Privacy Policy

The Quality Assurance Service Co Ltd, trading as GDGC (“We”) are committed to protecting and respecting your privacy.

This policy sets out the basis on which we collect and process personal data.

For the purpose of the Data Protection legislation and rules (the Act), GDGC is an insurance broker and the entity and data controller responsible for holding and using your data.  We may share data and information with other parties’, and this is explained in the policy below.

INFORMATION WE MAY COLLECT ABOUT YOU                            

We may obtain personal information from GDGC Accredited Installers and their clients for the installations they undertake, or from other third-party sources.  We may therefore collect and process the following type of data:

For clients of our installers or the public;

  • Information that our installers provide about you via our on-line registration system or manually. This would include your name and address along with information about the work which has been undertaken. We hold and use this information as it is in ours and our installers legitimate interests to do so.  The information is used for the administration of the product offered and monitoring the conduct of our installers.
  • If you contact us, by way of any enquiry, including a complaint about a installer, we will retain a record. We will usually take details of your name and address along with details of your enquiry and our reply.  We hold and use this information as it is in our and our installers legitimate interests.

For installers or employees of installers

  • Information that you or your employer provide either manually or through our on-line registration system, which may include your name and address along with information about your role in the installer firm. Information may be provided as part of an application to GDGC or to enable us to administer the product (and the contract you enter for this).  Where you are an employee of the installer, we hold and use the information as it is in our legitimate interests to do so. 
  • If you contact us, by way of complaint or otherwise, we will keep a record of that. Where you are the installer, we hold and use the information as part of your agreement with the scheme. Where you are an employee of the installer, we hold and use the information as it is in our legitimate interests to do so.
  • We may obtain credit checks, identity checks and other due diligence checks carried out against you, your address(es) or your business(es) and copies of any references taken or this information is obtained from third parties such as credit reference agencies.  We collect this information where you are the installer, applying to register with GDGC or have significant control of an installer.  We hold and use this as part of our entry into a contract with an installer.

USING THE INFORMATION

We use information held about you in the following ways:

  • To provide you with information concerning your registration with GDGC. all obligations. Personal data is not made available other than to those it concerns, to installers who have provided the data to us or as set out in this policy.
  • To obtain the insurance cover. We will share any details which the insurer requires of an installer and their clients. The client will be provided with an insurance policy confirming their cover.  The insurer will process the information as data controller as they have a legitimate interest in this to provide the required cover.
  • To provide Accredited Installers and their clients with information, products or services that they request from us.
  • To carry out our obligations and enforce our Accredited Installers obligations under the contract with GDGC.
  • To verify your identity and prevent fraud.
  • For Legal and Regulatory reasons.

DISCLOSURE OF YOUR INFORMATION

We may disclose your personal information to certain third parties for example:

  • The Insurer
  • Certification Bodies
  • Auditors
  • Code Sponsors
  • Fraud prevention agencies
  • Other financial institutions
  • Legal and Regulatory authorities such has the Financial Conduct Authority and the Information Commissioners Office.  The third parties will process the information for us under contractual arrangements; to credit and fraud reference agencies and identity checkers who act under agreements with us but also have a legitimate interest in your data.
  • If you require details of the Insurer this will be included in the insurance policy provided to you when work is registered with us.
  • We have contracts in place with all third parties to whom we provide your data to and they are required to ensure that all the requirements of the Data Protection legislation are met.

YOUR RIGHTS

You have several rights in relation to your personal information.  These are –

  • The right to confirm if we are using data about you and to access details about what we are using and how;
  • The right to lodge a complaint with the Information Commissioners Office;
  • The right to request we rectify any inaccurate data or to have data which is incomplete for the purpose we hold it completed;
  • The right to be forgotten. Which is the right to ask us to delete information about you and if it is appropriate to do so we will do so;
  • The right to restrict what we do with data in specific circumstances, including where the accuracy of the data is contested, processing is unlawful or if we only need the data to meet legal requirements;
  • The right to receive the data we hold about you in a format you can use to transfer the data electronically elsewhere.
  • The right to object to further processing of your data if it is inconsistent with the main reason for which it was collected.

We will retain your data for as long as it is reasonably required for our legitimate purposes and to meet our regulatory requirements, and for no longer than is necessary.

The Act gives you the right to access information held about you. Your right of access can be exercised in accordance with the Act. 

WEBSITE USAGE INFORMATION

We may collect information about your computer including where available, your Internet Protocol (IP) address, operating system and browser type, for system administration and to report aggregate information to our advertisers.

We might also use the information to analyse trends, learn more about user’s interests, assess the effectiveness of marketing campaigns and gather broad demographic information for our own internal use. It will also be used for system administration. This is statistical data about our users’ browsing actions, patterns and to identify unique visits to our website and does not identify any individual. However, there are instances on our website where personal data will need to be provided. In this instance, we will only use this information in accordance with applicable data protection rules and where you have provided consent.

For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service and for analytical purposes.

We also make use of a custom audience pixel which is a tiny piece of Java script inserted onto each of our web pages and this is used for social media platforms. This pixel records information about the user’s browser session, so that we can address our visitors for commercial purposes. The user’s information will be deleted after 180 days until the user visits the website again. To opt-out, for Facebook, please visit https://en-gb.facebook.com/about/basics/advertising/ad-preferences or for Linkedin, please visit https://www.linkedin.com/psettings/guest-controls/retargeting-opt-out.

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our site. You

WHERE WE STORE YOUR PERSONAL DATA

The data that we collect may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. We take all steps reasonably necessary to ensure that all data is treated securely and in accordance with this privacy policy including when it leaves the EEA.  Where data leaves the EEA it is subject to contractual requirements to ensure the rules continue to apply.  Data will at all times remain subject to the provisions of the Data Protection Act.

LINKS

Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any data about you to these websites.

CHANGES TO OUR PRIVACY POLICY

Any changes we may make to our privacy policy in the future will be posted on this page and, where appropriate, notified to you by e-mail.

CONTACT

Questions, comments and requests regarding this privacy policy are welcomed and should be addressed to: The Data Protection Officer, GDGC, Centurion House, Leyland Business Park, Centurion Way, Leyland, Lancashire, PR25 3GR. You can contact us via email at info@gdgc.co.uk or reach us by telephone on 0345 340 0523.