The Company is committed to protecting the privacy of all personal information that comes its way. This document outlines the Company’s policy on handling of such data, what, why and how it is handled, and who may use it. Such information is handled in accordance with the 2015 General Data Protection Regulation (GDPR), through procedures in C Data’s Business Management System.
WHY INFORMATION IS COLLECTED AND HELD
1. Personal Information is limited to that required to run the business (no children’s data is required), including:
· Details for the various “stakeholders” – name, telephone and email contact details.
· Staff information includes home address, payroll and security clearance details.
· Details in order to process orders or provide clients with a more convenient service.
· CCTV data is collected whilst remotely monitoring the generator.
2. Whilst corporate contact details may be provided to satisfy a client contract, no further personal data is collected without the individual’s consent (including a private mobile). Such data will be kept accurate and up to date whenever possible.
3. Hosted services are provided for some clients where CData acts as Data Processor under the GDPR but not a Data Controller. The obligations on a Data Processor will be observed although it must be noted that such client data content is the preserve of the client.
HANDLING OF INFORMATION
4. An information subject may email “[email protected]” from the data subject’s email address for details of the information held. Any inaccuracies notified will be corrected promptly or the entry deleted as requested by the data subject.
5. No unsolicited email or printed marketing information will be sent without express consent.
6. Personal information will be held securely in accordance with an Information Security Policy.
7. Information will not be transferred to third parties or outside the country of registration without explicit consent.
8. Data will be deleted when no longer required.
9. The technology may be used to track patterns of behaviour of visitors to our web sites and to improve the user experience. This can include a “cookie” which is stored within the users browser. Such features are offered through an “opt in” mechanism.
10. Access to personal data is restricted to those who need it for the conduct of their job.
11. Documented procedures are in place to handle all breach of personal information.