Our Policies

What is a Cookie?

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. Cookies do not contain malicious software programs, spyware or viruses and are used as a means to collect an end user`s information in order to improve the user experience, by making the interaction between the user and the website faster and more personalised, by 'remembering' a user`s activity for the duration of the visit to the site 'Session cookie' or for repeat visits 'Persistent cookie'.

What Cookies do we use?

We use the following different types of cookies:

Session cookies

These are temporary cookies which are deleted when you close your browser or leave your session on our site or in the product or service. We use session cookies on our site to identify and track users and to store information about your preferences. Our session cookies may also contain your company name and email address.

Persistent cookies

Persistent cookies enable our site to 'remember' who you are and to remember your preferences on our site. Persistent cookies will stay on your computer or device after you close your browser or leave your session.

Load Balancer Cookie

This cookie is essential to help ensure that the website loads efficiently by distributing visits across multiple web servers.

Web analytics cookies and similar technologies such as Google Analytics These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited. Google stores the information collected by the cookies on servers in the United States. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google`s behalf. Google will not associate your IP address with any other data held by Google.

Unless you opt-out of the Google Cookie, by using this site you consent to the use of the Google Cookie and any information generated by Google Analytics. Click here or copy and paste the link into your browser: Http://www.google.com/analytics for an overview of privacy at Google and for information on how to opt-out from all Google Analytics cookies.

What information is collected?

The following information is collected in a cookie:

  • Your IP Address. This is a string of numbers unique to your device that is recorded by Noise Management Limited web server, when you request any page or component on the website. This information is used to monitor your usage of the website.
  • Data recorded by the website, which allows Noise Management Limited to 'recognise' you to optimise the session performance.

At no time, is any personal information collected.

Can I control the use of cookies?

Web browsers offer cookie management settings, which can be found in the options menu of the web browser, under 'tools'. Web browsers can also enable users to delete specific cookies; you can even set a web browser to reject all cookies. However, choosing to disable all cookies could significantly affect your web browsing experience as many Internet services rely on the use of cookies.

Visitors can opt-out of Google Analytics for Display Advertising and customize Google Display Network ads using the Ads Settings, see https://www.google.com/settings/ads. Additionally, visitors may wish to use the Google Analytics Opt-Out Browser Add-on found at https://tools.google.com/dlpage/gaoptout/

For a list of how to manage all the different browser cookies, here or copy and paste the link into your browser: http://www.aboutcookies.org.uk/managing-cookies

1. Purpose, Scope and Users

Noise Management Limited, hereinafter referred to as the "Company", strives to comply with applicable laws and regulations related to Personal Data protection in countries where the Company operates.

This Policy sets forth the basic principles by which the Company processes the personal data of consumers, customers, suppliers, business partners, employees and other individuals, and indicates the responsibilities of its business departments and employees while processing personal data. This Policy applies to the Company conducting business within the European Economic Area (EEA) or processing the personal data of data subjects within EEA.

The users of this document are all employees, permanent or temporary, and all contractors working on behalf of The Company.

2. Definitions

The following definitions of terms used in this document are drawn from Article 4 of the European Union`s General Data Protection Regulation:

Personal Data: Any information relating to an identified or identifiable natural person ("Data Subject") who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Sensitive Personal Data: Personal data which are, by their nature, particularly sensitive in relation to fundamental rights and freedoms merit specific protection as the context of their processing could create significant risks to the fundamental rights and freedoms. Those personal data include personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.

Data Controller: The natural or legal person, public authority, agency or any other body, which alone or jointly with others, determines the purposes and means of the processing of personal data.

Data Processor: A natural or legal person, public authority, agency or any other body that processes personal data on behalf of a Data Controller.

Processing: An operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction of the data.

Anonymisation: Irreversibly de-identifying personal data such that the person cannot be identified by using reasonable time, cost, and technology either by the controller or by any other person to identify that individual. The personal data processing principles do not apply to anonymised data as it is no longer personal data.

