As you are probably aware, on the 25th May 2018, the EU new data protection legislation called the General Data Protection Regulation (GDPR) came into force. 

At Gandtrack ltd, your trust is important to us and we are committed to safeguarding your personal data, as a consequence we are taking this opportunity to inform you of the details we hold and how we use this information.


The information we hold is;

  • Your company name.
  • Your email address.
  • Your phone number.
  • Your bank details.


The data that we hold is used to fulfil our contractual agreement with you and to provide you with our products and services and where we need to comply with a legal or regulatory obligation or where it is necessary for our legitimate interests (and your interests do not override ours). 


We obtain and use this information to understand your needs and provide you with a better service, and in particular for the following reasons:

  • Internal record keeping.
  • We may use the information to improve our products and services.
  • We may periodically send promotional emails/ newsletters about new products, special offers or other information which we think you may find interesting using the email address which you have provided. You can however opt out of this at any time.


These details are held on our main IT system and in paper form, the IT system is protected with an internal firewall and anti-virus software. Appropriate measures are taken to ensure the security and integrity of the data

Both physical and digital.


In fulfilling our GDPR commitments, it’s important that the personal data we hold about you is accurate and up to date. As such, please keep us informed of any changes so that we can update our records and maintain our all-important relationship with you.


We will always treat the details you provide with the high level of integrity and security to enable us to carry out our contractual obligation with you.  We, we will never sell or share your information with other companies for marketing purposes. However, in some cases it may be necessary to send some details to other companies such as carrier companies in order to provide services to you or your customer. Where we do share information to third parties we will do everything within our powers to ensure that they are compliant with the GDPR regulations.


In compliance with our obligations the company has appointed a GDPR compliance person(s); Mr Graham Hirst ( & Mrs Janet Hughes ( , should you have any questions or wish to exercise any of your rights then please contact the above.


We will only retain your Personal Data, and that which belongs to individuals connected with your business, for as long as is necessary to fulfil our contract with you.  In the case of marketing and communications; we will retain and process this indefinitely until such time that you opt out.




The new regulations have enhanced your legal rights, You have the right to;

  • Request Access to your personal data, commonly referred to as a data subject access request or DSAR which enables you to receive a copy of the personal
  • data we hold on you and to check that it is being lawfully processed;
  • Request Correction of your personal data which enables you to have any incomplete or inaccurate data corrected;
  • Request Erasure of your personal data. This allows you to ask us to delete or remove personal data where there is no good reason for us to continue processing it. Please note that whilst we wish to comply with this as much as possible, it may be difficult to agree to this if we are required to continue processing for a legal reason(s); however we will notify you of this.


If you wish to exercise any of these rights, please contact one of our nominated compliance people.