Our cookies and privacy statement
ATTAIN Group Limited (“ATTAIN”) takes the privacy of allval users of their website and the ATTAIN System very seriously and takes great care with any personal information that it may gather about their clients or which legally comes into our possession through third parties. ATTAIN will also take great care to respect any other confidential personal information that ATTAIN may have about their clients. For further details about ATTAIN, please view the About Us page of www.ATTAIN.uk.com.
By using this website and/or by clicking on any “I accept” button, the clients allow ATTAIN to collect, store and process their personal information in accordance with the terms set out in this Privacy Statement. If the clients do not want ATTAIN to do this please stop using this site immediately and/or do not click any “I accept” button.
A description of the ATTAIN System and legal definitions , can be found in the Terms and Conditions “linked” to in clause 2 of the Website Usage Agreement on www.ATTAIN.uk.com.
1. ATTAIN, which runs and owns the ATTAIN SYSTEM, adheres to the Data Protection Act Principles and Guidelines and the Privacy and Electronic Communications Regulations 2003 as amended in its processing, handling, transmission, sharing, storage, use and transfer of personal data. More information about the ATTAIN SYSTEM can be found at www.attain.uk.com or by writing to The Data Controller, ATTAIN, 205-206 Atlas House, Caxton Close, Wigan WN36XU, who will send a hardcopy printout from the relevant page(s) of that website. A shortened version also appears below. In particular, when dealing with the protection of personal data, ATTAIN abides by the eight Data
Protection Principles of the Data Protection Act 1998:
1. Personal data shall be processed fairly and lawfully, and, in particular, shall not be processed unless:
(a) at least one of the conditions in Schedule 2 of the Data Protection Act 1998 is met; and,
(b) in the case of sensitive personal data, at least one of the conditions in Schedule 3 is also met.
2. Personal Data shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes.
3. Personal Data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.
4. Personal Data shall be accurate and, where necessary, kept up to date.
5. Personal Data processed for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
6. Personal Data shall be processed in accordance with the rights of data subjects under the Data Protection Act 1998.
7. Appropriate technical and organisational measures shall be taken against unauthorised or unlawful processing of Personal Data and against accidental loss or destruction of, or damage to, Personal Data.
8. Personal Data shall not be transferred to a country or territory outside the European Economic Area unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects.
2. Important data gathering Role of ATTAIN’s own CLIENTs
3. The ATTAIN SYSTEM
ATTAIN’s own CLIENTs use the ATTAIN SYSTEM to capture and process in a more efficient way data relevant to their businesses that they have already collected. This data might include personal data. The system(s) assists ATTAIN’s CLIENTs to maintain and use lists of their own CLIENTs’ orders, enquiries, complaints, interests, age if under 18, sex, physical addresses and delivery addresses, telephone, mobile numbers and e-mail addresses, and other details, such as previous purchases, viewing history, sporting activities, hobbies and interests and social categorisation and also analytical and statistical reporting highlighting online behaviour and trends. Such capture and processing of data also assists ATTAIN’s CLIENTs to optimise any marketing campaigns they might make, both to their own CLIENTs and potential CLIENTs as well as to other persons who have opted-in to receive such marketing information, which includes marketing by e-mail as well as SMS messaging.
4. Law Enforcement and the supply of Personal Data
ATTAIN will supply personal data to any relevant law enforcement agency if duly requested. Such agencies include but are not limited to the Police and Her Majesty’s Revenue and Customs. ATTAIN may at times not be allowed by law to disclose to an individual that such a request has been made and/or identify any data so supplied.
5. Role of ATTAIN’s CLIENTs as regards Personal Data
As a requirement of using the ATTAIN SYSTEM, ATTAIN’s own CLIENTs have agreed to set out in detail in their own openly available privacy policies or similar statements or notices what might happen to data, including personal data, that they collect, store and process about their own CLIENTs or potential CLIENTs. This includes setting out in their own Privacy Policies that personal data will be transferred to ATTAIN for use in the ATTAIN SYSTEM and what might happen to the information once in the ATTAIN SYSTEM (for which, see paragraph 3 just above). It also includes a requirement that ATTAIN’s own CLIENTs can demonstrate that they can satisfy any and all relevant legally required requirements to collect, store or otherwise process or use personal data and send commercial messages by electronic means were already present before that personal data is processed/used by the ATTAIN SYSTEM as well as setting out in their policy how they comply with the Privacy and Electronic Communications Regulations 2003 as amended.
6. Checking and Correcting Your Personal Data
If you feel that ATTAIN may be processing incorrect or out-of-date data about yourself, or that ATTAIN should not be processing your personal data (either at all or in part), or that processing may be causing you harm or distress, or you are simply interested in knowing what might be being processed by ATTAIN about yourself – you can request in writing a description of your personal data that ATTAIN is processing about you, the purposes for which they are being or are to be processed, the source(s) of the personal data (if known) and the classes of recipients to whom the personal data may be disclosed. This is sometimes referred to as a “Subject Access Request”. ATTAIN may make a charge not exceeding £10 to issue reply to a Subject Access Request. The reply must be sent within 40 days of a proper written request and any required payment being received. You should be aware that the Data Protection Act 1998 sets out a number of potentially important exclusions as to what might be disclosed in reply to a Subject Access Request. If you wish to make a Subject Access Request or have a general enquiry regarding your own personal data, please contact in writing the Data Controller, ATTAIN, 205-206 Atlas House, Caxton Close, Wigan WN36XU
7. Should you consider making a Subject Access Request of an ATTAIN CLIENT.
Any personal data we may process about you is most likely to have been collected in the first instance by one of our CLIENTs with whom you may have had dealings or to whom you might make an enquiry or the like. If you know the identity of our CLIENT, it might be worthwhile considering making a subject request to them, or at least contacting them with your concerns, especially if you are worried about the initial collection of your personal information and/or any specific usage that that CLIENT continues to make which concerns you, including sending messages by e-mail or SMS. Please note that you can usually only make subject access requests or general enquiries about yourself. You can only make a request or enquiry about another person if you have a relevant legal right to make such enquiries on their behalf.
8. For your further information
Electronic Communications to and from ATTAIN
E-mails, faxes and telephone calls made to – and by – ATTAIN may be monitored and/or recorded:
– To prevent or detect crime, including fraud; and/or
– To investigate or detect unauthorised use of the electronic communication system(s); and/or,
– To establish facts relevant to ATTAIN ‘s business; and/or,
– To ascertain compliance with regulatory and self-regulatory practices or procedures that are relevant to ATTAIN ‘s business; and/or,
– To ascertain or demonstrate standards that ATTAIN employees or representatives achieve or ought to achieve when using ATTAIN ‘s systems of communications (i.e. quality control and training); and/or
– To ensure effective operation of the system including effective protection against virus and hacker attacks