Privacy Notice

Who we are

Topspeed Couriers Ltd is a limited company registered in England and Wales with company number 2355055. The firm’s registered office & head office is at is at Unit 12 Ion Path, Winsford Industrial Estate, Winsford,
Cheshire CW7 3BX

Telephone number: 01565 631 840
Email: info@topspeedcouriers.co.uk
Website: topspeedcouriers.co.uk


Privacy & Data Protection

Topspeed Couriers Ltd is registered with the Information Commissioner’s Office (ICO) with registration number ZA290930 and is subject to the requirements of data protection legislation applicable to the UK meaning that the company must use your personal data in accordance with the law.

Your personal data is important to both you and us and it requires respectful and careful protection.  This privacy notice informs you of our privacy practices and of the choices you can make about the way we hold information about you as a website visitor and generally as part of our business.  We have separate privacy notices that cover employees and other parties.  We are committed to complying with the GDPR (2016), the UK GDPR (2021) and the Data Protection Act (2018) and good business practices.  We are both a data controller and a data processor.

This is our privacy notice so please be aware that should you follow a link to another website, you are no longer covered by this notice. It’s a good idea to understand the privacy notice of any website before sharing personal information with it.

What personal data we collect and why?

We will use your contact details to provide information to you about the services that we offer.  We use this personal data where it is:

  • Authorised by you;
  • Necessary for the performance of a contract;
  • Required by law; it is required for public interest
  • Necessary for the purpose of our legitimate interests or those of a third party (in other words, we have a compelling justification for the disclosure); or
  • Necessary to protect your vital interests or those of another person i.e. to protect a life.

We regularly conduct data flows and a data inventory or data audit which looks at all aspects of the personal data that we process, including the legal basis for processing and any special requirements that the data needs.  Any risk assessments (DPIAs) requirements are identified and completed paying particular attention to privacy risks associated with each processing activity: storage, collection, transmission, access and deletion.

We regularly complete Legitimate Interest Assessments to ensure that our marketing activities are considered, appropriate and are in accordance with all relevant legislation.

We will never knowingly collect data from or on children below 13 years old.

Data Security

We have put in place security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorisation. This is in accordance with our Data Protection Policy. Your data may be used by our team who have a legitimate business need to know such data.   We will only process your personal data in accordance with our business processes where the safety of your data is paramount.

Who do we share your personal data with?

We use third parties in conjunction with routine business requirements, accountancy and insurance services.

  • With professional advisors such as accountants and insurance, although this information will be very limited;
  • In order to conduct checks on you to verify the information you have provided us with where you are being considered for a position or contract with us;
  • In the event of a sale of the company or its assets;
  • With suppliers but only subject to robust contractual protections;
  • If we are legally obliged to do so.

Please note that we do not require your consent to share this information if we suspect criminal or unlawful activity, in these circumstances we will only contact the relevant organisations.

At no point will your personal data be sold to anyone else and if we do need to share your data to a relevant third party, we will obtain your consent first.

Data Breaches

We have procedures in place to deal with any suspected personal data breach and will notify you and any supervisory body of a breach if we are legally required to.

Your data will be stored within the UK and we will not transfer your personal information outside of the EU without ensuring the correct data transfer protection is in place.

Retaining your data

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.  Our data retention policy considers the amount of data, its nature and sensitivity, the potential risk of harm from unauthorised use or disclosure, the processing purposes and if these can be achieved by other means and legal requirements.  This is regularly reviewed and we will minimise personal data wherever possible.

In some circumstances we may anonymise your personal data for research or statistical purposes in which case we may use this information indefinitely without further notice to you. You will not be recognisable as a natural living person from this anonymised data.

Your Rights

The GDPR provides the following rights for individuals:

Rights What does this mean?
1.            The right to be informed You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we are providing you with the information in this Privacy Notice.
2.            The right of access You have the right to obtain access to your information. This is so you are aware and can check that we are using your information in accordance with data protection law.
3.            The right to rectification You are entitled to have your information corrected if its inaccurate or incomplete.
4.            The right to erasure This is also known as the right to be forgotten and enables you to request the deletion or removal of your information where there is no compelling reason for us to keep using it. This is not a general right, there are exceptions.
5.            The right to restrict processing You have rights to block or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be blocked to make sure the restriction is respected in future.
6.            The right to data portability You have rights to obtain and reuse your personal data for your own purposes across different services.
7.            The right to object to processing You have the right to object to certain types of automated processing or decision making, including processing for direct marketing or where we are relying on our legitimate interests for processing.
9.            The right to withdraw consent If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for marketing purposes.

Please note that the rights described above are not absolute rights (they are not rights that will be automatically granted), as we have to consider whether there are any reasons why we cannot meet your request. For example, we will not be able to delete data that we are legally obliged to keep. We will let you know if we not able to meet your request and the reason why (where it is appropriate to disclose this information to you).  You can do this by informing our Data Protection Officer (contact details below)

Data Subject Access Requests

Under the GDPR you have the right to request a copy of the personal information that we hold about you and to have any inaccuracies corrected or information deleted.  You may need to prove your identity with appropriate  approved identification which could be a passport, driving licence or birth certificate.  We will try and verify your identity using personal data that we already have. We will verify your identity, noting how and when we verified it, then we will immediately delete any that data that we do not need.

We may send you a form which clarifies what information you need unless it is clear. If you can advise of the specific information that you require, we can process your request more quickly.

We will provide your personal data within one month of receiving identity verification, subject to any exemptions that we need to adhere to.

We will also explain why we have your personal data, who it could be disclosed to, the categories of data it involves and it will be in a format that you can access easily.  You have the right to clarify and correct the information as necessary.  It can be deleted providing that it is not required for legal or public interest reasons.  If your request is more complex, for example it involves other data subjects and obtaining consent, we can extend our response time to three months, but we will inform you of this.  We may need to anonymise this data or remove relevant details before sending this to you.

We will not charge for data subject access requests unless they are excessive or manifestly unfounded.  Then we will charge for administrative time only.

If you can advise of the specific information that you require, we can process your request more quickly.  We will respond to your request within one month of you providing information that confirms your identity. You are obviously entitled to all your personal information.

We will respond within one month, giving you a copy of your data, why we have it, who it could be disclosed to, the categories of data it involves, and it will be in a format that you can access easily.  You have the right to clarify and correct the information as necessary.  It can be deleted providing that it is not required for legal or public interest reasons.  If your request is more complex, for example it involves other data subjects and we need their consent to release the relevant information we can extend our response time to three months, but we will inform you of this.  If they do not give their consent, we will anonymise this data or remove the relevant detail before sending this to you.  We will not charge for data subject access requests unless they are excessive or manifestly unfounded.  Then we will charge for administrative time only.

Concerns, Comments and Feedback

If you have any concerns about your data, or any comments or feedback about our services then please get in touch at the address below and we will do our best to help you.

If you have any concerns about how your data is being used or processed and we have not been able to help you, then you can contact the Information Commissioner’s Office (ICO) if you are not happy with the way that we handle your personal data. You can contact the ICO at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF or by calling the ICO’s helpline on 0303 123 1113.

We have appointed Sarah Ginham-Clegg as our Data Protection Officer and you can contact her to discuss any data protection related issues or queries on 01565 631 840 or via email at SGinham-Clegg@topspeedcouriers.co.uk .