Terms and Conditions

1. Introduction

1.1 These terms and conditions shall govern your use of our website.

1.2 By using our website, you accept these terms and conditions in full; accordingly, if you disagree with these terms and conditions or any part of these terms and conditions, you must not use our website.

1.4 You must be at least 18 years of age to use our website; by using our website or agreeing to these terms and conditions, you warrant and represent to us that you are at least 18 years of age.

1.5 Our website uses cookies; by using our website or agreeing to these terms and conditions, you consent to our use of cookies in accordance with the terms of our Cookies policy.

2. Credit

2.1 This document was created using a template from SEQ Legal (http://www.seqlegal.com).

3. Copyright notice

3.1 Copyright (c) 2016 Step Ladder Solutions Limited.

3.2 Subject to the express provisions of these terms and conditions:

(a) we, together with our licensors, own and control all the copyright and other intellectual property rights in our website and the material on our website; and

(b) all the copyright and other intellectual property rights in our website and the material on our website are reserved.

4. Licence to use website

4.1 You may:

(a) view pages from our website in a web browser;

(b) download pages from our website for caching in a web browser;

(c) print pages from our website; and

(d) stream audio and video files from our website,

subject to the other provisions of these terms and conditions.

4.2 Except as expressly permitted by Section 4.1 or the other provisions of these terms and conditions, you must not download any material from our website or save any such material to your computer.

4.3 You may only use our website for your own personal purposes, and you must not use our website for any other purposes.

4.4 Except as expressly permitted by these terms and conditions, you must not edit or otherwise modify any material on our website.

4.5 Unless you own or control the relevant rights in the material, you must not:

(a) republish material from our website (including republication on another website);

(b) sell, rent or sub-license material from our website;

(c) show any material from our website in public;

(d) exploit material from our website for a commercial purpose; or

(e) redistribute material from our website.

4.6 We reserve the right to restrict access to areas of our website, or indeed our whole website, at our discretion; you must not circumvent or bypass, or attempt to circumvent or bypass, any access restriction measures on our website.

5. Acceptable use

5.1 You must not:

(a) use our website in any way or take any action that causes, or may cause, damage to the website or impairment of the performance, availability or accessibility of the website;

(b) use our website in any way that is unlawful, illegal, fraudulent or harmful, or in connection with any unlawful, illegal, fraudulent or harmful purpose or activity;

(c) use our website to copy, store, host, transmit, send, use, publish or distribute any material which consists of (or is linked to) any spyware, computer virus, Trojan horse, worm, keystroke logger, rootkit or other malicious computer software;

(d) conduct any systematic or automated data collection activities (including without limitation scraping, data mining, data extraction and data harvesting) on or in relation to our website without our express written consent; or

(e) access or otherwise interact with our website using any robot, spider or other automated means, except for the purpose of search engine indexing.

5.2 You must not use data collected from our website to contact individuals, companies or other persons or entities.

5.3 You must ensure that all the information you supply to us through our website, or in relation to our website, is true, accurate, current, complete and non-misleading.

6. Limited warranties

6.1 We do not warrant or represent:

(a) the completeness or accuracy of the information published on our website;

(b) that the material on the website is up to date; or

(c) that the website or any service on the website will remain available.

6.2 We reserve the right to discontinue or alter any or all of our website services, and to stop publishing our website, at any time in our sole discretion without notice or explanation; and save to the extent expressly provided otherwise in these terms and conditions, you will not be entitled to any compensation or other payment upon the discontinuance or alteration of any website services, or if we stop publishing the website.

6.3 To the maximum extent permitted by applicable law and subject to Section 7.1, we exclude all representations and warranties relating to the subject matter of these terms and conditions, our website and the use of our website.

7. Limitations and exclusions of liability

7.1 Nothing in these terms and conditions will:

(a) limit or exclude any liability for death or personal injury resulting from negligence;

(b) limit or exclude any liability for fraud or fraudulent misrepresentation;

(c) limit any liabilities in any way that is not permitted under applicable law; or

(d) exclude any liabilities that may not be excluded under applicable law.

7.2 The limitations and exclusions of liability set out in this Section 12 and elsewhere in these terms and conditions:

(a) are subject to Section 7.1; and

(b) govern all liabilities arising under these terms and conditions or relating to the subject matter of these terms and conditions, including liabilities arising in contract, in tort (including negligence) and for breach of statutory duty, except to the extent expressly provided otherwise in these terms and conditions.

