Capture it, transform it

We take our responsibility for holding and using your data seriously and are committed to
respecting and safeguarding your privacy and the personal data that you share with us.
We collect your personal data when you interact with us, for example when you:

• visit our websites
• buy our products or services
• contact us with an enquiry
• supply goods or services to us

This policy details the personal data that we collect about you, why and how we use it, your
rights regarding it and how you can update it.

We may make changes to this policy from time to time, so it’s worth checking back
occasionally to make sure you’re happy with those changes. Where we make significant
changes to this policy or how we use your personal data, we will take additional steps to
draw this to your attention.

Please ensure that you read and understand this policy. Where you interact with us or use
one of our websites, we assume that you have done so.
You should note that you have certain rights under this policy, including to object to certain
uses of your personal data. Further details are set out in the relevant parts of the policy.

Who are we?
In this policy, whenever you see the words ‘we’, ‘us’ or, ‘our’, it refers to the Brett Group
company that you are interacting with. This company will be the data controller responsible
for holding and using your personal data.
The identity of the specific Brett Group company will depend upon your interaction with us.
Details of each Brett Group company are as follows:

CompanyRegistration NumberRegistered Office
Robert Brett & Sons Limited00227266Robert Brett House. Ashford
Road, Canterbury, CT4 7PP
Brett Aggregates Limited316788As above
Brett Concrete Limited641279As above
Brett Landscaping Limited,
trading as Brett Landscaping
and Building Products
342312As above
Britannia Aggregates Limited2304376As above
Granite Products (CI) Limited6500051St Peters Valley,
Jersey CI, JE3 7EY

The data we collect about you.
Personal data means any information about an individual from which that person can be
identified. Details of data that we typically collect are set out in the appendix to this policy.

How we use your data.
We only process your personal data where we have a legal basis to do so. In almost all
cases the legal basis will be so we can perform our contract with you to provide products
and services or manage our supply chain.
A description of the ways we plan to use your personal data and which of the legal bases we
rely on to do so are set out in the appendix to this policy.

How long we keep it.
We will only retain your personal data for as long as reasonably necessary to fulfil the
purposes we collected it for, including for the purposes of satisfying any legal, regulatory,
tax, accounting or reporting requirements. We may retain your personal data for a longer
period in the event of a complaint or if we reasonably believe there is a prospect of litigation
with respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount,
nature and sensitivity of the personal data, the potential risk of harm from unauthorised use
or disclosure of your personal data, the purposes for which we process your personal data
(and whether we can achieve those purposes through other means) and the applicable legal,
regulatory, tax or accounting requirements. Details of retention periods for different aspects
of your personal data are set out in the appendix to this policy.

How safe is your personal data?
We have put in place appropriate security measures to prevent your personal data from
being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In
addition, we limit access to your personal data to those employees, agents, contractors and
other third parties who have a business need to know. They will only process your personal
data on our instructions and they are subject to a duty of confidentiality.3
We have put in place an IT Security and Data Incident Response Plan to deal with any
suspected data security breach and will notify you and any applicable regulator of a
suspected breach where we are legally required to do so

Who will be using it?
We never sell your personal data to any third parties for any reason.
We may share your data with selected third-party service providers, agencies and
subcontractors who do work on our behalf. Where this is necessary, we will only pass over
the information necessary to carry out the specific service and the third parties are under
contract to keep your information safe and secure and not to disclose it to anyone or use it
for their own marketing purposes.

If you make a purchase from us by bank card, your payment will be processed by a third-
party payment processor who specialises in the secure online capture and processing of
credit/debit card transactions. If you have any questions regarding the processing of
payment transactions, please contact us.

You will find some links in the Brett Group websites to third party websites. Please note that
we are not responsible for the privacy policies or content on such third party websites.

Do we transfer your data outside the UK?
We may transfer your personal data outside the UK. If we do, you can expect a similar
degree of protection in respect of your personal data and we will ensure that any relevant
countries have been deemed to provide an adequate level of protection for personal data.

How can you update your details?
We want to make sure that our information is as accurate as possible. If the data we hold
about you is incorrect or out-of-date, and you’d like us to make any changes, you can
contact us as set out below.

How do you make a complaint?
If you have any queries or complaints about our collection, use or storage of your personal
data, please contact us as set out below. We will investigate and attempt to resolve any such
complaint or dispute regarding the use or disclosure of your personal data.
You also have the right to lodge a complaint about our processing of your personal data with
the Information Commissioner’s Office, the supervisory authority for data protection issues in
England and Wales.

What are your rights in connection with your personal data?
Under certain circumstances, by law you have the right to request access to, verify, correct or
request deletion of your personal data or object to the processing of your personal data. If you
wish to make such a request, please contact us as set out below and we will process such
request in accordance with our Data Request Policy.

If you have any questions or need to contact us about this policy please contact our
General Counsel, Susan Kitchin by e mail on or by post to
Robert Brett House, Ashford Road, Canterbury, Kent, CT4 7PP.

Sign up to our newsletter for our latest offers & inspiration