Pseudonymisation: The processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person. Pseudonymisation reduces, but does not completely eliminate, the ability to link personal data to a data subject. Because pseudonymised data is still personal data, the processing of pseudonymised data should comply with the Personal Data Processing principles.

Cross-border processing of personal data: Processing of personal data which takes place in the context of the activities of establishments in more than one Member State of a controller or processor in the European Union where the controller or processor is established in more than one Member State; or processing of personal data which takes place in the context of the activities of a single establishment of a controller or processor in the Union but which substantially affects or is likely to substantially affect data subjects in more than one Member State;

Supervisory Authority: An independent public authority which is established by a Member State pursuant to Article 51 of the EU GDPR;

Lead supervisory authority: The supervisory authority with the primary responsibility for dealing with a cross-border data processing activity, for example when a data subject makes a complaint about the processing of his or her personal data; it is responsible, among others, for receiving the data breach notifications, to be notified on risky processing activity and will have full authority as regards to its duties to ensure compliance with the provisions of the EU GDPR;

Each "local supervisory authority" will still maintain in its own territory, and will monitor any local data processing that affects data subjects or that is carried out by an EU or non-EU controller or processor when their processing targets data subjects residing on its territory. Their tasks and powers includes conducting investigations and applying administrative measures and fines, promoting public awareness of the risks, rules, security, and rights in relation to the processing of personal data, as well as obtaining access to any premises of the controller and the processor, including any data processing equipment and means.

"Main establishment as regards a controller" with establishments in more than one Member State, the place of its central administration in the Union, unless the decisions on the purposes and means of the processing of personal data are taken in another establishment of the controller in the Union and the latter establishment has the power to have such decisions implemented, in which case the establishment having taken such decisions is to be considered to be the main establishment;

"Main establishment as regards a processor" with establishments in more than one Member State, the place of its central administration in the Union, or, if the processor has no central administration in the Union, the establishment of the processor in the Union where the main processing activities in the context of the activities of an establishment of the processor take place to the extent that the processor is subject to specific obligations under this Regulation;

3. Basic Principles Regarding Personal Data Processing

The data protection principles outline the basic responsibilities for organisations handling personal data. Article 5(2) of the GDPR stipulates for "the controller shall be responsible for, and be able to demonstrate, compliance with the principles."

3.1. Lawfulness, Fairness and Transparency

Personal data must be processed lawfully, fairly and in a transparent manner in relation to the data subject.

3.2. Purpose Limitation

Personal data must be collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes.

3.3. Data Minimisation

Personal data must be adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed. The Company must apply anonymisation or pseudonymisation to personal data if possible to reduce the risks to the data subjects concerned.

3.4. Accuracy

Personal data must be accurate and, where necessary, kept up to date; reasonable steps must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified in a timely manner.

3.5. Storage Period Limitation

Personal data must be kept for no longer than is necessary for the purposes for which the personal data are processed.

3.6. Integrity and confidentiality

Taking into account the state of technology and other available security measures, the implementation cost, and likelihood and severity of personal data risks, the Company must use appropriate technical or organisational measures to process Personal Data in a manner that ensures appropriate security of personal data, including protection against accidental or unlawful destruction, loss, alternation, unauthorized access to, or disclosure.

3.7. Accountability

Data controllers must be responsible for and be able to demonstrate compliance with the principles outlined above.

4. Building Data Protection in Business Activities

In order to demonstrate compliance with the principles of data protection, an organisation should build data protection into its business activities.

4.1. Notification to Data Subjects

(See the Fair Processing Guidelines section.)

4.2. Data Subject`s Choice and Consent

(See the Fair Processing Guidelines section.)

4.3. Collection

The Company must strive to collect the least amount of personal data possible. If personal data is collected from a third party, the Information Security Manager must ensure that the personal data is collected lawfully.

4.4. Use, Retention, and Disposal

The purposes, methods, storage limitation and retention period of personal data must be consistent with the information contained in the Privacy Notice. The Company must maintain the accuracy, integrity, confidentiality and relevance of personal data based on the processing purpose. Adequate security mechanisms designed to protect personal data must be used to prevent personal data from being stolen, misused, or abused, and prevent personal data breaches. Information Security Manager is responsible for compliance with the requirements listed in this section.

