top of page

Privacy Policy

Privacy Policy
 

At John Griffiths Ltd, we are committed to protecting your privacy and handling your personal information responsibly and transparently.

This Privacy Policy explains how we collect, use, store, and protect your personal data when you visit our website, contact us, book a service, enquire about a vehicle, or otherwise interact with us.

1. Who We Are

John Griffiths is the data controller responsible for your personal data collected through this website and through our business communications.

Business name: John Griffiths

If you have any questions about this Privacy Policy or how we use your personal information, please contact us using the details above.

2. The Information We Collect

We may collect and process the following types of personal data:

  • Your name

  • Your email address

  • Your telephone number

  • Your address, if you provide it

  • Vehicle details, including registration, model, and service-related information

  • Booking and enquiry details

  • Information you include when you contact us by form, phone, or email

  • Website usage data, such as IP address, browser type, pages visited, and how you use our website

  • Marketing preferences, where relevant

We only collect personal information that is relevant to the services we provide and the operation of our website.

3. How We Collect Your Information

We may collect personal data when:

  • You complete a contact or booking form on our website

  • You call, email, or otherwise contact us

  • You enquire about servicing, repairs, diagnostics, MOTs, vehicle sales, or related services

  • You request a quotation

  • You purchase or enquire about a vehicle

  • You sign up to receive marketing communications, where offered

  • You browse our website

Under UK GDPR, privacy information should be provided when personal data is collected from the individual.

4. How We Use Your Personal Information

We may use your personal information to:

  • Respond to your enquiries

  • Arrange bookings, inspections, servicing, repairs, MOTs, diagnostics, and related services

  • Manage customer relationships and provide customer support

  • Process and administer vehicle-related enquiries or sales

  • Contact you about your booking, vehicle, or requested service

  • Improve our website, services, and customer experience

  • Maintain internal business records

  • Comply with legal and regulatory obligations

  • Send marketing communications, where you have consented or where we are otherwise permitted to do so by law

5. Our Lawful Bases for Processing

We process personal data only where we have a lawful basis to do so. UK GDPR lawful bases include consent, contract, legal obligation, and legitimate interests, among others.

For our business, the main lawful bases are likely to be:

Contract
Where we need to process your information to provide a service you have requested, such as arranging a booking, carrying out work on your vehicle, or dealing with a sales enquiry.

Legitimate interests
Where it is necessary for the running and improvement of our business, customer service, record-keeping, fraud prevention, and website administration, provided your rights do not override those interests.

Legal obligation
Where we need to keep certain records or disclose information to comply with legal, regulatory, taxation, or consumer law requirements.

Consent
Where you have given clear permission, for example in relation to certain marketing communications or optional cookies.

6. Marketing Communications

If we send marketing communications, we will only do so where we have the right to do so. You can opt out of marketing at any time by contacting us or using the unsubscribe option included in relevant communications.

We will not sell your personal information to third parties for marketing purposes.

7. Cookies and Website Tracking

Our website may use cookies and similar technologies to help it function properly, improve performance, understand website usage, and support marketing activity where applicable.

Cookies and privacy notices should be clear, easy to access, and transparent. The ICO also recommends a layered approach where key information is shown upfront, with further detail available if needed.

Where required, we will ask for your consent before using non-essential cookies.

You can usually control cookies through your browser settings. You may also wish to include a separate Cookie Policy on the website.

8. Sharing Your Information

We may share your personal data where necessary with trusted third parties, including:

  • IT and website providers

  • Hosting providers

  • Analytics providers

  • Booking or CRM system providers

  • Payment or accounting providers, where relevant

  • Professional advisers such as accountants, insurers, or legal advisers

  • Regulatory bodies, law enforcement, or other authorities where required by law

We require third parties who process data on our behalf to respect the security of your information and to use it only for appropriate purposes.

9. Data Retention

We will only keep your personal data for as long as necessary for the purposes for which it was collected, including satisfying legal, accounting, regulatory, warranty, and customer service requirements.

If we do not have a fixed retention period for a category of data, UK guidance says we should explain the criteria used to decide how long the data will be kept.

Retention periods may vary depending on the nature of the enquiry, booking, transaction, or legal obligation involved.

10. Data Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, misuse, loss, disclosure, or alteration.

While we take reasonable steps to protect your information, no internet transmission or website storage system can be guaranteed to be completely secure.

11. Your Data Protection Rights

Under UK data protection law, individuals have rights in relation to their personal information. These may include the right to:

  • request access to your personal data

  • request correction of inaccurate data

  • request erasure of your data in certain circumstances

  • request restriction of processing

  • object to processing in certain circumstances

  • request data portability in certain cases

  • withdraw consent where processing relies on consent

The ICO states that people must be told which rights they have in relation to the use of their personal data, and that privacy information should include how they can complain.

To exercise any of your rights, please contact us using the details set out in this policy.

12. Complaints

If you have any concerns about how we use your personal data, please contact us first and we will try to resolve the issue.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection matters. The ICO is the UK regulator responsible for data protection and privacy rights.

13. Third-Party Links

Our website may contain links to third-party websites. If you follow a link to another website, please note that those websites have their own privacy policies and we are not responsible for how they handle your information.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes to our business, website, legal obligations, or the way we process personal data. Any updates will be posted on this page with a revised effective date.

15. Contact Us

If you have any questions about this Privacy Policy or how your personal data is handled, please contact:

John Griffiths using the information found on this site.

bottom of page