle Road, Colnbrook, SL3 0AY, UK.
Contacts
For all general enquiries call +44 (0) 20 7640 3800 or email
heathrow@ocsworldwide.co.uk.
Specific questions and comments regarding this Privacy Notice are welcomed and should be addressed to
gdpr@ocsworldwide.co.uk or using our dedicated number +44 (0) 20 7640 3870.
Our Data Registration Status
For the purpose of Data Protection legislation, Overseas Courier Service (London) Limited is both a data controller and a data processor. We are also listed on the Information Commissioner's Office data protection register under: Z7574153 – link:
https://ico.org.uk/ESDWebPages/Entry/Z7574153
Purpose of this Privacy Notice
This notice sets out the basis on which any personal data We collect from You, or that You provide to us, will be processed by us. We ask you to read the following carefully to understand our views and practices regarding your personal data and how we will treat it. We keep certain basic information when you visit our domains and websites ("sites") and recognise the importance of keeping that information secure and letting you know what we will do with it.
This policy only applies to our own sites which may, from time to time, contain links and/or references to and from the sites of our partner networks, advertisers, affiliates and followers. If you navigate using any of these links, please note that these other sites have their own privacy policies and that we do not accept any responsibility or liability for their policies or content. It is therefore strongly recommended that you review the respective policies before submitting any personal data.
For the avoidance of doubt, our sites are:
www.ocsworldwide.co.uk,
www.ocsmedia.net,
www.ocscourier.co.uk and
www.my-ocs.net.
Information We may collect from You
In the context of GDPR,
Personal Data means, 'Any information relating to an identified or identifiable natural person, including by means of an identification number or one or more factors specific to an individual's physical, physiological, mental, economic, cultural or social identity (including IP addresses and cookie strings).'
Sources of Personal Data
We may collect and process the following personal data about You including but not specifically limited to:
- Information that you provide by filling in forms on our sites including that provided at the time of registering to use our sites, subscribing to or with the intention of using our services or requesting further services
- Information that you provide when you report a problem with our sites or services.
- Keeping a record of any correspondence or conversation should You contact us.
- Details of your visits to our sites including, but not limited to, traffic data, location data, weblogs, operating system, browser usage, downloads and other communication data, whether this is required for our own billing purposes or otherwise and the resources that you access.
Automated decision-making & Profiling
We do not conduct any automated decision-making and/or profiling processes.
IP Addresses and Cookies
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to record aggregate information. This is statistical data about our users' browsing actions and patterns, and does not identify any individual and We will not collect personal information in this way. However, where an IP address or cookies means that a user is identifiable, We will treat this as a personal data and will secure it in the appropriate way. We may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive. They help us to improve our sites and to deliver a better and more personalised service. They enable us to:
- estimate our audience size and usage pattern
- store information about your preferences, and so allow us to customise our sites according to your individual interests
- recognise you when you return to our sites
You may refuse to accept cookies by activating the appropriate setting in your browser. However, if You select this setting You may be unable to access or interact with certain parts of our sites. Unless You have specifically adjusted your browser setting so that it will refuse cookies, our system will issue cookies when You log on to our sites.
Purposes of Processing
Our legitimate interest for collecting and processing your information is in order to provide, understand, improve and discharge our services and/or fulfil our contractual obligations to you.
Our lawful basis for processing the data is that the processing is necessary for our legitimate business interests or the legitimate interests of a third party.
We use data held about you in the following ways:
- To ensure that content from our sites is presented in the most effective manner for you and for your computer
- To provide you with information, products or services that You request from us or which We feel may interest you and You have consented to be contacted for such purposes
- To carry out our obligations arising from any contracts entered into between You and us
- To allow You to participate in interactive features of our service, when You choose to do so
- To notify You about changes to our goods and/or services
Storage and Transfer of Personal Data
We understand our obligation to ensure that appropriate technical and organisations measures are taken to prevent unauthorised or unlawful processing, loss, damage or destruction of personal data. Therefore, We will ensure that relevant personal data is in a secure location, only accessed by authorised individuals, only processed by authorised individuals and cannot be lost, damaged or destroyed.
