The General Data Protection Regulation, 2018 (GDPR) becomes law on 25th May 2018. In order to comply with the Regulation, we need to inform you about what personal data we collect and what we do with it.
Your personal data is information that can be used, either on its own or with other available data to identify you. If we make any change to our Privacy Statement we will update our documentation and post an updated version on our website. The Types of Data We Collect This may include, but is not limited to; • Name • Business address • Telephone numbers • Email address • Company registration numbers/ VAT numbers
We normally collect this information directly from you, either by telephone, email, post or website enquiry forms. If we get the information from someone else, we will normally inform you and ask you to confirm the details are correct and that we may keep them. We will not collect any unnecessary personal information that is not needed for the services we provide such as date of births, etc.
We hold and process your personal data in the following ways; • To fulfil the terms of a contract with you or your employer (invoices/statements) • To provide a quotation for our services • To update our records • To promote and manage our business • To comply with statutory and regulatory obligations • Financial management • Market research and business development • To comply with a legal obligation • In relation to employment or health and safety law • When you make requests for information • With your consent • When you request us to disclose information to other businesses or service providers. • If we need to make security or suitability (credit) checks in relation to you work with us
You are free to change your mind and withdraw your consent at any time simply contact us in the manner that is most convenient to you.
Subject to applicable data protection laws we may share your personal data with; • Sub-contractors, service providers or other person or organisations who help us provide our services, for example email, web-hosting and data backup services. Some of these service providers may transfer your personal data to others for regulatory and compliance purposes and this may entail sending your data to other countries. • Government bodies and agencies in the UK and other countries, for example, HMRC and the Information Commissioners Office. In some cases, these agencies may transfer your information to other similar bodies including those in other countries. • To comply with orders of the courts or other legal requirements. • To protect the security or integrity of our business. • In an emergency or otherwise to protect your vital interests. • Anyone else where we have your consent.
While some countries have adequate protection regulations for personal data in others it may be necessary to take additional steps to provide appropriate safeguards ensuring that recipients are appropriately certified. We will always use our best endeavours to secure your personal information.
‘Stored Digitally’ – all information that is stored digitally is on password protected computers with access only by restricted personnel. Emails will be stored and archived unless requested to be deleted.
‘Stored Physically’ – Names, addresses, telephone numbers will be printed on any invoices. Such information may also be on customer documentation. All documents are archived and destroyed as required by law.
Digital and physical information will be stored for as long as necessary (or until it is requested to be discarded), to support our legitimate interests. Documentation such as invoices, statements, remittances, receipts will be destroyed after a period of six years in order to meet legislative requirements.
The GDPR 2018 give you the right to; • To be informed about our processing of your personal data • To have your data corrected or completed • To object to or restrict processing of your data • To have your data erased or forgotten • To access any information we hold • To move, copy or transfer your data
You have the right to complain to the Information Commissioners Office, which has the power to investigate and enforce compliance with the law. To find out more go to www.ico.org.uk
Registered Office: 4 Horninglow Street, Burton-on-Trent, Staffordshire, DE14 1NG.
Tel: 01283 500789