GDPR COMPANY STATEMENT
The new EU General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) comes into force on 25 May 2018 (including in the UK regardless of its decision to leave the EU) and will impact every organisation which holds or processes personal data. The regulations control the use of “personal data”. This means data which relates to a living individual who can be identified from said data. It gives people greater control over their information, including the ability to withdraw consent for its use and to request access to it. Britannia Metalwork Services is identified as a Data Controller in the context of these new regulations, and this document explains how we intend to comply with the new regulations.
The GDPR Regulations impose new obligations and responsibilities on organisations that control or process relevant personal data including the need to demonstrate compliance. It also introduces new rights and protections for EU data subjects and imposes more stringent enforcement and substantially increased penalties than the current Data Protection Act (DPA) which it will supersede.
BRITANNIA AND YOUR PERSONAL DATA
Britannia Metalwork Services in our role as a Data Controller take the privacy of our Employees and Customers seriously and aim to achieve and maintain a high standard of privacy, security and transparency when it comes to personal data.
Our Standards are that Personal Data;
• is not kept for longer than is necessary
• is processed in accordance with an individual’s consent and rights
• is kept secure
• is not transferred to countries outside of the European Economic Area (‘EEA’) without adequate protection
• The Information we Collect:
We collect the name and contact details of our customers, or a person identified by the Customer as a point of contact for our dealings with the Customer.
We collect address details of our customers sites, be them their private dwelling or a building site they are responsible for
We collect sensitive personal data of our Employees and Job Applicants in the course of their Employment and/or potential employment. These will be normally supplied under the terms of the Contract of Employment, although this does not preclude the individual exercising their rights under the regulations.
How we Process the Information
For administrative and business purposes, for example to contact you, process orders, arrange appointments, and to improve our business and website.
A contact name may be included in the advice notes, invoices or certificates of conformity we provide as part of our service. These are supplied to the customer and a copy may be stored in our customer database.
To inform you of important and material events which directly affect our contract with you as our customer.
This may include but are not limited to changes of our contact details, non-payment of invoices, changes to our intended delivery schedule and progress updates on enabling works such as clearance. Communications such as this are an essential part of our provision of services.
We do not send marketing literature or information but we do occasionally send updates on our business and information about our recent works, unless you have opted out of such communications. You can do this by sending an email to email@example.com requesting your details are removed from our database.
Retention & Transfer of Information
We store information for no longer than is needed to fulfil our legitimate business needs and discharge any legal obligations we may have. Typically this is a period of 5 years from the completion of your last order.
The majority of the data we use is stored and processed in the EU. We do however use cloud storage servers which may physically be outside the EU.
We have ensured that our cloud storage is in compliance with the new Regulation. All files are encrypted and kept in secure storage servers which are recognised to be in compliance with ISO 27001—the internationally recognised standard for information security management systems.
We only disclose information to third parties to the extent necessary to run our business, to our service providers, to fulfil any contracts we enter into with you, and where required by law or to enforce our legal rights or comply with the requests of legal and regulatory bodies within the EU.
We will never sell information to third parties other than in the course of the sale or transfer of the business.
To ensure that we are compliant with the GDPR as a data controller we have where necessary contacted our third party data processors to request details of their own processes to ensure that they are also compliant with the above principles.
Your Rights Regarding Personal Data we Store
A person has the rights under the Regulation to access their information and to receive information about its use. If you would like a copy of the information we have, please contact us at any time.
We do require at least one point of contact with every customer, (although this may be a generic entity such as ‘Managing Director’) a contact telephone number and email address.
We do require a delivery/installation address once a contract is entered into. For deliveries, this can be a mail handler or drop off point, providing there is somebody to sign for the delivery.
If you have used the www.britannia.uk.com site before or have registered your interest with Britannia before it is possible that we have some personal information already and it is being used to contact you about offers, events, items or related activities that you may find useful. If you are an existing customer we will continue to keep you informed unless you tell us not to.
If you are a new customer we will give you the choice (for example once you have registered your interest) whether or not you want us to contact you about future offers, events and new products or related activities that you may find useful. We will not bombard you with emails, but we would like to keep you informed of any developments at Britannia.
We do not sell, trade or rent your personal information to other companies.
We will not send you any marketing emails or pass your information on to third parties unless you give us your consent, unless we have it already.
During your visit to the site you may be asked to check certain boxes in order to proceed. Where requested please therefore check the relevant box marked:
"I would like to receive information about Britannia products and promotions Britannia promote in future"
"Cookies" are a means by which information relating to your Internet activity (such as whether you have visited the Britannia website before) is recorded on your computer and used by us to improve our website and the products and services available to you.
Britannia hope that your visit to this website is a pleasant and enjoyable one. If you have any comments that you would like to make then in the first instance please contact us on 01242 820 582 or by email at firstname.lastname@example.org, and we will endeavour to assist you.