4.5. Disclosure to Third Parties

Whenever the Company uses a third-party supplier or business partner to process personal data on its behalf, the Information Security Manager must ensure that this processor will provide security measures to safeguard personal data that are appropriate to the associated risks such as misuse of personal data, unauthorised disclosure of personal data, data breaches, etc. For this purpose, the Processor GDPR Compliance Questionnaire must be used. The Company must contractually require the supplier or business partner to provide the same level of data protection. The supplier or business partner must only process personal data to carry out its contractual obligations towards the Company or upon the instructions of the Company and not for any other purposes. When the Company processes personal data jointly with an independent third party, the Company must explicitly specify its respective responsibilities of and the third party in the relevant contract or any other legal binding document, such as the Supplier Data Processing Agreement.

4.6. Cross-border Transfer of Personal Data

Before transferring personal data out of the European Economic Area (EEA) adequate safeguards must be used including the signing of a Data Transfer Agreement, as required by the European Union and, if required, authorisation from the relevant Data Protection Authority must be obtained. The entity receiving the personal data must comply with the principles of personal data processing set forth in Cross Border Data Transfer Procedure.

4.7. Rights of Access by Data Subjects

When acting as a data controller, the Information Security Manager is responsible to provide data subjects with a reasonable access mechanism to enable them to access their personal data, and must allow them to update, rectify, erase, or transmit their Personal Data, if appropriate or required by law. The access mechanism will be further detailed in the Data Subject Access Request Procedure.

4.8. Data Portability

Data Subjects have the right to receive, upon request, a copy of the data they provided to us in a structured format and to transmit those data to another controller, for free. Information Security Manager is responsible to ensure that such requests are processed within one month, are not excessive (i.e. if the data subject sends requests daily) and do not affect the rights to personal data of other individuals.

4.9. Right to be Forgotten

Upon request, Data Subjects have the right to obtain from the Company the erasure of its personal data. When the Company is acting as a Controller, Information Security Manager must take necessary actions (including technical measures) to inform the third parties who use or process that data to comply with the request.

5. Fair Processing Guidelines

Personal data must only be processed when explicitly authorised by the Information Security Manager.

The Company must decide whether to perform the Data Protection Impact Assessment for each data processing activity according to the Data Protection Impact Assessment Guidelines.

5.1. Notices to Data Subjects

At the time of collection or before collecting personal data for any kind of processing activities including but not limited to selling products, services, or marketing activities, the Information Security Manager is responsible to properly inform data subjects of the following: the types of personal data collected, the purposes of the processing, processing methods, the data subjects` rights with respect to their personal data, the retention period, potential international data transfers, if data will be shared with third parties and the Company's security measures to protect personal data. This information is provided through Privacy Notice.

Where personal data is being shared with a third party the Information Security Manager must ensure that data subjects have been notified of this through a Privacy Notice.

Where personal data is being transferred to a third country according to Cross Border Data Transfer Policy, the Privacy Notice should reflect this and clearly state to where, and to which entity personal data is being transferred.

Where sensitive personal data is being collected, the person responsible for Data Protection matters must make sure that the Privacy Notice explicitly states the purpose for which this sensitive personal data is being collected.

5.2. Obtaining Consents

Whenever personal data processing is based on the data subject's consent, or other lawful grounds, the Information Security Manager is responsible for retaining a record of such consent. The Information Security Manager is responsible for providing data subjects with options to provide the consent and must inform and ensure that their consent (whenever consent is used as the lawful ground for processing) can be withdrawn at any time.

When requests to correct, amend or destroy personal data records, the Information Security Manager must ensure that these requests are handled within a reasonable time frame. Person responsible for data protection matters must also record the requests and keep a log of these.

