Data Privacy Notice
For Customers & Suppliers

FloPlast Ltd ("We") are committed to safeguarding and respecting your privacy.

This privacy notice sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

As necessary, we may make changes to this Privacy Notice in the future. Any such changes will be posted online and, where appropriate, will be sent to you by e-mail. Please check back frequently to remain aware of any updates or changes to this Privacy Notice.

Table of Contents

1. Introduction and definitions
2. Who we are
3. The purpose(s) of processing your personal data
4. The categories of personal data concerned
5. Our legal basis for processing your personal data
6. Special categories of personal data
7. Sharing your personal data
8. How long do we keep your personal data
9. Your rights and your personal data
10. How we secure your personal data
11. Transfer of data abroad
12. Automated decision making
13. Contact information

1. Introduction and Definitions

The laws and regulations relating to the processing of personal data and privacy are set out in (but not limited to) the Data Protection Act 1998 and the General Data Protection Regulation ((EU)2016/679).

The following definitions apply:

Data controller – a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.

Data processor – any person (other than an employee of the data controller) who processes the data on behalf of the data controller.

Data subject – An individual who is the subject of personal data.

Personal data - Any information relating to a person who can be directly or indirectly identified by that information. For example, name, passport number, home address or private email address. Online identifiers may include an IP addresses and cookies.

Special categories personal data - The GDPR refers to sensitive personal data as ‘special categories of personal data’. These special categories specifically include racial and ethnic origin, sexual orientation, medical information (including mental health), trade union membership, political opinions and religious or philosophical beliefs. In addition, genetic data, and biometric data is included where it can be processed to uniquely identify an individual.

Processing – This is any operation or set of operations which is performed on personal data or on sets of personal data, whether manual or automated. This includes collection of the data, recording, organisation, storage either manually or electronically, adaptation or alteration of the data, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available the data, alignment or combination, restriction, erasure or destruction of the data.

Third party – This means a person, public authority, agency or body other than the data subject, data controller or data processor who, under the direct authority of the data controller or data processor, are authorised to access and/or process personal data.

2. Who are we

We are FloPlast Limited and we are the data controller. Our business contact details are:

FloPlast Ltd,
Castle Road, Eurolink Business Park
Sittingbourne, Kent
ME10 3FP.

For all data matters, please use the following contact email address:

3. The purpose(s) of processing your personal data

We use your personal data for the following purposes:

  • To arrange deliveries and collections of goods and services.

  • To take and process orders.

  • To take, or to make payments for services.

  • To contact you with any issues.

  • To keep you informed of any updates and news that may be relevant and useful to you.

Note - You are under no statutory or contractual requirement or obligation to provide us with your personal data. But failure to provide any necessary data may mean that we cannot fulfil orders or process payments that may be due to you.

4. The categories of personal data concerned

We collect information from you when you open an account with us, purchase our products and/or remit payment to us. We also collect information about you using cookies (see separate ‘Cookies Policy’), and if you interact with us via phone, social media or our website. Where suppliers are concerned, we also collect data from you when you open an account for us and/or supply us with goods or services.

The categories of information we collect directly from you include (but are not limited to):

  • Name, work or personal address, phone number, e-mail address, date of birth, gender, financial and/or credit card information, customer data, payment data.

  • Some of the above data will be collected via a third party where references or credit rating reports are required.

  • In addition, we also record dates and locations of deliveries relevant to your order.

  • We also have CCTV monitoring on site 24 hours a day, therefore all visitors to our premises may be recorded. The CCTV is routinely monitored for security purposes.

  • Where we have obtained your personal data from a third party this will be as our point of contact for receiving and arranging delivery of your order.

The legal bases for using your information are as follows:

  • Processing necessary for the performance of a contract with the data subject or to take steps to enter into a contract.
    We will collect, hold and process such data as is necessary to allow us to fulfil our contractual obligations both as customer and supplier.

  • Processing necessary for the purposes of the legitimate interests of the data controller or a third party, except where such interests are overridden by the interests or fundamental rights or freedoms of the data subject.
    We will process such data when it is in our legitimate interests to do so, i.e. in the normal course of our trading relationship and when these interests are not overridden by your data protection rights.

6. Special categories of personal data

We do not knowingly process any data from our customers or suppliers which falls into Special Categories.

7. Sharing your personal data

Your personal data will be treated as strictly confidential. Personal information about you is in some cases provided to our trusted partners in order to either make providing the service to you possible, or to enhance your customer experience.

Our Processing partners must ensure adequate levels of protection to your personal data. We disclose your personal data to third parties or public officials when we are legally obliged to do so. We might disclose your personal data to third parties if you have consented to it or if there are other legal grounds for it.

In terms of our website, your personal data will be shared with Google Analytics, a connected third party.

8. How long do we keep your personal data?

We will only keep your personal data for as long as we need to in order to fulfil the purposes for which it was collected, and for as long as we are required to keep it by law.

9. Your rights and your personal data

Under the EU General Data Protection Regulation (“GDPR”) you have certain rights with respect to your information which are summarized below:

  • Right to access information maintained about you;

  • Right to ensure your data is accurate and complete;

  • Right to erasure, or the right to be forgotten;

  • Right to restriction or suppression of personal data;

  • Right to data portability (to request that we transmit your personal data to another provider of services);

  • Right to withdraw consent if consent was previously provided; and

  • Right to raise a complaint to the Information Commissioner’s Office.

10. How we secure your personal data

We do our best to keep your personal data safe and secure. This includes, but is not limited to, the use of safe protocols for communication and transferring data, the use of pseudonyms (anonymising) where suitable and maintaining password protection where possible and/or required.

Although we will do everything we reasonably can to prevent data breaches, we cannot guarantee the security of information. However, we promise to notify the suitable authorities of data breaches, and to notify you if there is a threat to your rights or interests.

11. Transfer of Data Abroad

It is not intended that your information be transferred outside the European Economic Area (EEA), but if it is, mechanisms approved by the European Commission or the Information Commissioner’s Office (ICO) will be put in place prior to us processing your information. Where required we will also obtain your consent.

12. Automated Decision Making

We do not use any form of automated decision making in our business.

13. Contact Information

For all data matters please use the following email address:

If this does not resolve your query to your satisfaction, you have the right to lodge a complaint with the Information Commissioners Office on 0303 123 1113 or via email or at the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England.