The EUs General Date Protection Regulation (GDPR) comes into force on the 25th May 2018.
Under the Regulations the following definitions apply: –
Data: Is information which is stored electronically or in certain paper based filing systems.
Data Subject: Is a living, identified or identifiable individual about whom we hold Personal Data. Data Subjects may be nationals or residents of any country and may have legal rights regarding their Personal Data.
Personal Data: Is any information identifying or relating to a Data Subject that we can identify (directly or indirectly from that data alone or in combination with other identifiers we possess or can reasonably access). Personal Data excludes anonymous data or data that has had the identity of an individual permanently removed. Personal Data can be factual (eg. a name, email address, location or date of birth) or an opinion about that person’s actions or behaviour.
Personal Data Breach: Is any act or omission which compromises the security, confidentiality, integrity or availability of Personal Data or the physical, technical, administrative or organisational safeguards that we or our 3rd party service providers put in place to protect it.
We adhere to the principles relating to the processing of Personal Data set out in the GDPR which require Personal Data to be: –
(a) Processed lawfully, fairly and in a transparent manner;
(b) Collected only for specified, explicit and legitimate purposes;
(c) Adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
(d) Accurate and where necessary kept up-to-date;
(e) Not kept in a form which permits identification of Data Subjects for longer than is necessary for the purposes for which the Data is processed;
(f) Processed in a manner that ensures its security using appropriate technical and organisational measures to protect against unauthorised or unlawful processing and against accidental loss, destruction or damage;
(g) Not transferred to another country without appropriate safeguards being in place;
(h) Made available to Data Subjects, with Data Subjects being allowed to exercise certain rights in relation to the Personal Data.
We are responsible for and must be able to demonstrate compliance with the data protection principles listed above.
Protecting the confidentiality and integrity of Personal Data is a critical responsibility that we take seriously at all times.
Under the GDPR and in the instance that J Harvey Engineering Ltd suffers a Personal Data Breach, it is our responsibility as data controllers to inform the data protection authority within 72hrs of becoming aware of it.
John Harvey Engineering Ltd is committed to ensuring that your privacy is protected. We will only use the information that we collect about you lawfully. We adhere to the principles relating to the obtaining and processing of Personal Data which are set out in the GDPR and are responsible for and must be able to demonstrate compliance with the data protection principles listed above.
We collect information about you to tailor our business and to provide you with the best possible service.
We will only use your personal information to administer your account and to provide the products and services you have requested. We need to keep some details on file; examples being addresses and contact details.
How will we use the information about you?
We will not pass your details on to others without contacting you first.
Your information will not be used for marketing purposes outside of John Harvey Engineering Ltd. We will never sell your data and John Harvey Engineering Ltd promise to keep your details safe and secure.
We may need to contact you from time to time to check that the information we hold is accurate and up-to-date.
Please contact us at any time to check the information we are holding. The information can then be updated or deleted as preferred. The personal information which we hold will be held securely in accordance with our internal security policy and the law. If you have any concerns or queries about the above, then please do not hesitate to contact the office.
Email enquiries are dealt with promptly and your details will be saved to assist with any future correspondence. John Harvey Engineering Ltd understands that most people hate spam emails and we therefore do not send out any newsletters or marketing mail. However, from time to time we may alert you to our new products and special offers which we think may be of interest. If you prefer us not to do so, please contact us accordingly.