In line with current legislation and with specific reference to the GDPR guidelines this policy will come into effect on 25th May 2018 and will supersede any previous documentation to the contrary.
Within this document we will aim to outline how all personal data is processed.
The personal data that we collect is limited to:
– Contact information i.e. telephone numbers, email addresses and addresses
– Email/Written correspondence
– Information relevant to providing our services i.e. property location/size/plans.
No special categories of personal data are held or processed by the company.
This data is stored via paper based systems in addition to various encrypted online systems as follows:
– Capsule CRM system
– Outlook emails
– Password protected excel spreadsheets
All paper based documentation containing sensitive information is kept securely within locked cabinets, inaccessible to those without proper authority.
The way in which data is obtained is via customer enquiries on our website. We will only ever store data that is necessary to contact the customer or to undertake works accordingly. By contacting Advanced Resin Solutions with the view of obtaining a response from the company, it is essential that there is a means of identifying each customer and thus counts as consent to process your personal data for the purposes identified.
If you are asked for sensitive personal data, we will always tell you why and how this information will be used.
You are entitled to view/edit any or all information that is held on you upon your request. You may request that your information is shared with a third party. This may be done in writing (email is acceptable) to the registered business address of: Advanced Resin Solutions, Portfield Farm, Portfield Lane, Langport, TA10 0NJ or to firstname.lastname@example.org.
Your information will never be shared with a third party without your express consent. No information will be transferred outside of the EU to ensure an adequate level of protection is provided to the consumer.
You may withdraw consent at any time either in writing (as per the above or additionally, you may withdraw consent via telephone by calling 01458 898743.
Furthermore, you may request that any information held on you is removed/deleted from our records. As above, this may be done in writing. We will endeavour to have this completed within a 72 hour window. All data that is no longer in use will be removed from the systems on a periodic basis.
In the event of a data breach involving personal data, these will be investigated and reported to the local authority within 72 hours. The information reported will advise as to what data has been lost, what the consequences of such a breach may be and the countermeasures that have been undertaken to prevent it from happening again.
If necessary, the breach will be reported to the individual whose data has been lost – this is relevant where the information in question was unencrypted.
Any queries in relation to this document should be addressed either in writing (post/email) to the Data Protection Officer.