Information we hold:
We document all employee personal data from source and its kept in a secure cloud.
This enables us to comply with the GDPR'S (General Data Protection Regulation) accountability principle.
All customer information is provided via a purchase order/eMail or phone call. This is stored on our accounting software and isn't shared.
Communicating privacy information:
We will retain personal employee data whilst in employment and here after 1 year.
All customer purchase orders and delivery notes are kept for one year and then recycled.
* the right to be informed
* the right of access
* the right to rectification
* the right to erasure
* the right to restrict processing
* the right to data portability
* the right to object
* the right not to be subject to automated decision-making including profiling
The current Managing Director will locate and be able to make deletions.
Subject access requests:
We will not charge for complying to a request.
We give 1 month notice to comply.
We can refuse and will give written notice. You have the right to complain within one month.
Consent was freely given by current employees to comply with GDPR
Simple procedures are in place to withdraw consent to any line item.
We may wish to assess the types of personal data we hold and document where we would need to be required
to notify affected individuals if a breach occurred.