Penryn Plastics are committed to protecting and respecting your privacy and personal data. This privacy and cookie policy relates to our use of any personal data we collect from you either via our website or direct.  

As well as this Privacy Policy, your privacy is protected by law.  The General Data Protection Regulation (GDPR) that came in to force on 25th May 2018 ensures that we use your personal information only if we have a proper reason to do so.  This includes sharing it outside-of-Penryn-Plastics.

This policy sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.  Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.  By visiting you are accepting and consenting to the practices described in this policy. 


  • We will only collect and use your information where we have lawful grounds and legitimate business reasons to do so.
  • We will be transparent in our dealings with you and will tell you about how we will collect and use your information.
  • If we have collected your information for a particular purpose we will not use it for anything else unless you have been informed and, where relevant, your permission obtained.
  • We will not ask for more information than we need for the purposes for which we are collecting it.
  • We will update our records when you inform us that your details have changed.
  • We will continue to review and assess the quality of our information.
  • We will implement and adhere to information retention policies relating to your information and will ensure that your information is securely disposed of at the end of the appropriate retention period.
  • We will observe the rights granted to you under applicable privacy and data protection laws and will ensure that queries relating to privacy issues are promptly and transparently dealt with.
  • We will train our staff on their privacy obligations.
  • We will ensure we have appropriate physical and technological security measures to protect your information regardless of where it is held.
  • We will ensure that when we outsource any processes we ensure the supplier has appropriate security measures in place and will contractually require them to comply with these Privacy Principles.


We may collect certain information or data about you when you contact us or use such as questions, queries or feedback you leave, including your email address if you contact Penryn Plastics.

We may also collect personal data from you by communications, including email, telephone, post or social media and by engagement of services or provision of goods.  This may include your (or your employer’s or our customers’) name, address, email address, date of birth, family relationships and bank account information. 

We may also require documentary details from you such as driving licence, passport or birth certificate, in order to comply with our obligations under identification, money laundering and anti-terrorism legislation. 

This data can be viewed by authorised people within Penryn Plastics to:

  • Improve the website by monitoring how you use it.
  • Gather feedback to improve our services.
  • Respond to any feedback you send us, if you’ve asked us to.
  • Provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes or by Legitimate Interests.
  • Notify you about changes to our business, goods or services.
  • Use in the investigation and/or defence of potential complaints, disciplinary proceedings and legal proceedings.
  • Enable us to invoice you and send statements for goods and services.

We may also process your personal data without your knowledge or consent, in accordance with this notice, where we are legally required or permitted to do so.


The law says that we must have one or more of the following reasons for using your data

  • To fulfil a contract we have with you to provide our services.
  • Where it is our legal duty.
  • When it is in our legitimate interest.
  • When you consent to the use of the data.
  • A legitimate interest is when we have a business or commercial reason to use your information.  Even then, it must not unfairly go against what is right and best for you. 
  • The legitimate interests that we will rely upon to process this information are:
  • To administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes.
  • To improve our site to ensure that content is presented in the most effective manner for you and for your computer.
  • To allow you to participate in interactive features of our service, when you choose to do so.
  • As part of our efforts to keep our site safe and secure.
  • To maintain contact with you when you are an existing client outside of our contractual obligations.


  • We store your data on secure servers in the European Economic Area (EEA).
  • By submitting your personal data, you agree to this.


  • We will only retain your personal data for as long is necessary to fulfil the purposes for which it is collected.
  • When assessing what retention period is appropriate for your personal data, we take into consideration:
  • The requirements of our business and the services provided.
  • Any statutory or legal obligations.
  • The purposes for which we originally collected the personal data.
  • The lawful grounds on which we based our processing.
  • The types of personal data we have collected.
  • The amount and categories of your personal data.
  • Whether the purpose of the processing could reasonably be fulfilled by other means.


  • Sending information over the internet is generally not completely secure, and we can’t guarantee the security of your data while it’s in transit.  Any data you send is at your own risk.
  • We have robust procedures and security features compliant with the GDPR in place to keep your data secure once we receive it.  In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. 
  • We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.


  • We may pass on your personal information if we have a legal obligation to do so, or if we must enforce or apply our terms of use and other agreements. This includes exchanging information with other government departments for legal reasons.
  • We won’t share your information with any other organisations for marketing, market research or commercial purposes, and we don’t pass on your details to other websites.
  • We will never sell your details to third parties.


You can find out what information we hold about you and ask us not to use any of the information we collect.

A Subject Access Request under the GDPR is your right to request a copy of the information that we hold about you.  Such requests must be in writing to the contact details provided in this policy.  If we do hold any of your personal data we will respond in writing within one calendar month of your request (where that request was submitted in accordance with this policy).

The information we supply will:

  • Confirm that your data is being processed.
  • Verify the lawfulness and the purpose of the processing.
  • Confirm the categories of personal data being processed.
  • Confirm the type of recipient to whom the personal data have been or will be disclosed.
  • Let you have a copy of the data in an intelligible form.
  • Please note that you may need to provide identification in order to prove who you are to access your data.
  • In the instance that we do not hold personal information about you we will also confirm this in writing within one calendar month.
  • To discuss our privacy policy or your individual rights you can contact us at the address below.

LINKS TO OTHER WEBSITES contains links to other websites.

This privacy policy only applies to, and doesn’t cover other services that we link to. These services have their own terms and conditions and privacy policies.

     Following a link to another website:

  • If you go to another website from this one, read the privacy policy on that website to find out what it does with your information.

     Following a link to from another website:

  • If you come to from another website, we may receive information from the other website. We don’t use this data. You should read the privacy policy of the website you came from to find out more about this.


If you have any complaints in relation to how our business has processed your data or in relation to the exercise of your rights as detailed above you can, in the first instance, raise your concerns by contacting us at the following address: Penryn Plastics, 6 Jennings Road, Kernick Industrial Estate, Penryn, Cornwall, TR10 9LY.