Menu

Privacy Policy

Privacy Policy

FL360 LIMITED TRADING AS HANDL GROUP PRIVACY NOTICE (GENERAL) Your privacy on www.handlgroup.co.uk

Note: If you are not a customer or potential customer of Handl Group, only the sections relating to our website are relevant to you. For suppliers (including experts) and clients of our customers, Handl Group will process personal data in the role of a data processor.

Last updated on: CURRENT DATE

1. Introduction

Welcome to the FL360 Limited (“Handl Group”) Privacy Notice.

Handl Group takes data protection seriously and is committed to respecting and protecting your personal data.

This Privacy Notice is provided in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018 (DPA 2018), the Privacy and Electronic Communications Regulations (PECR), and the Data (Use and Access) Act 2025 (DUAA), where applicable.

In this Privacy Notice, “Data Protection Legislation” means all applicable laws relating to the processing of personal data.

If you have any questions, contact our Data Protection Officer: Email – dpo@speedmedical.co.uk

Post – 16 Eaton Ave, Matrix Park, Chorley, Lancashire, PR7 7NA

You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) (www.ico.org.uk).

2. Data we collect

We may collect and process personal data in the following ways:

· when providing services to you or your organisation

· via our website (e.g. contact forms)

· through email, telephone or other correspondence

· through meetings, events and networking

· through general business operations

The personal data we process may include:

· name and title

· contact details (email, address, telephone number)

· preferences and interests

· identification information (where required)

· CCTV footage and access records (where applicable)

· correspondence and enquiry details

· reference numbers and account details

· special category data (only where necessary and instructed by customers)

We may also automatically collect:

· IP address

· website usage data

· browsing activity (via cookies and analytics tools)

This data may relate to:

· customers and their clients

· prospective customers

· website users

· suppliers and partners

3. Cookies

Our website uses cookies to distinguish you from other users and improve your experience. Cookies are small text files stored on your device.

They help us:

· understand how the website is used

· improve performance and functionality

Where required, we will seek your consent before placing non-essential cookies on your device, in accordance with PECR.

You can control cookies through your browser settings. Disabling cookies may affect website functionality.

For full details, please refer to our Cookie Policy.

Cookies are used in accordance with the Privacy and Electronic Communications Regulations (PECR).

4. How we use data

We use personal data for the following purposes:

· to respond to enquiries

· to manage relationships with customers and suppliers

· to provide and deliver our services

· to meet contractual obligations

· to comply with legal and regulatory requirements

· to improve our website and services

· to prevent fraud or unlawful activity

We may also send marketing communications where:

· you have provided consent; or

· we are permitted to do so under applicable law

You can opt out of marketing at any time.

We do not carry out automated decision-making or profiling that produces legal or similarly significant effects.

5. Legal basis

We rely on Article 6 UK GDPR:

· Contract (Art 6(1)(b)) – where processing is necessary to perform a contract

· Legal obligation (Art 6(1)(c)) – where required by law

· Legitimate interests (Art 6(1)(f)) – where necessary for our business operations, provided your rights do not override those interests

· Consent (Art 6(1)(a)) – where required (e.g. marketing)

· Special category data: Article 9(2)(f) – where required for legal claims

6. Sharing

We may share personal data with:

· customers and their authorised representatives

· medical experts and service providers

· IT providers and support services

· professional advisers (legal, regulatory, etc.)

· regulators or law enforcement where required

All sharing is carried out in accordance with Data Protection Legislation. We do not sell personal data.

7. Retention

We retain personal data only for as long as necessary, including for:

· service delivery

· legal and regulatory compliance

· financial and audit purposes

Retention periods are determined based on:

· legal requirements

· business need

· risk and sensitivity of the data

Data is securely deleted or anonymised when no longer required.

8. International transfers

Transfers are made in accordance with Chapter V UK GDPR. Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, such as:

· UK adequacy regulations

· standard contractual clauses

· other lawful transfer mechanisms

9. Rights

You have the following rights under UK GDPR and DPA 2018:

· access your personal data

· correct inaccurate data

· request erasure (where applicable)

· restrict processing

· object to processing

· request data portability

We will respond within one month where applicable.

Where we act as a processor, requests relating to client data will be referred to the relevant data controller.