7.3 To the extent that our website and the information and services on our website are provided free of charge, we will not be liable for any loss or damage of any nature.

7.4 We will not be liable to you in respect of any losses arising out of any event or events beyond our reasonable control.

7.5 We will not be liable to you in respect of any business losses, including (without limitation) loss of or damage to profits, income, revenue, use, production, anticipated savings, business, contracts, commercial opportunities or goodwill.

7.6 We will not be liable to you in respect of any loss or corruption of any data, database or software.

7.7 We will not be liable to you in respect of any special, indirect or consequential loss or damage.

7.8 You accept that we have an interest in limiting the personal liability of our officers and employees and, having regard to that interest, you acknowledge that we are a limited liability entity; you agree that you will not bring any claim personally against our officers or employees in respect of any losses you suffer in connection with the website or these terms and conditions (this will not, of course, limit or exclude the liability of the limited liability entity itself for the acts and omissions of our officers and employees).

8. Breaches of these terms and conditions

8.1 Without prejudice to our other rights under these terms and conditions, if you breach these terms and conditions in any way, or if we reasonably suspect that you have breached these terms and conditions in any way, we may:

(a) send you one or more formal warnings;

(b) temporarily suspend your access to our website;

(c) permanently prohibit you from accessing our website;

(d) block computers using your IP address from accessing our website;

(e) contact any or all of your internet service providers and request that they block your access to our website; and/or

(f) commence legal action against you, whether for breach of contract or otherwise.

8.2 Where we suspend or prohibit or block your access to our website or a part of our website, you must not take any action to circumvent such suspension or prohibition or blocking.

9. Variation

9.1 We may revise these terms and conditions from time to time.

9.2 The revised terms and conditions shall apply to the use of our website from the date of publication of the revised terms and conditions on the website, and you hereby waive any right you may otherwise have to be notified of, or to consent to, revisions of these terms and conditions.

9.3 If you have given your express agreement to these terms and conditions, we will ask for your express agreement to any revision of these terms and conditions; and if you do not give your express agreement to the revised terms and conditions within such period as we may specify, we will disable or delete your account on the website, and you must stop using the website.

10. Assignment

10.1 You hereby agree that we may assign, transfer, sub-contract or otherwise deal with our rights and/or obligations under these terms and conditions.

10.2 You may not without our prior written consent assign, transfer, sub-contract or otherwise deal with any of your rights and/or obligations under these terms and conditions.

11. Severability

11.1 If a provision of these terms and conditions is determined by any court or other competent authority to be unlawful and/or unenforceable, the other provisions will continue in effect.

11.2 If any unlawful and/or unenforceable provision of these terms and conditions would be lawful or enforceable if part of it were deleted, that part will be deemed to be deleted, and the rest of the provision will continue in effect.

12. Third party rights

12.1 A contract under these terms and conditions is for our benefit and your benefit, and is not intended to benefit or be enforceable by any third party.

12.2 The exercise of the parties’ rights under a contract under these terms and conditions is not subject to the consent of any third party.

13. Entire agreement

13.1 Subject to Section 7.1, these terms and conditions, together with our data protection policy and cookies policy, shall constitute the entire agreement between you and us in relation to your use of our website and shall supersede all previous agreements between you and us in relation to your use of our website.

14. Law and jurisdiction

14.1 These terms and conditions shall be governed by and construed in accordance with English law.

14.2 Any disputes relating to these terms and conditions shall be subject to the exclusive jurisdiction of the courts of England.

15. Our details

21.1 This website is owned and operated by Step Ladder Solutions Ltd.

21.2 We are registered in England and Wales under registration number 1005 2693, and our registered office is at c/o Penningtons Manches LLP, 125 Wood Street, London WC1X 8HN.

21.3 Our principal place of business is at WeWork, 14 Gray’s Inn Road, London WC1X 8HN.

21.4 You can contact us:

(a) using our website contact form; or

(b) by email, using the email address published on our website from time to time.

This privacy policy applies between you, the User of this Website and StepLadder, the owner and provider of this Website. StepLadder takes the privacy of your information very seriously. This privacy policy applies to our use of any and all Data collected by us or provided by you in relation to your use of the Website. Please read this privacy policy carefully.

