Privacy Policy


This privacy policy explains what to expect when CRC (Tasktron Ltd) collects and uses your personal information. We encourage you to read this carefully and if you'd like to learn more about our data protection and privacy policy or get further clarification, please contact our friendly team and we will be happy to assist.

We at CRC are committed to protecting your privacy and ensuring the personal information you have entrusted to us is processed in accordance with the UK Data Protection Act 2018 and the UK GDPR. Privacy and Electronic Communications Regulations (PECR) rules also still apply to cover marketing, cookies and electronic communications. These laws strengthen your rights and give you control over the personal information that organisations hold about you.

This privacy policy governs our data collection, processing and usage practices. It also describes your choices regarding use, access and correction of your personal information. By using our websites, email mailing list or any other means of sharing your personal data with us you consent to the data practices described in this privacy policy. If you do not agree with the data practices described in this privacy policy, you should not use our websites or use our email mailing list.

Information We Collect

We collect your personal information in the following ways:

When you Give it to Us Directly

You may provide us with your personal information directly in the following ways:

  • In person, by email, phone or through the post
  • Contacting us through our websites
  • Through social media
  • Signing up to receive our email promotions
  • Responding to product promotions
  • Making a purchase through our websites
  • Applying for a job

When you Give it to Us Indirectly

Your information might be shared with us through independent third-party interactions. These third parties will only provide us with your information if you have given your permission for it to be shared with us. Manufacturers such as Canon, ACCO, Esselte and Leitz have agreements with us to service and repair your machines when they are under warranty or in need of repair. This allows us to collect and return your machines to you.

We routinely work with trusted partners and suppliers who work with us on our behalf, such as when you order through our websites and your payment details are handled securely by our Payment Service Provider, Barclaycard and PayPal.

When you engage with our social media accounts, we may also obtain your personal information, such as through Facebook, Twitter, or LinkedIn, depending on your settings or the privacy notices of these platforms and messaging services. You can change your settings by referring to their privacy notices for details on how to do this.

When you Visit Our Websites or Social Media

When you visit our websites, we gather general information about how you use them, as well as information about the type of device you are using to access them (e.g. phone, tablet or PC). This data helps us to create a better online experience for you, to make it easier to find what you're looking for or fix things if they are difficult to use.

We use cookies which are text files that a web browser stores on your device to track, save and store information to understand how you interact with our websites and help improve how it works. Cookies may or may not expire when you close your browser. Further details are provided in our Cookie Policy.

Data we collect when you visit our website uses Google Analytics (GA4) since July 2023 and Google Universal Analytics prior to that. Google have made a number of changes to the way they collect website usage data in order to comply with GDPR and data privacy laws. Key changes mean that we now have tools to help protect your data and limit the data we collect so that we can obtain explicit consent from you about what data we can collect about you; we can limit the sharing of data we collect about you; the data we collect is anonymised, and we can determine where and how long data is kept.

How We Use Your Personal Information

We collect relevant personal information depending on the interaction you have with us. Personal information is anything that can be used to identify you as an individual. It can include your name, email address, postal address, telephone numbers, and credit/debit card details.

The legal basis for processing your personal information is legitimate interest which means that we have respectfully considered the need to process your personal data and your rights as an individual when carrying out these data processes and we believe our contact with you is linked to legitimate business purposes, which may include some or all of the following:

  • to process and fulfil any services, orders or enquiries you place with us through our websites or by telephone
  • to process any orders from manufacturers with whom we have an agreement with to service or repair your equipment
  • to keep a record of your relationship with us and for administrative purposes (such as our accounting and consent record-keeping to ensure we know when you prefer not to be contacted)
  • where the processing enables us to enhance, modify, personalise or otherwise improve our services / communications for the benefit of our customers
  • to identify and prevent fraud
  • to enhance the security of our network and information systems
  • to better understand how people interact with our websites and improve their browsing experience by personalising the websites
  • to send marketing information to you which we think may be of interest to you by post, email, SMS or other means
  • to determine the effectiveness of promotional campaigns and advertising
  • to administer employment applications

We use the information we collect only in compliance with this privacy policy. We will never sell your personal information to any third party. Whenever we process data for these processes, we will ensure that we keep your personal data rights in high regard and take account of your rights.

How We Store Your Information and Keep it Safe

At CRC we take data protection very seriously. We make it a priority to ensure that we have the right level of controls, interventions and processes in place to ensure we keep your personal information safe. However, the nature of data transfer - especially online - is never fully secure, so we cannot guarantee the complete security and protection of it when it is outside of our control. Be assured that once we have your personal information, we do all we can to ensure that we have the systems and processes in place to safeguard it including using encryption when needed.

