PRIVACY NOTICE (CONTACTS) – MARCH 2018
Steven A Hunt & Associates Ltd. (SHA) is committed to protecting the privacy and security of your personal information.
This privacy notice describes how we collect and use personal information about you in accordance with the General Data Protection Regulation (GDPR).
DATA PROTECTION PRIVACY NOTICE (CLIENTS & SUPPLIERS)
This notice explains what personal data (information) we will hold about you, how we collect it, and how we will use and may share information about you during our relationship. You are being sent a copy of this privacy notice as we are required to notify you of this information under data protection legislation. Please ensure that you read this notice and any other similar notice we may provide to you from time to time when we collect or process personal information about you.
WHO COLLECTS THE INFORMATION
SHA (‘Company’) is a ‘data controller’ and gathers and uses certain information about you. In this notice, references to ‘we’ or ‘us’ mean the Company.
DATA PROTECTION PRINCIPLES
We will comply with data protection law and principles, which means that your data will be:
• Used lawfully, fairly and in a transparent way.
• Collected only for valid purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes.
• Relevant to the purposes we have told you about and limited only to those purposes.
• Accurate and kept up to date.
• Kept only as long as necessary for the purposes we have told you about.
• Kept securely.
ABOUT THE INFORMATION WE COLLECT AND HOLD
The table set out in Part A of the Schedule below summarises the information we collect and hold, how and why we do so, how we use it and with whom it may be shared.
We seek to ensure that our information collection and processing is always proportionate. We will notify you of any changes to information we collect or to the purposes for which we collect and process it.
WHERE INFORMATION MAY BE HELD
Information may be held at our offices and third party agencies, service providers, representatives and agents as described below:
• IT providers
• Marketing companies
• Credit Reference Agencies
HOW LONG WE KEEP YOUR INFORMATION
We keep the personal information that we obtain about you for no longer than is necessary for the purposes for which it is processed. How long we keep your information will depend on the purposes for which it is processed.
Further details on our approach to information retention and destruction are available in our our GDPR Policy Appendix E.
Please contact Debra Seddon our Data Protection Coordinator who can be contacted on 0151 427 8009 or via firstname.lastname@example.org if (in accordance with applicable law) you would like to correct or request access to information that we hold relating to you or if you have any questions about this notice. You also have the right to ask our Data Protection Coordinator for some but not all of the information we hold and process to be erased (the ‘right to be forgotten’) in certain circumstances. The Data Protection Coordinator will provide you with further information about the right to be forgotten, if you ask for it. Where consent was obtained to process your data – you have the right to withdraw your consent to the processing of your information. We will cease processing upon your request unless we have an alternative lawful reason for processing your data. We will inform you if that is the case.
KEEPING YOUR PERSONAL INFORMATION SECURE
We have appropriate security measures in place to prevent personal information from being accidentally lost, or used or accessed in an unauthorised way. We limit access to your personal information to those who have a genuine business need to know it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
SHARING YOUR PERSONAL INFORMATION WITH THIRD PARTIES
All our third-party service providers are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal data for their own purposes. We only permit them to process your personal data for specified purposes and in accordance with our instructions.
HOW TO COMPLAIN
We hope that our Data Protection Coordinator can resolve any query or concern you raise about our use of your information. If not, contact the Information Commissioner at https://ico.org.uk/concerns/ or telephone: 0303 123 1113 for further information about your rights and how to make a formal complaint.
THE SCHEDULE – ABOUT THE INFORMATION WE COLLECT AND HOLD.