Personal data must only be processed for the purpose for which they were originally collected. In the event that the Company wants to process collected personal data for another purpose, the Company must seek the consent of its data subjects in clear and concise writing. Any such request should include the original purpose for which data was collected, and also the new, or additional, purpose(s). The request must also include the reason for the change in purpose(s). The Person responsible for Data Protection matters is responsible for complying with the rules in this paragraph.

Now and in the future, the Information Security Manager must ensure that collection methods are compliant with relevant law, good practices and industry standards.

The Information Security Manager is responsible for creating and maintaining a Register of the Privacy Notices.

6. Organisation and Responsibilities

The responsibility for ensuring appropriate personal data processing lies with everyone who works for or with the Company and has access to personal data processed by the Company.

The key areas of responsibilities for processing personal data lie with the following organisational roles:

The board of directors makes decisions about and approves the Company's general strategies on personal data protection.

The Information Security Manager the nominated person responsible for data protection matters is responsible for managing the personal data protection program and is responsible for the development and promotion of end-to-end personal data protection policies;

The Information Security Manager monitors and analyses personal data laws and changes to regulations, develops compliance requirements, and assists business departments in achieving their Personal data goals. This may include seeking legal advice or external counsel.

The Information Security Manager is also responsible for:

  • Ensuring all systems, services and equipment used for storing data meet acceptable security standards.
  • Performing regular checks and scans to ensure security hardware and software is functioning properly.
  • Approving any data protection statements attached to communications such as emails and letters.
  • Addressing any data protection queries from journalists or media outlets like newspapers.
  • Where necessary, working with the Person responsible for Data Protection Matters to ensure marketing initiatives abide by data protection principles.

The Information Security Manager is also responsible for passing on personal data protection responsibilities to suppliers and improving suppliers' awareness levels of personal data protection as well as flow down personal data requirements to any third party a supplier they are using and must ensure that the Company reserves a right to audit suppliers.

7. Guidelines for Establishing the Lead Supervisory Authority

7.1. Necessity to Establish the Lead Supervisory Authority

Identifying a Lead supervisory authority is only relevant if the Company carries out the cross-border processing of personal data.

Cross border of personal data is carried out if:

a) processing of personal data is carried out by subsidiaries of the Company which are based in other Member States; or

b) processing of personal data which takes place in a single establishment of the Company in the European Union, but which substantially affects or is likely to substantially affect data subjects in more than one Member State. If the Company only has establishments in one Member State and its processing activities are affecting only data subjects in that Member State than there is no need to establish a lead supervisory authority. The only competent authority will be the Supervisory Authority in the country where Company is lawfully established.

7.2. Main Establishment and the Lead Supervisory Authority

The main establishment/ headquarters for Noise Management Limited is Unit 11, Victoria Business Centre, 43, Victoria Road, Burgess Hill, RH15 9LR UK.

8. Response to Personal Data Breach Incidents

When the Company learns of a suspected or actual personal data breach the Information Security Manager must perform an internal investigation and take appropriate remedial measures in a timely manner. Where there is any risk to the rights and freedoms of data subjects, the Company must notify the relevant data protection authorities without undue delay and, when possible, within 72 hours.

9. Audit and Accountability

The Information Security Manager and Tech team are responsible for auditing how well business departments implement this Policy. Any employee who violates this Policy will be subject to disciplinary action and the employee may also be subject to civil or criminal liabilities if his or her conduct violates laws or regulations.

10. Conflicts of Law

This Policy is intended to comply with UK laws and regulations in which Noise Management Ltd. operates. In the event of any conflict between this Policy and applicable laws and regulations, the latter shall prevail.

Noise Management Limited respect your privacy and we are committed to processing personal information of our customers in a secure and manner in line with our legal obligations.

This Policy explains how Noise Management Limited will use any personal information that we may collect about you when you use our website, applications, webforms, or when you use or are the recipient of our services.

By trading with Noise Management Limited, you are accepting and consenting to the practices described in this Privacy Notice.

