Data Protection Policy
The aim of this policy is to comply with the relevant legislation in regard to the keeping of customer data. Newquay Garage Doors is committed to conducting its business in accordance with the General Data Protection Regulation (GDPR) to protect such information, and to obtain, use, process, store and destroy it, only in compliance with the GDPR and its principles.
This Data Protection Policy sets out how Newquay Garage Doors use and protect any information that is collected, used, retained and destroyed in the course of its business activities. The company requires certain personal information relating to each individual in order to manage its business in an efficient and effective manner.
DEFINITION OF PERSONAL INFORMATION
Any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly, or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.
Data: includes computerised data, manual data and any other form of accessible record that includes personal information held by Newquay Garage Doors.
Personal data: is that which relates to a living individual who could be identified by the data.
Data Subject: A data subject is an individual that is the subject of any personal data.
Further information on what constitutes personal information and your rights under the data protection regulation and laws can be found on the Information Commissioners Office (ICO) Website.
This policy applies to all staff of Newquay Garage Doors and pertains to the processing of personal information. Personal Data is any information which relates to an identified or identifiable person. The identifiable person is anyone who can be identified, directly or indirectly by reference to an identifier such as a name, location, or contact details.
Newquay Garage Doors collects personal information of its clients in order to carry out its everyday business functions and activities. This information includes the first and last name, home address, email address and telephone number/mobile number of its prospective customers and current customers. This information is collected in a transparent way and only with the full co-operation and knowledge of interested parties. Once this information is available to us, the following rules apply.
Our data will be:
- Used by Newquay Garage Doors in accordance it the Data Protection Act.
- Be obtained and processed fairly and lawfully, in particular, shall not be processed unless specific conditions are met.
- Be relevant and not excessive in relation to the purpose for which it was collected.
- Accurate and, if necessary, be kept up to date.
- Protected against any unauthorised or illegal access by internal or external parties.
- Be stored safely to avoid unauthorised access, loss and/or damage.
- Not be transferred to any third party
Our data will not be:
- Communicated informally
- Stored for more than a specified amount of time
- Transferred to any other organizations
- Distributed to any party other than the ones agreed upon by the data’s owner (exempting legitimate requests from law enforcement authorities)
In addition to ways of handling the data Newquay Garage Doors has direct obligations towards people to whom the data belongs. Specifically, we must:
- Let people know which of their data is collected
- Inform people about who has access to their information
- Allow people to request that we modify, erase, reduce or correct data contained in our databases.
To exercise data protection Newquay Garage Doors are committed to
- Restrict and monitor access to sensitive data
- Develop transparent data collection procedures
- Establish data protection practices (document shredding, secure locks, data encryption, frequent backups, retention guidelines)
Our records contain information that is an invaluable resource and operational asset to the company. Records are also pivotal in the documenting and evidence of all business functions and activities.
RETENTION PERIOD PROTOCOLS
All records retained during their specified periods are traceable and retrievable. We will carry out periodical reviews of the data retained. The requirements of the company is to keep the records for 11 years. This information is in the form of a copy of the original invoice which has the customers name and address on it. The default standard retention period is 6 years plus the current year for accountancy purposes.
data or record
|Period for retaining record
and accompanying notes
|Accounting Records||6 years||Destroy|
|Paper copies of Invoices||11 years||Destroy|
|Computer Invoices / quotes||3 years||Archive||can be destroyed
after 11 years
|Customer Database||10 years||Archive||can be destroyed
after 20 years
STORAGE AND ACCESS OF RECORDS AND DATA
- Paper invoices, quotations and accounting records are kept in a locked cabinet in the main office.
- Computer records containing invoices, quotations and the customer database are password protected.
- Archived documents transferred to a back up disc are stored in a locked box within a locked filing cabinet.
EXPIRATION OF RETENTION PERIOD
Due to the nature of the business, the company retains paper based personal information and as such, has a duty to ensure that it is disposed of in a secure, confidential and compliant manner. The company uses a cross shredder on site to dispose of all paper materials.
Once a record or data has reached its designated retention period date, the documents shall be shredded.
Newquay Garage Doors follow strict security procedures in the storage and use of personal information in order to prevent unauthorised access. Information the company collects, such as names, addresses, emails and telephone numbers are used for internal use only and is for reasonable legitimate intention for the basis of processing. The company do not collect age, marital status, gender, ethnicity, religion or any financial information.
