This statement is designed to transparently and unambiguously communicate to our clients and suppliers, why we collect their Personal data, what data we collect and the way we use that data.
Our Commitment to protecting your personal data
The company is committed to protect and secure any personal data that we collect and which we require to facilitate the services, transactional activities and support products that we provide to our clients and suppliers. The company take the protection of your Personal data very seriously and adhere to current Data Protection regulations including the GDPR.
What Personal data do we hold?
For Suppliers there are five categories of personal information that we hold about you employees:
- Name (may include first and last names)
- Business email address
- Business mobile phone number (maybe be a personal number)
- DDI office number
For Clients there are five categories of personal information that we hold about you:
- Mobile and home phone number
- Car Information (Registration, Make Model, Colour)
- Insurance Details
Where did we get your Personal data from?
For Suppliers, your employee personal data may have been collected from a number of sources:
- Collected from a website enquiry that has been made by your company to us
- From an email that has been sent from your company to us
- Collected from the public domain on the Internet
- Provided to us by a 3rd party data provider
For Clients your Personal data may have been collected from a number of sources:
- Directly from you
- Insurance companies
What is our lawful basis and purpose for holding your Personal information?
The lawful basis for holding client and supplier employee information is that we have a legitimate interest and the purpose is that we need this information to facilitate the services we or your company provide and to facilitate and transact those services and products.
We also have a legitimate interest and therefore a lawful basis to inform your company and its employees about existing and new services that we believe will be of benefit to you.
What do we do with your Personal information?
- We use your Personal information to communicate with you or your company by email or phone in relation to existing and ongoing business services, operations and transactions
- We also may use your details to inform you of existing and new services
What we don't do with your personal information
- We do not transfer or share your employee Personal information with anyone else
- We do not use any automated systems relating to your personal data
- We do not use your information for profiling
- We do not transfer your information outside of the EU
Who do we Share you data with?
- We do not share supplier personal information with anyone else
- We may need to share client Personal data with our business partners including, Car Recovery partners.
How do we secure your employee Personal data?
The company operates a best practise Governance and Information Security Management System which includes policies, controls and processes that have been introduced by the company, based on Risk Assessments, used to secure and protect Personal data. We have successfully certified as being compliant with the Cyber Essentials scheme.
How long do we keep your personal data?
- The supplier employee information we hold will be retained for as long as we continue our trading business relationship with you, or, until you inform us that an employee that we hold Personal information on, is no longer employed by your organisation or has changed role.
- Please note, emails from or to your ex-employees that relate to a business operation or transaction is regarded as corporate information and even though it may contain ex-employee Personal information will be kept for reference purposes.
- Client Personal information is kept for as long as we require it to facilitate repair and warranty services. Please note we will need to keep your Personal information relating to lifetime warranty services.
- Personal Information that we hold to inform you of existing and new services will be kept until you notify us that you no longer wish to receive this information or you want us to delete your employee Personal data.
What are your personal data rights?
If at any point, you believe the personal information we hold on you is incorrect, you want us to correct or delete that information, or you no longer want us to hold that information or contact you, you can exercise your rights under the current Data Protection laws.
- Right of access
- Right to rectification
- Right to erasure
- Right to restriction of processing
- Right to data portability
- Right to object
For more information about your personal data rights please visit the Information Commissioner Office website at: https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/
Who do I contact if I have an issue with my employee Personal information that you hold?
Please contact the Data Protection Officer on 014820588035 or send an email to firstname.lastname@example.org
How do I make a compliant about how my employee Personal data is being held or processed?
If you wish to raise a complaint please contact our Data Protection Officer who will investigate the matter.
If you are not satisfied with our response or believe we are processing your personal data not in accordance with the law, you may contact the Information Commissioner's Office (ICO). Their Helpdesk number is 0303 123 1113.
End of Document