We confirm that:
- All information you provide to us will be or is stored securely
- All payment transactions are encrypted
- We do not store any full credit or debit card details following payment
- Where We have given You (or where You have chosen) a password which enables You to access certain parts of our sites, You are responsible for keeping this password confidential and we ask you not to share it with anyone.
Unfortunately, general internet traffic is insecure by nature so the integrity of transmissions using insecure protocols cannot be guaranteed and any transmission of an unencrypted email is at your own risk. We can however vouch for the security and integrity of data interactions with our HTTPS:\\ sites generally identified by a padlock symbol.
Once We have received your information, We will use strict procedures and security features to try to prevent unauthorised access, in line with GDPR, as set out above.
Depending on the service we are providing you, data that We collect from You may be transferred to, and stored at, a destination outside the European Economic Area ("EEA").
We may engage service providers to perform functions and provide services to us e.g. to fulfil your order or to process payments. We may share your private personal information with such service providers subject to obligations consistent with this privacy notice and any other appropriate confidentiality and security measures, and on the condition that the third parties use your private personal data only on our behalf and in line with our instructions.
By submitting your personal data, You agree to this transfer, storing or processing. We will take all reasonable steps to ensure that your data is treated securely and in accordance with this privacy notice, as outlined above. We understand that under the General Data Protection Regulation (GDPR), any organisation that processes data for EU ("European Union") data subjects has to act in accordance with the GDPR even if they are located outside the EU. This means that even though local legislation may not be of equal standing, these organisations are still required to secure, hold and process data in line with the GDPR legislation. Disclosure of your information
We may disclose your personal information to third parties:
- In the event that We sell or buy any business or assets
- If We are under a duty to disclose or share your personal data in order to comply with any legal or contractual obligation. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction
Retention Periods for Personal Data
We understand our obligation not to keep data for any longer than is necessary for the purpose it was obtained. We will keep the data referred to in this Privacy Notice in accordance with our Data Retention Policy. After this We will securely destroy it.
Your Rights
Objections to Processing
You have the right to ask us not to process your personal data for marketing purposes. We will inform You (before collecting your data) if We intend to use your data for such purposes or if We intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms We use to collect your data. You can also exercise the right at any time by contacting us at
gdpr@ocsworldwide.co.uk.
Access to information, Withdrawal of Consent, Rectification of Data & Right of Erasure
You also have the right to:
- Access information held about You by raising a 'Data Subject Access Request'
- At any time, withdraw your consent to us holding data about You or to having information sent to You
- Request for your data to be rectified. Where You identify that your personal data is incorrect, or incomplete, You can request correction, deletion, or modification of your personal data
- In certain circumstances request that your data is erased
If You wish to exercise any of the above rights you should either send an email to
dsar@ocsworldwide.co.uk or write to 'Data Subject Access Requests' at our company address stated above. We will respond within the timescale prescribed under GDPR and will either provide the requested data or explain the reason(s) for being unable to comply.
Data Portability
If You have shared any information through our services, You may wish to allow your data to be transferred to another organisation either by you receiving the data and transferring it, or by the data being transferred directly.
This right to data portability only applies to data that You have provided to us, where the data processing is based either on your consent or on the basis of our or others legitimate business interests and where the processing is carried out by automated means and it is technically feasible to do so. If You wish to do this, please send an email to dsar@ocsworldwide.co.uk so We can agree the transfer specifics.
Data Breaches
Following a discovery of any data breach i.e. when personal data allowing an individual to be identified is processed without authorisation and could result in their security being compromised, consideration will be given as to whether the matter needs to be reported to the Information Commissioner's Office (ICO) and whether the potentially affected individual(s) need to be informed. Any referral will be carried-out within the timescale prescribed under the GDPR.
Right to Complain to Supervisory Authority
If You wish to raise a concern about our use of your information and without prejudice to any other rights you may have, You have the right to do so with your local supervisory authority. The Information Commissioner's Officer (ICO) is the UK's independent body set up to uphold information rights and You can obtain further information by navigating to
https://ico.org.uk/.
Changes to our Privacy Notice
Any changes We may make to this document in the future will be posted on this page and, where appropriate, notified to You by e-mail. However, We advise that You check this page regularly to keep up to date with any changes We may make.
This notice was last updated on 25 May 2018.