Personal data you provide to us is stored on our secured servers within the UK, where our website is hosted, and also in the USA, where our email campaign provider, Mailchimp, is hosted. The laws in the USA differ to the UK, however, any third party referred to above outside of the UK has agreed to abide by the UK’s levels of data protection in respect of the transfer, processing and storage of any personal data. By providing your data to us, you agree to this transfer and storage.

Where we work with external companies to collect and process your data for us on your behalf (such as to process orders through our websites or with manufacturers who ask us to service or repair your machines) we ensure these companies adhere to our privacy policy and have rigorous security and data protection processes in place.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping the password confidential. We ask you not to share a password with anyone.

Only authorised staff have access to your personal information, and only if essential. They are trained to understand the policies, processes and protocols for keeping your information safe.

We have robust internal procedures for storing, protecting and deleting any paperwork relating to our customer orders and contacts.

At times we may share links to other websites and use social media platforms such as Facebook, LinkedIn and Twitter. We are not responsible for these sites - refer to their own privacy policies to learn more.

Credit and Debit Card Payment Information

When you order from us online or over the phone, CRC ensures that this is done securely and in accordance with the Payment Card Industry Data Security Standard (PCI DSS). All credit or debit card details are entered directly into the Barclaycard Merchant Services or PayPal site and never recorded or stored in any of our systems on completion of your transaction. Remember; don't send an email with any credit or debit card details.

If you have any questions about the security of your personal information, you can contact us at

Data Breaches

In the event of a data breach, we shall ensure that our obligations under applicable data protection laws are complied with where necessary.

How Long We Keep Your Data

CRC will only keep your personal information for as long as it is required and in accordance with statutory requirements. For example, HMRC requires that we keep a record of your name and address for seven years from the date of your last transaction. When there is a legitimate interest for us as the Data Controller to retain your personal information such as to inform or communicate with you as a customer, we shall retain the personal information for this purpose only. Where the information is no longer required, we will ensure that it is disposed of in a secure manner. If you have indicated that you do not wish to hear from us in the future, we will keep the minimum information necessary to ensure we avoid contacting you any further. If we have not heard from you for a period of 2 years, your personal data will be removed from our systems.

Who We Share Your Information With

Compelled Disclosure

We reserve the right to use or disclose your personal information if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or comply with a law, court order, or legal process.

Sharing Your Information with Trusted Third Parties

We may share your personal information with trusted partners and third parties when it is necessary to provide products and services you have requested from us (such as courier services to deliver goods you have ordered) or where they are contracted to develop or maintain our services (such as our website providers). We monitor information security compliance and require all partners or third-party providers to process your personal information only on our instructions and in accordance with applicable data protection and privacy laws.

How to Access Correct or Delete Your Personal Information

CRC acknowledges that you have the right to access your personal information and we are responsible for correcting, deleting or updating information that we have collected. Upon request CRC will provide you with information about whether we hold any of your personal information. If your contact details change, or you believe the information we hold about you is out of date or inaccurate, please get in touch to update us in the following ways:

CRC Ltd, CRC (Tasktron Limited), Unit 3, Wintonlea, Monument Way West, Woking, Surrey GU21 5EN.

We will respond to your request within a reasonable timeframe and notify you of the action we have taken. Actions will be carried out within a month, and the likelihood is it will be much sooner.

Your Marketing Preferences

Email marketing is only sent to you if you have subscribed to our email mailing list. We send email communications to customers infrequently so as not to overwhelm you with emails. You may unsubscribe from our marketing communications at any time by clicking on the 'unsubscribe' link located on the bottom of our emails, or by sending us email us at Postal marketing may be included with any orders you place with us including the latest special offers on products unless you have told us you would prefer not to receive this information by post. Telephone and SMS marketing - we do not specifically carry out telephone or SMS marketing activities though we may call to update you on an order you have placed with us and if we do, we may notify you of relevant offers on our products and services. CRC is committed to respecting your choice to receive marketing information. You can update your permissions and contact preferences at any time by calling our friendly team on 01483 776060 / Emailing


Changes to this Policy and Contacting Us About this Policy

We will regularly review and update this privacy policy and you should check it from time to time to see future updates. If there are significant changes in the way we process your personal information, we will provide a prominent notice on our website or send you a notification. This privacy policy was last updated in October 2022. If you have any questions about this policy or our treatment of the information you provide us, please write to us by mail to Data Protection Officer, CRC (Tasktron Ltd), Unit 3, Wintonlea, Monument Way West, Woking, Surrey GU21 5EN or contact us by phone or email: Phone: +44(0)1483-776060 or Email:

You also have the right to lodge a complaint with the Information Commissioner's Office about how we manage your data. You can contact them in the following ways:

Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Tel: 0303 123 1113.