Definitions and interpretation

  1. In this privacy policy, the following definitions are used:
    Data collectively all information that you submit to StepLadder via the Website. This definition incorporates, where applicable, the definitions provided in the Data Protection Act 1998;
    Cookies a small text file placed on your computer by this Website when you visit certain parts of the Website and/or when you use certain features of the Website. Details of the cookies used by this Website are set out in the clause below (Cookies);
    StepLadder,
    we
     or us
    StepLadder, a company incorporated in England and Wales with registered number 06229752 whose registered office is at 14 Gray’s Inn Rd, London, WC1X 8HN;
    UK and EU Cookie Law the Privacy and Electronic Communications (EC Directive) Regulations 2003 as amended by the Privacy and Electronic Communications (EC Directive) (Amendment) Regulations 2011;
    User or you any third party that accesses the Website and is not either (i) employed by StepLadder and acting in the course of their employment or (ii) engaged as a consultant or otherwise providing services to StepLadder and accessing the Website in connection with the provision of such services; and
    Website the website that you are currently using, http://www.stepladder.co.uk, and any sub-domains of this site unless expressly excluded by their own terms and conditions.
  2. In this privacy policy, unless the context requires a different interpretation:
    1. the singular includes the plural and vice versa;
    2. references to sub-clauses, clauses, schedules or appendices are to sub-clauses, clauses, schedules or appendices of this privacy policy;
    3. a reference to a person includes firms, companies, government entities, trusts and partnerships;
    4. “including” is understood to mean “including without limitation”;
    5. reference to any statutory provision includes any modification or amendment of it;
    6. the headings and sub-headings do not form part of this privacy policy.

Scope of this privacy policy

  1. This privacy policy applies only to the actions of StepLadder and Users with respect to this Website. It does not extend to any websites that can be accessed from this Website including, but not limited to, any links we may provide to social media websites.

Data collected

  1. We may collect the following Data, which includes personal Data, from you:
      1. IP address (automatically collected);
      2. Web browser type and version (automatically collected);
      3. Operating system (automatically collected);
      4. A list of URLs starting with a referring site, your activity on this Website, and the site you exit to (automatically collected);

    in each case, in accordance with this privacy policy.

Our use of Data

    1. For purposes of the Data Protection Act 1998, StepLadder is the “data controller”.
    2. We will retain any Data you submit for 12 months.
    3. Unless we are obliged or permitted by law to do so, and subject to any third party disclosures specifically set out in this policy, your Data will not be disclosed to third parties. This includes our affiliates and / or other companies within our group.
    4. All personal Data is stored securely in accordance with the principles of the Data Protection Act 1998. For more details on security see the clause below (Security).
    5. Any or all of the above Data may be required by us from time to time in order to provide you with the best possible service and experience when using our Website. Specifically, Data may be used by us for the following reasons:
      1. improvement of our products / services;

in each case, in accordance with this privacy policy.

Third party websites and services

  1. StepLadder may, from time to time, employ the services of other parties for dealing with certain processes necessary for the operation of the Website. The providers of such services do not have access to certain personal Data provided by Users of this Website.

Links to other websites

  1. This Website may, from time to time, provide links to other websites. We have no control over such websites and are not responsible for the content of these websites. This privacy policy does not extend to your use of such websites. You are advised to read the privacy policy or statement of other websites prior to using them.

Changes of business ownership and control

  1. StepLadder may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of StepLadder. Data provided by Users will, where it is relevant to any part of our business so transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this privacy policy, be permitted to use the Data for the purposes for which it was originally supplied to us.
  2. We may also disclose Data to a prospective purchaser of our business or any part of it.
  3. In the above instances, we will take steps with the aim of ensuring your privacy is protected.

Controlling use of your Data

  1. Wherever you are required to submit Data, you will be given options to restrict our use of that Data. This may include the following:
  2. use of Data for direct marketing purposes; and
  3. sharing Data with third parties.

Functionality of the Website

  1. To use all features and functions available on the Website, you may be required to submit certain Data.
  2. You may restrict your internet browser’s use of Cookies. For more information see the clause below (Cookies).

Accessing your own Data

  1. You have the right to ask for a copy of any of your personal Data held by StepLadder (where such Data is held) on payment of a small fee, which will not exceed £15.

Security

  1. Data security is of great importance to StepLadder and to protect your Data we have put in place suitable physical, electronic and managerial procedures to safeguard and secure Data collected via this Website.
  2. If password access is required for certain parts of the Website, you are responsible for keeping this password confidential.
  3. We endeavour to do our best to protect your personal Data. However, transmission of information over the internet is not entirely secure and is done at your own risk. We cannot ensure the security of your Data transmitted to the Website.

