Privacy Policy 

 

Information we hold:

 

We document all employee personal data from source and its kept in a secure cloud.

This enables us to comply with the GDPR'S (General Data Protection Regulation) accountability principle.

All customer information is provided via a purchase order/eMail or phone call. This is stored on our accounting software and isn't shared.

 

Communicating privacy information:

 

*Lawful basis

We will retain personal employee data whilst in employment and here after 1 year.

All customer purchase orders and delivery notes are kept for one year and then recycled.

​

Individual rights:

 

* the right to be informed 

* the right of access

* the right to rectification

* the right to erasure

* the right to restrict processing

* the right to data portability

* the right to object

* the right not to be subject to automated decision-making including profiling

 

The current Managing Director will locate and be able to make deletions.

​

Subject access requests:

 

We will not charge for complying to a request.

We give 1 month notice to comply.

We can refuse and will give written notice. You have the right to complain within one month.

 

Consent:

 

Consent was freely given by current employees to comply with GDPR

Simple procedures are in place to withdraw consent to any line item.

 

Data Breaches:

 

We may wish to assess the types of personal data we hold and document where we would need to be required

to notify affected individuals if a breach occurred.