Hacketts Private Information Policy (Doc 0.04.12)
Effective Date 25th January 2018.
The following is an extract from Hacketts Private Information Policy. If you have any queries please contact us at firstname.lastname@example.org.
Hacketts undertakes to perform its responsibilities under the legislation in accordance with the 8 Data Protection Principles outlined in the Acts.
- Obtain and process information fairly: Hacketts obtains and processes personal data fairly and in accordance with its statutory and other legal obligations. Hacketts collects customer and supplier emails, phone numbers, job titles and addresses for the purpose of sending quotations, confirming instructions, making deliveries and for invoicing and accounting purposes only. Employee details such as name, address, phone number personal email, next of kin, bank details and PPS number are collected when the employee joins and amended as these details change.
- Keep it only for one or more specified, explicit and lawful purposes: Hacketts keeps personal data for purposes that are specific, lawful and clearly stated. Personal data will only be processed in a manner compatible with these purposes. Customer and supplier contact information is stored and used solely for the purpose of business communication and the orderly running of the business. We do not send block marketing emails and, aside from normal sales and accounting procedures, we do not analyse personal data. Employee data is stored and processed for the maintenance of statutory employee records, payroll processing and for the management of the business.
- Use and disclosure only in ways compatible with these purposes: Hacketts only uses and discloses personal data in circumstances that are necessary for the purposes for which it collected and keeps the data, i.e. in the management and running or our business.
- Keep it safe and secure: Hacketts takes appropriate security measures against unauthorised access to, or alteration, disclosure or destruction of data and against accidental loss or destruction. All of our information is stored on our secure, password-protected network servers.
- Keep it accurate, complete and up-to-date: Hacketts operates procedures that ensure high levels of data accuracy, completeness and consistency. Data is backed up daily, monthly and annually to ensure its completeness and accuracy.
- Ensure it is adequate, relevant and not excessive: Personal data held by Hacketts are adequate, relevant and not excessive in data retention terms.
- Retain for no longer than is necessary: Hacketts has a policy on retention periods for all information including personal data (see Data Retention Policy 0.04.18)
- Give a copy of his/ her personal data to that individual, on request; Hacketts has procedures in place to ensure that data subjects can exercise their rights under the Data Protection legislation. If you wish to enquire about any matter relating to your personal data, please email email@example.com
Hacketts undertakes to comply with the requirements of The General Data Protection Regulation (GDPR), which will come into force on the 25th May 2018. In addition to the existing eight Data Protection Principles, the new regulations extend them further in order to strengthen the personal data rights. Hacketts provides a link on its website to allow the following:
- Data subjects can request to have their data erased by an organisation, where, for example, the organisation has no legitimate reason for retaining the data.
- Data subjects can obtain their data from an organisation and can have that data transmitted to another organisation.
- Data subjects can object to the processing of their data by an organisation in certain circumstances.
- Data subjects can request to not be subject to (with some exceptions) to automated decision making, including profiling. This element of GDPR is included for the sake of completeness but it is not relevant to Hacketts as the company does not use profiling or automated decision making
If you wish to enquire further about any of the above, please contact us at firstname.lastname@example.org