Cookies

    1. This Website may place and access certain Cookies on your computer. StepLadder uses Cookies to improve your experience of using the Website. StepLadder has carefully chosen these Cookies and has taken steps to ensure that your privacy is protected and respected at all times.
    2. All Cookies used by this Website are used in accordance with current UK and EU Cookie Law.
    3. Before the Website places Cookies on your computer, you will be presented with a message bar requesting your consent to set those Cookies. By giving your consent to the placing of Cookies, you are enabling StepLadder to provide a better experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of the Website may not function fully or as intended.
    4. This Website may place the following Cookies:
Type of Cookie Purpose
Analytical/performance cookies They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
  1. You can choose to enable or disable Cookies in your internet browser. By default, most internet browsers accept Cookies but this can be changed. For further details, please consult the help menu in your internet browser.
  2. You can choose to delete Cookies at any time; however you may lose any information that enables you to access the Website more quickly and efficiently including, but not limited to, personalisation settings.
  3. It is recommended that you ensure that your internet browser is up-to-date and that you consult the help and guidance provided by the developer of your internet browser if you are unsure about adjusting your privacy settings.

General

  1. You may not transfer any of your rights under this privacy policy to any other person. We may transfer our rights under this privacy policy where we reasonably believe your rights will not be affected.
  2. If any court or competent authority finds that any provision of this privacy policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this privacy policy will not be affected.
  3. Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.
  4. This privacy policy is governed by and interpreted according to English law. All disputes arising under this privacy policy are subject to the exclusive jurisdiction of the English courts.

Changes to this privacy policy

  1. ‘Website name’ reserves the right to change this privacy policy as we may deem necessary from time to time or as may be required by law. Any changes will be immediately posted on the Website and you are deemed to have accepted the terms of the privacy policy on your first use of the Website following the alterations.You may contact StepLadder by email at info@joinstepladder.com
Step Ladder Solutions Limited
(company number 10052693)
c/o Penningtons Manches LLP, 125 Wood Street, London EC2V 7AW
 
1. Policy Statement
 
1.1 Everyone has rights with regard to the way in which their personal data in handled. During the course of our activities we will collect, store and process personal data about our Members, suppliers and other third parties, and we recognise that the correct and lawful treatment of this data will maintain
confidence in our organisation and will provide for successful business operations.
1.2 Data users are obliged to comply with this policy when processing personal data on our behalf. Any breach of this policy may result in disciplinary action.
 
2. About the policy
 
2.1 The types of personal data that Step Ladder Solutions Ltd may be required to handle include information about current, past and prospective Members, suppliers, employees and others that we communicate with. The personal data, which may be held on paper or on a computer or other media, is subject to certain legal safeguards specified in the Data Protection Act 1998 (the Act) and other regulations.
2.2 This policy and any other documents referred to in it sets out the basis on which we will process any personal data we collect from data subjects, or that is provided to us by data subjects or other sources.
2.3 This policy does not form part of any employee’s contract of employment and may be amended at any time.
2.4 This policy sets out rules on data protection and the legal conditions that must be satisfied when we obtain, handle, process, transfer and store personal data.
 
3. Definition of Data Protection Terms
 
3.1 Data is information which is stored electronically, on a computer, or in certain paper-based filing systems.
3.2 Data subjects for the purpose of this policy include all living individuals about whom we hold personal data. A data subject need not be a UK national or resident. All data subjects have legal rights in relation to their personal information.
3.3 Personal data means data relating to a living individual who can be identified  from that data (or from that data and other information in our possession).
Personal data can be factual (for example, a name, address or date of birth) or it can be an opinion about that person, their actions and behaviour.
3.4 Data controllers are the people who or organisations which determine the purposes for which, and the manner in which, any personal data is processed. They are responsible for establishing practices and policies in line with the Act. Step Ladder Solutions Ltd is the data controller of all personal data used in our business for our own commercial purposes.
3.5Data users are those of our employees whose work involves processing personal data. Data users must protect the data they handle in accordance with this data protection policy and any applicable data security procedures at all times.
3.6Data processors include any person or organisation that is not a data user that processes personal data on our behalf and on our instructions. Employees of data controllers are excluded from this definition but it could include suppliers which handle personal data on Step Ladder Solutions Ltd’s behalf.
3.7Processing is any activity that involves use of the data. It includes obtaining,  recording or holding the data, or carrying out any operation or set of operations on the data including organising, amending, retrieving, using, disclosing, erasing or destroying it. Processing also includes transferring personal data to third parties.
3.8Sensitive personal data includes information about a person’s racial or ethnic origin, political opinions, religious or similar beliefs, trade union membership, physical or mental health or condition or sexual life, or about the commission of, or proceedings for, any offence committed or alleged to have been committed by that person, the disposal of such proceedings or the sentence of any court in such proceedings. Sensitive personal data can only be processed under strict conditions, including a condition requiring the express permission of the person concerned.
 
