Policy + General Information PRIVACY + COOKIE POLICY | DELIVERY | FAQ’S

Terms + Conditions

These terms and conditions relate to use of the site www.aco.co.uk

Additional terms and conditions are applicable to the use of the ACO hydraulic design software – www.hydraulicdesignsoftware.co.uk these are clearly visible when registering for that particular site.

www.aco.co.uk is run by ACO Technologies plc

ACO Technologies plc
ACO Business Park
Hitchin Road
Shefford
Bedfordshire, UK
SG17 5TE

Accuracy

We make every effort is made to ensure that the information on this site is accurate and up to date. However, ACO Technologies plc does not warrant or assume any legal liability for the accuracy of any information divulged and accepts no responsibility for any errors or oversights.

External Links

ACO Technologies plc is not responsible for the contents of any third party site pages or links provided within the site. Hyperlinks from the ACO site do not imply any kind of endorsement of the content of these pages.  In some instances visits to third party sites may involve third party cookies being placed on your machine.

Copyright

The following refers to all text, photos and other design elements on this website.

All material published on this website is material for which copyright is owned by ACO Technologies plc and others. No part of any material may be copied or reproduced without prior permission of ACO Technologies plc or the copyright holder. If you would like permission to copy or reproduce the material from ACO Technologies plc which is available on the Internet, please contact us at the above address.

Privacy policy

Please see our section on ‘Privacy policy’ for more details

Cookies

The website uses cookies – please see our section on ‘Cookie policy’ for more details

Passing on data

We do not disclose data to third parties.

Security

We do not use a secure transmission method for you to send us data. We have implemented security policies, rules and technical measures to protect the personal data that we have under our control from:

  • Unauthorised access
  • Improper use or disclosure
  • Unauthorised modification

All our employees and suppliers that have access to, and are associated with the processing of personal data, are obliged to respect the confidentiality of our customer's personal data.

Rights for access to personal data

You are entitled to ask if we are keeping any personal data about you and you can also request a copy of that data. At any time you may request that we delete or correct your personal information, please contact ACO Technologies plc via email at mypersonaldata@aco.co.uk or via the address above and address correspondence to the Personal Data Controller.

Non-Acceptance of the Terms and Conditions

If you do not accept these terms and conditions in full, you do not have permission to access the contents of the website and therefore should cease using the website immediately.

Privacy Policy

This privacy policy relates to use of www.aco.co.uk
 

Your Personal Data:

What we collect

ACO Technologies will be what’s known as the ‘Controller’ of the personal data you provide to us. We only collect basic personal data about you which does not include any special types of information but can include location based information – this will normally be your place of work and is only entered by you. Information will always include your name and email.  Any other personal data stored by us will be provided by you and will only be with your consent. 

Why we process personal information

Recital 47 of the GDPR allows for the processing of personal information for our legitimate business interests in terms of direct marketing. “Legitimate Interests” means the interests of our company in conducting and managing our business to enable us to offer you the best services and applicable products, and the most appropriate and secure experience.

For example, we have an interest in making sure our marketing is relevant for you and your organisation, so we may process your information to send you marketing that is tailored to your interests in your business. We believe this processing is in your interests as well.

When we process your personal information based on legitimate interests, we make sure to consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws. Our legitimate business interests do not automatically override your interests. We will not use your Personal Data for activities where our interests are overridden by the impact on you.

Processing of this data for ‘unsolicited’ marketing communications is also regulated by Privacy and Electronic Communications Regulations (PECR) consequently we are careful to ensure our processes conform to those requirements.

Where information has been directly requested by you, PECR is not relevant although in our communications we will always say who we are, display our telephone number and provide contact address whenever appropriate.

For corporate subscribers it may be that in the first instance what is known as a ‘soft opt-in’ will have been triggered by you through an active expression of interest in our business. We will always seek to offer clear and unambiguous options thereafter to ensure you receive only relevant information to your interest.

What are your rights?

We only use data for marketing where you have provided appropriate consent, however you are entitled to withdraw that consent at any time. 

PECR rules on consent, the soft opt-in and the right to opt-out, do not apply to electronic marketing messages sent by us to ‘corporate subscribers’. While you may receive a legitimate interest email from us based on a ‘soft opt-in’, we will always offer an easy and quick method to ‘opt out’.  

If at any point you believe the information we process on you is incorrect you can request to see this information and have it corrected or deleted within one calendar month. If you wish to raise a complaint on how we have handled your personal data, you can request for us to investigate the matter.

Data Protection is taken very seriously by ACO Technologies PLC and should you have any enquiries in the first instance your first point of contact should be via email to mypersonaldata@aco.co.uk

If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).

How we use your information

We would like to use your name and email address to provide you with information specific to your areas of interest, this would include things like technical updates, training, sector/role specific articles and new product updates. Ongoing use of your data for these communications will depend on your opt in preferences. 

Any information about you that we do hold is not shared with third parties and you can unsubscribe at any time via email mypersonaldata@aco.co.uk.

Storage of data

All the personal data we process is processed by our staff in the UK however for the purposes of IT hosting and maintenance this information is located on servers within the European Union and in the USA. No third parties have access to your personal data unless the law allows them to do so.

We have Data Protection processes in place to oversee the effective and secure processing of your personal data.

Data held in the USA is done so in partnership with a Processor that has successfully certified its adherence to the EU-US and/or Swiss-US Privacy Shield Framework, as administered by the U.S Privacy Shield Framework, as administered by the U.S. Department of Commerce and detailed at https://www.privacyshield.gov.

More information is available on request.

How long we keep your data

Personal data is stored for varying lengths depending on nature and purpose for which it was collected. We store personal data in line with any applicable statutory minimum periods, and then review it periodically (usually annually) to ensure it is still necessary to be retained for the purpose for which it was collected. Where there is a statutory maximum for which data can be retained, such as County Court Judgements we will delete accordingly on expiration.

