On the 25th May, 2018 the new GDPR regulations came into force. As part of the new regulations, Mammoth Mobiles Ltd have updated their privacy policy.
Introduction
Everyone has rights regarding the way in which their personal data is handled. To operate efficiently we need to collect and use information about the people with whom we provide a service for. This includes our current, past, and prospective employees, clients, and others with whom we communicate with.
We regard the lawful and correct treatment of personal information as integral to the success of our operations and to maintaining the confidence of the people we work and communicate with. To this end we fully endorse and adhere to the principles of the relevant legislation of GDPR and any Data Protection/Confidential Laws and regulations.
I, Lewis Watson, is registered as Data Controller on the Register kept by the Information Commissioner’s Office.
Good Practice
The regulations say that data must be “processed lawfully, fairly and in a transparent manner in relation to individuals”.
When you make an enquiry, we may require your name, address, telephone number(s) and email address for processing your enquiry/order and accounting purposes. We offer to keep in contact with you to offer goods/services and special offers. You have the option to opt in or out of our marketing correspondence. We do not request any personal data from you other than to carry out our business legitimately.
We do not pass on any personal information to any third parties unless it is requested for legitimate reasons from HMRC or our accountants/bookkeeping services as part of our accounts process. Our accountants/bookkeepers have their own privacy policies in line with legislation.
When you engage us as a supplier then we inform you personally of who our personal are who have access to your data.
Keeping Data Safe
The regulations say that data “processed in a manner that ensure appropriate security of the personal data, including protection against unauthorised or unlawful process and against accidental loss, destruction or damage, using appropriate technical or organisational measures”
Any personal data collected is stored on a computer system that is password protected and only authorised personal have access to this data. Passwords are changed on a regular basis to ensure security. The company computer is kept in a locked office when not in use. Back-up of systems are kept on a memory stick which is password protected and kept in a locked office to which only authorised personal have access to.
Any replacement of technical equipment which contains personal information we will ensure that hard drives, laptops, mobile phones and any other equipment are totally erased, destroyed so that none of the data can be retrieved by any unauthorised personnel.
In the event of any breach of security and data lost then those effect will be informed immediately, and a report sent to the Information Commissioner’s Office.
Keeping Information Accurate and Up-to-Date
The regulations say that data “accurate and, where necessary, kept-up-to-date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay”
As a company we will ensure that all the information we hold for you are correct and accurate including spelling of names, addresses, email addresses and telephone numbers.
At the initial point of contact we will check the information supplied. If any of the information you have furnished us with is incorrect, you have the right to contact us and request that this is corrected. Upon any errors being identified we will correct these immediately and inform you that the information has been corrected.
Processing Data for Limited Purposes
The regulations say that “kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be sorted for longer periods in so far as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes subject to implementation of the appropriate technical and organisational measures required by the GDPR in order to safeguard the rights and freedoms of the individuals”
Any information we are privy to when we are carrying out operations for you are kept confidential. If we are required to back up your equipment/device to enable a repair to be carried out, we will ensure that when we not long require the data then it will be erased and/or destroyed in line with legislation and our policies and procedures.
Sharing Personal Data
Under no circumstances will we share your personal data with any other companies for the purposes of marketing/direct sales.
If in our capacity as your supplier if it becomes necessary to contact a manufacturer regarding your equipment/device, then we will contact you to gain your permission to do so, if any personal data is required to be shared. We will only be required to do this if equipment/device requires intervention from a third party and they would need to be privy to your personal data.
Complaints Regarding How We Use Your Personal Data
If you feel that we have not dealt with your questions or queries regarding your personal data adequately under the GPDR regulations, then you can use our complaints procedures by emailing us at info@lwrepairs.co.uk.
If, at the conclusion of complaints procedure you do not feel that we have adequately dealt with your complaint you may make a complaint directly to the: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.
Telephone No. 0303 123 1113 or email casework@ico.org.uk