4. Data Protection Principles
 
Anyone processing personal data must comply with the eight enforceable
principles of good practice. These provide that personal data must be:
(a) Processed fairly and lawfully.
(b) Processed for limited purposes and in an appropriate way.
(c) Adequate, relevant and not excessive for the purpose.
(d) Accurate.
(e) Not kept longer than necessary for the purpose.
(f) Processed in line with data subjects’ rights.
(g) Secure.
(h) Not transferred to people or organisations situated in countries without adequate protection.
 
5. Fair and lawful processing
 
5.1 The Act is not intended to prevent the processing of personal data, but to ensure that it is done fairly and without adversely affecting the rights of the data subject.
5.2 For personal data to be processed lawfully, it must be processed on the basis of one of the legal grounds set out in the Act. These include, among other things, the data subject’s consent to the processing, or that the processing is necessary for the performance of a contract with the data subject, for the compliance with a legal obligation to which the data controller is subject, or for the legitimate interest of the data controller or the party to whom the data is disclosed.
5.3 When sensitive personal data is being processed, additional conditions must be met. When processing personal data as data controllers in the course of our business, we will ensure that those requirements are met.
 
6. Processing for limited purposes
 
6.1 In the course of ourbusiness, we may collect and process the personal data set out in the Schedule. This may include data we receive directly from a data subject (for example, by the Step Ladder Solutions Ltd on-boarding process, by the completing forms or by corresponding with us by mail, phone, email or otherwise) and data we receive from other sources (including, for example, business partners, sub-contractors in technical, payment and delivery services, credit reference agencies and others).
6.2 We will only process personal data for the specific purposes set out in the Schedule or for any other purposes specifically permitted by the Act. We will notify those purposes to the data subject when we first collect the data or as soon as possible thereafter.
 
7. Notifying Data Subjects
7.1 If we collect personal data directly from data subjects, we will inform them about:
(a) The purpose or purposes for which we intend to process that personal data.
(b) The types of third parties, if any, with which we will share or to which we will disclose that personal data.
(c) The means, if any, with which data subjects can limit our use and disclosure of their personal data.
7.2 If we receive personal data about a data subject from other sources, we will provide the data subject with this information as soon as possible thereafter.
7.3 We will also inform data subjects whose personal data we process that Step Ladder Solutions Ltd are the data controller with regard to that data.
 
8. Adequate, Relevant and Non-Excessive Processing
We will only collect personal data to the extent that it is required for the specific purpose notified to the data subject.
 
9. Accurate Data
 
We will ensure that personal data we hold is accurate and kept up to date. We will check the accuracy of any personal data at the point of collection and at regular intervals afterwards. We will take all reasonable steps to destroy or amend inaccurate or out-of-date data.
 
10. Timely processing
 
We will not keep personal data longer than is necessary for the purpose or
purposes for which they were collected. We will take all reasonable steps to destroy, or erase from our systems, all data which is no longer required.
 
11. Processing in line with data subject’s rights
 
We will process all personal data in line with data subjects’ rights, in particular their right to:
(a) Request access to any data held about them by a data controller (see also clause 15).
(b) Prevent the processing of their data for direct-marketing purposes.
(c) Ask to have inaccurate data amended (see also clause 9).
(d) Prevent processing that is likely to cause damage or distress to themselves or anyone else.
 