The information we learn from our customers helps us to personalise and continually improve your experience and our services. We use the information to handle orders, deliver products and services, process payments/ invoices, communicate with you about orders, products, services and promotional offers, update our records and generally maintain your accounts with us, and recommend products and services that might be of interest to you. We may use your information to prevent or detect fraud or because it is required by law or for the purposes of legal proceedings and to enable third parties to carry out logistical or other functions on our behalf.

We may transfer your data to other third parties (including the police, law enforcement agencies, credit reference and fraud prevention agencies and other bodies) to protect our or another person's rights, property, or safety, in connection with the prevention and detection of crime.

1. What Information we collect

Our Personal Data Protection Policy governs the use and storage of your data.

Noise Management Limited is a Controller of the personal data you (data subject) provide us. We may collect the following types of personal data from you:

In the operational use and maintenance of our services, Noise Management Limited may collect personal information when:

  • you use our website,
  • you use our services,
  • you contact us, or;
  • you are a recipient of our services.
This may include information which is recorded on items being delivered to you or if you have:
  • completed an online form,
  • Set up an account or entered information on the Noise Management Limited website,
  • provided information as part of a webform contact request / enquiry, or;
  • contacted Noise Management Limited in writing or by phone.
We may collect the following types of information:
  • Your name, address, email address, telephone number(s) and other contact details,
  • information required to provide you with a service, and the details of the service that you have used,
  • information collected through your use of the Noise Management Limited website; see Cookie Policy for further information,
  • details of any enquiry,
  • information about items delivered to, or;
  • signatory information when signing for receipt of a delivery.

2. Why we need it

  • Noise Management Limited collects your personal information in order:
  • to provide you with our service(s),
  • to process your order and to provide after sales service, and;

Noise Management Limited will not sell or provide your data to any third party where you have not provided your consent to do so. All other information is processed in accordance with the Data Protection Act 1998, the General Data Protection Regulation (GDPR) 2018 and other applicable laws.

3. How Noise Management Limited collects personal information:

  • Directly from customers, for example when a customer contacts Noise Management Limited regarding a delivery, signs to confirm receipt of a delivery, or makes an enquiry.
  • From our partners, who provide Noise Management Limited with information about the end customer, so that we may fulfil our delivery services.
  • When products or services are provided together with a business partner and the information is collected by the business partner in order for Noise Management Limited to provide you with the service.

4. What we do with it

In operating our services, it may become necessary to transfer the data that we collect from you to third parties and business partners who are located outside of the European Economic Area (EEA). Any such transfer of information will only be in connection with the services that Noise Management Limited provides and Noise Management Limited will ensure that the information is protected to a level that meets the requirements of UK law.

By providing your data to us you agree to this transfer of data taking place.

No third party providers have access to your data, unless specifically required by law, where you have consented with us to do so, or in order to fulfil our service to you.

5. How long we keep it

Any personal data held by us for marketing and service update notifications will be kept by us until such time that you notify us that you no longer wish to receive this information or terminate your account with us.

6. What are your rights?

You have the right to access to any information that we hold relating to you. Requests must be made in writing and Proof of identification is required to protect your information and to ensure it is not disclosed to unauthorised parties.

Should you believe that any personal data we hold on you is incorrect or incomplete, you have the ability to request to see this information, rectify it or have it deleted.

In the event that you wish to complain about how we have handled your personal data, please contact info@noisemerch.com or in writing to Noise Management Limited is Unit 11, Victoria Business Centre, 43, Victoria Road, Burgess Hill, RH15 9LR UK. We will then look-into your complaint and work with you to resolve the matter.

If you still feel that your personal data has not been handled appropriately according to the law, you can contact the Information Commissioner’s office ICO and file a complaint with them.

1. DEFINITIONS:

In these Conditions:

a. "The Seller" is Noise Management Limited and associated businesses. "The Buyer" is the purchaser of the goods.

b. "The Buyer" is the purchaser of the goods.

c. "Goods" are goods and products of any kind sold by the seller.

2. APPLICATION OF CONDITIONS:

All goods are sold by the Seller on the following Conditions which shall prevail unless otherwise agreed in writing by the seller.