Newquay Garage Doors use paper records for surveying, quotations and invoicing. The use of Electronic and IT records is key to the smooth running of the business.
The company use email as a form of communication and customers freely give this information in order to communicate effectively with the company. The need to encrypt email will only hinder the use between customer and company and we therefore do not encrypt our emails. Newquay Garage Doors do not use telephone, or email for any marketing purposes.
From time to time the company upload before and after photos of garage doors that have been installed. These photographs are cropped or areas blurred out so that they a not identifiable to a house name or number and therefore not identifiable to an individual. Customers can advise the company to remove any information and the company will conform to the customers wishes.
Newquay Garage Doors has procedures to help you make sure that your information is accurate, current, complete and safe. If you desire to correct any such information, or if you have any questions or comments regarding this Policy, please contact us.
VARIATIONS TO THE POLICY
This Policy will be reviewed and, if necessary, revised in the light of legislative or codes of practice and organisational changes.
Should any amendments, revisions, or updates be made to this policy it is the responsibility of Newquay Garage Doors to ensure that the revised policy is uploaded to the website.
Issued on 11/04/2018
Revised on 15/10/2018 (revisions put on front of website)
Review date: 10/04/2019
Newquay Garage Doors accepts that the use of email is a valuable business tool. However, misuse of this facility can have a negative impact upon productivity and the reputation of the business.
The purpose of this policy is to clearly define the permissible use of e-mail.
Use of email is permitted and encouraged where such use supports the goals and objectives of the business. This policy applies to all company employees, contractors or temporary staff who have been granted the right to use the company's email facilities.
The e-mail system is primarily for business use however, occasional and reasonable personal use is permitted provided that this does not interfere with the performance of their duty. The company will decide what constitutes excessive use.
When using e-mail users must not:
- Violate UK laws.
- Impersonate any other person.
- Amend messages received.
- Waste time or network resources.
- Corrupt or destroy data.
- Infringe upon the privacy of other users.
- Advertise or use it for private gain.
Distributing disseminating images, text or materials that might be considered:
- Indecent or pornographic.
- Obscene or discriminatory.
- Offensive or abusive.
This policy outlines the procedures to be adopted for invoicing customers and escalation process for non payment.
The aim of this policy is to:
- Demonstrate the way that Newquay Garage Doors does business.
- Avoid confusion and misunderstandings.
- Mitigate the risk of no payment.
Invoices will be raised and sent out immediately on completion of the order.
The Accounts Department will collect all outstanding money in a timely manner.
All customers will be contacted once an invoice is 5 days past its due date.
All customer contact will be made in a responsible and respectful manner.
If a customer is unable or unwilling to pay their outstanding balance, Newquay Garage Doors will consider placing the account with a collection agency or has the right to remove the garage door from the premises as the goods still remain the property of Newquay Garage Doors.
Non paying accounts can be written off to bad debt only after the customer has filed for bankruptcy, gone out of business or has been placed with a collection agency and no payments have been received for 12 months.
Implementation of the Policy
Overall responsibility for policy implementation and review rests with the Newquay Garage Doors.
This Policy was approved & authorised by:
Name: Deborah Danson
The policy will be monitored on an on-going basis, monitoring of the policy is essential to assess how effective the Company has been.
This policy will be reviewed and, if necessary, revised in the light of legislative or codes of practice and organisational changes. Improvements will be made to the management by learning from experience and the use of established reviews.
Policy review date: 12/10/2018
Should any amendments, revisions, or updates be made to this policy it is the responsibility of the Company to ensure that the revised policy is uploaded to the website.
If you require any additional information or clarification regarding this policy, please contact your manager. In the unlikely event where you are unhappy with any decision made, you should use the Company's formal Grievance Procedure.
To the extent that the requirements of this policy reflect statutory provisions, they will alter automatically when and if those requirements are changed.
See Cookie article in Wikipedia http://en.wikipedia.org/wiki/HTTP_cookie
Summary of Cookie use on this site
Some extensions, compoenents, modules or plug-ins on this site may create their own cookies. For example to store a session, a viewing or a possible saved choice or selection.
Notifying users of cookies use