12. Data Security
 
12.1 We will take appropriate security measures against unlawful or unauthorised processing of personal data, and against the accidental loss of, or damage to, personal data.
12.2 We will put in place procedures and technologies to maintain the security of all personal data from the point of collection to the point of destruction. Personal data will only be transferred to a data processor if he agrees to comply with those procedures and policies, or if he puts in place adequate measures himself.
12.3 We will maintain data security by protecting the confidentiality, integrity and availability of the personal data, defined as follows:
(a) Confidentiality means that only people who are authorised to use the data can access it.
(b) Integrity means that personal data should be accurate and suitable for the purpose for which it is processed.
(c) Availability means that authorised users should be able to access the data if they need it for authorised purposes. Personal data should therefore be stored on Step Ladder Solutions Ltd’s central computer system and not on individual PCs or other devises.
12.4 Security procedures include:
(a) Entry controls. Any stranger seen in entry-controlled areas should be
reported.
(b) Secure lockable desks and cupboards. Desks and cupboards should be
kept locked if they holdconfidential information of any kind. (Personal
information is always considered confidential.)
(c) Methods of disposal. Paper documents should be shredded. Digital
storage devices should be physically destroyed when they are no longer
required.
(d) Equipment. Data users must ensure that individual monitors do not show confidential information to passers-by and that they log off from their PC when it is left unattended.
 
13. Transferring personal data to a country outside the EEA
 
13.1 We may transfer any personal data we hold to a country outside the European Economic Area (“EEA”), provided that one of the following conditions applies:
(a) The country to which the personal data is transferred ensures an adequate level of protection for the data subjects’ rights and freedoms.
(b) The data subject has given his consent.
(c) The transfer is necessary for one of the reasons set out in the Act, including the performance of a contract between us and the data subject, or to protect the vital interests of the data subject.
(d) The transfer is legally required on important public interest grounds or for the establishment, exercise or defence of legal claims.
(e) The transfer is authorised by the relevant data protection authority where we have adduced adequate safeguards with respect to the protection of the data subjects’ privacy, their fundamental rights and freedoms, and the exercise of their rights.
13.2 Subject to the requirements in clause 12.1 above, personal data we hold may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. That staff maybe engaged in, among other things, the fulfilment of contracts with the data subject, the processing of payment details and the provision of support services.
 
14. Disclosure and sharing of personal information
 
14.1 We may share personal data we hold with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006.
14.2 We may also disclose personal data we hold to third parties:
(a) In the event that we sell or buy any business or assets, in which case we may disclose personal data we hold to the prospective seller or buyer of such business or assets.
(b) If we or substantially all of our assets are acquired by a third party, in which case personal data we hold will be one of the transferred assets.
14.3 If we are under a duty to disclose or share a data subject’s personal data in order to comply with any legal obligation, or in order to enforce or apply any contract with the data subject or other agreements; or to protect our rights, property, or safety of our employees, Members, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
14.4 We may also share personal data we hold with selected third parties for the purposes set out in the Schedule.
 
15. Dealing with subject access requests
 
15.1 Data subjects must make a formal request for information we hold about them. This must be made in writing. Employees who receive a written request should forward it to the Data Protection Compliance Manager (who is the CEO unless another person has been designated) immediately.
15.2 When receiving telephone enquiries, we will only disclose personal data we hold on our systems if the following conditions are met:
(a) We will check the caller’s identity to make sure that information is only given to a person who is entitled to it.
(b) We will suggest that the caller put their request in writing if we are not sure about the caller’s identity and where their identity cannot be checked.
5.3 Our employees will refer a request to the Data Protection Compliance Manager (who is the CEO unless another person has been designated) for assistance in difficult situations. Employees must never (in any circumstances) allow themselves to be pressured by any other person into disclosing personal information.
 
16. Changed to this policy
 
We reserve the right to change this policy at any time. Where appropriate, we will notify data subjects of those changes by mail or email.
 
The Schedule
Data processing activities

Type of Data

1. Names, address, email, phone, details about employment, income and
financial circumstances (etc), as requested from Members as part of the Step Ladder on boarding process (or subsequently).
 
2. Names, address, email, phone, details about employment, income and financial  circumstances (etc), as requested from Members as part of the StepLadder on boarding process (or subsequently).

Type of Data Subject

1. Prospective Members and Members.
 
2. Prospective Members and Members.
 
 

Type of Processing

1. Collecting, analysing and storing.
 
2. Collecting, analysing, storing and contacting prospective members and members.

Purpose of Processing

1. To enable KYC, AML, affordability and other verification checks.
 
2. To enable marketing of targeted, tailored and/or discounted products to prospective members and members.
Type of recipient to whom personal data is transferred
 
1. One or more credit reference bureaux.
 
2. Mortgage broker, insurance brokers, banks, insurance companies, home removals companies, and other home-buying service providers.
Retention Period
 
1. [5 years after cessation of customer relationship.]
 
2. [5 years after cessation of customer relationship.]