For registered users that have bought product from us we are required under UK tax law to keep your basic personal data (name, address, contact details) for a minimum of 6 years after which time it will be destroyed.

Social Media Policy

In the following, we would like to take the opportunity to inform you how we handle your data in accordance with Art. 13 General Data Protection Regulation (GDPR). 

Responsible body

We, ACO Technologies plc, operate the following social media sites:

Twitter:

  • https://twitter.com/ACOWater
  • https://twitter.com/ACO_BD
  • https://twitter.com/RTMComp

Facebook

  • https://www.facebook.com/ACO.uk/
  • https://www.facebook.com/ACO-Water-Management-283969965087367/
  • https://www.facebook.com/raceteammanager/

LinkedIn

  • https://www.linkedin.com/company/aco-water-management/
  • https://www.linkedin.com/company/aco-technologies-plc/
  • https://www.linkedin.com/company/aco-building-drainage/

Youtube

  • https://www.youtube.com/channel/UClF6bksiEsA_g8YZmrsfz8g
  • https://www.youtube.com/channel/UCEDDXUf2nQEbGOaODY2xGhQ/featured

Instagram

  • https://www.instagram.com/aco.co.uk/

You can find our contact details on our contact us page at: https://www.aco.co.uk/contact-us

As well as us, there is also the operator of the social media platform itself. The operator is also considered a responsible body in this respect, and carries out its own data processing (separately to us), over which we have no influence.

Data processing by us

Data that you input when interacting with our social media sites, such as comments, videos, images, Likes, Tweets etc., is published through the social media platform and is not used or processed by us for other purposes at any point. We reserve the right to delete content only in the event that this should become necessary. Where appropriate, we will share your content on our page, if this is a function of the social media platform, and will communicate with you via the social media platform. The legal basis is Art. 6 para. 1 sentence 1 letter f GDPR. We tailor Facebook and Instagram advertising to selected target groups (e.g. Sponsored Posts, competitions) so that our content is visible to people for whom this content is relevant. We use the anonymised target groups that are available via Facebook Ads Manager in order to do this. Unfortunately, we have no influence over data processing carried out by Facebook Ads Manager. We are unable to identify individual persons at any time. We do not use Facebook Pixel, lead ads, chat bots or similar advertising aids that require surfing behaviour to be tracked.

Data processing is carried out in the interests of our public relations activities and communication.

If you would like to object to specific data processing procedures, please use the contact details stated on our contact us page to get in touch. We will then review your objection.

If you make enquiries via our social media platforms, depending on the answer required, we may refer you to other, more secure communication channels in order to guarantee confidentiality. You can always send us confidential enquiries at the postal address stated in on our contact us page.

Data processing by the operator of the social media platform

We cannot guarantee that the operator of the social media platform will not use web tracking methods. Web activity may be tracked irrespective of whether you are logged into or registered with the social media platform. Unfortunately, we have no influence over the web tracking methods of the social media platform.

Please be aware: We cannot guarantee that the social media platform provider will not use your profile and behavioural data, for example to evaluate your habits, personal relationships, preferences etc. We have no influence of any kind over the processing of your data by the social media platform provider.

Further information on data processing by the social media platform provider can be found in the provider’s Privacy Policy:

  • Twitter: https://twitter.com/en/privacy#update
  • Facebook: https://www.facebook.com/privacy/explanation
  • LinkedIn: https://www.linkedin.com/legal/privacy-policy
  • YouTube: https://policies.google.com/privacy
  • Instagram: https://help.instagram.com/155833707900388

Your rights as a user

In relation to the processing of your personal data, the GDPR grants certain rights for you as a website user:

1.) Right of access (Art. 15 GDPR):

You have the right to obtain information as to whether your personal data has been processed; if this is the case, you have the right to access this personal data and the information specifically listed in Art. 15 GDPR.

2.) Right to rectification and erasure (Art. 16 and 17 GDPR):

You have the right to obtain the immediate rectification of incorrect personal data concerning you, and where necessary to request the completion of incomplete personal data.

You also have the right to obtain the immediate erasure of personal data concerning you, provided one of the reasons specifically listed in Art. 17 GDPR applies, e.g. when data is no longer required for the purpose pursued.

3.) Right to restriction of processing (Art. 18 GDPR):

You have the right to obtain the restriction of processing if one of the conditions listed in Art. 18 GDPR is met, such as for the duration of a potential evaluation if you have lodged an objection against processing.

4.) Right to data portability (Art. 20 GDPR)

In certain cases, which are listed specifically in Art. 20 GDPR, you have the right to receive your personal data in a structured, common and machine-readable format, and/or request transmission of this data to a third party. 

5.) Right to object (Art. 21 GDPR):

If data is collected on the basis of Art. 6 para. 1 letter f (data processing for the protection of legitimate interests), you have the right to lodge an objection against this processing at any time, for reasons arising from your specific situation. We will then no longer process the personal data, unless there are demonstrable and compelling legitimate grounds for processing that outweigh the interests, rights and freedoms of the person concerned, or processing is carried out in order to assert, exercise or defend legal claims.

Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a supervisory authority in accordance with Art. 77 GDPR, if you believe the processing of your data violates data protection regulations. The right to lodge a complaint can be asserted in particular with a supervisory authority in the Member State in which you are habitually resident, in which you work, or in which the alleged violation took place.

Contact details for the Data Protection Officer

For information or suggestions relating to the topic of data protection, please do not hesitate to contact our Data Protection Officer:

Aine McCartney

Business Standards Coordinator

Tel: 01462 816666

Email: amccartney@aco.co.uk