3. PRICES:

Prices quoted in the Seller's price list are subject to change without notice. The price payable by The Buyer will be the price current at the date of dispatch.

4. SHORTAGES AND NON DELIVERY:

No liability for alleged shortages of delivery or non-delivery of goods will be accepted by the Seller unless claims are notified in writing to the Seller within 7 days of delivery for shortages or 10 days from date of invoice for non-delivery.

5. DESCRIPTION AND QUALITY OF GOODS

a. Seller gives no guarantees as to the washing stability, colour fastness, durability or making up quality of the goods. Fabric / material composition is given as a guide only and the Seller reserves the right to change the composition without prior notice.

b. The Buyer is responsible for verifying the suitability and quality of the goods prior to use.

c. All conditions, warranties or other terms, express or implied by Statute as to the quality of the goods, their fitness for purpose or correspondence with description or sample are, save as expressly prohibited by law, expressly excluded.

d. The Seller shall be under no liability, however caused, arising out of or in connection with the goods, save that the total liability of the Seller in negligence is limited to the price of the goods.

6. RETURN OF GOODS

a. The Seller will not accept the return of goods which have been altered in any way, i.e. printed or embroidered.

b. The Buyer has no right to return any goods supplied pursuant to contract without prior written authorisation by the Seller. All requests for the return of goods must be made within 5 days of delivery.

c. The Seller reserves the right to apply a handling charge on any goods returned.

7. OWNERSHIP OF GOODS:

a. All goods shall be at the Buyer's risk from the time of delivery but will remain the property of the Seller until all payment in respect of any goods delivered by the Buyer to the Seller have been paid and received in full.

b. The Seller may at any time when payment is due to the Seller for any goods retake possession of all the Seller's goods then held in the custody of the Buyer.

c. The Buyer's right to hold or deal in any way with the Seller's goods shall terminate automatically and the Seller shall be entitled to immediately recover the goods if:

i. The Buyer, being an individual, becomes Bankrupt or is the subject of a Bankruptcy Petition or enters into any arrangement with creditors or,

ii. The Buyer, being a limited company is subject to the appointment of an Administrative Receiver or goes or is forced into any form of insolvency.

d. The Buyer authorises the Seller, its employees or agents to enter the Buyer's premises for the purpose of enforcing these provisions.

8. PAYMENT

a. Unless otherwise specifically agreed in writing by the Seller, payment for the goods is due to the seller within 30 days of the contract. All unpaid accounts will automatically be placed on hold if invoices remain unpaid after 30 days. Credit facility is offered based on the Buyer’s agreement to abide by these terms.

b. The Seller reserves the right to charge interest at 4% above the base rate at Santander Bank on any amount overdue, from due date to the date of payment.

c. The Seller may set off against any overdue account any sums due for any reason from the Seller to the Buyer.

d. The Seller will request payment by BACS for all non account holders. A surcharge of 2% may be added at the Sellers discretion for payments by cheque.

9. PRIVACY POLICY

a. Clients details to enable the Seller to obtain payment and carry out the transaction are destroyed after the payment has been authorised.

10. CANCELLATION:

a. Any orders placed by the Buyer shall be treated as a firm commitment and cancellation will not be accepted unless agreed in writing by the Seller.

b. The Seller will make all reasonable efforts to fulfil its obligations under such orders but shall not be liable for any cancellation or suspension of such orders caused by events beyond the control of the Seller.

11. REPRESENTATIONS:

No statement, information, warranty, condition or recommendation made by the Seller's employees or agents shall vary or override these conditions.

12. LAW

a. These conditions and all transactions between the Seller and the Buyer shall be governed by English Law and any disputes arising shall be resolved by the Courts in England.

b. If any condition herein becomes or shall be declared by a Court to be invalid or unenforceable that shall not impair or affect all other Conditions, which will remain in full force and effect.

13. CUSTOMER SERVICES.

If you have any difficulties you may want to contact the company by email info@noisemerch.com, by post: Alreet Ltd. 21 Hobart Crescent, Milton Keynes MK15 9HH, by phone: 01908 550843.