General Data Privacy Notice
Central Engineering Design Ltd (Trading As Vapour Blasting Specialist) is committed to protecting and respecting your privacy.
This policy (together with our terms and conditions) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
- Who are we?
Central Engineering Design Ltd, this means we decide how your personal data is processed and for what purposes. Our contact details are: email@example.com or 01303 257187
- The purpose(s) of processing your personal data
We use your personal data for the following purposes:
Monitoring within the business
Responding to enquiries, complaints and requests
Quoting, purchasing and sales
- The categories of personal data concerned
We process the following categories of personal data:
- Name, email address, company name, company telephone number, job title, company address, bank details and any other information you supply us.
We have obtained your personal data from you directly.
- What is our legal basis for processing your personal data?
- Consent from the person / company.
- Processing necessary for the performance of any work with the person / company or to take steps to enter into a contract.
- Processing necessary for compliance with a legal obligation
More information on lawful processing can be found on the ICO website.
- Sharing your personal data
Your personal data will be treated as strictly confidential, and will not be shared with any third party. If this was necessary then we would gain your written permission.
- Storing you data
All data is stored by computerised systems (which are password encrypted) or within filing systems in the office (which are within locked cabinets).
- How long do we keep your personal data?
We keep your personal data for no longer than reasonably necessary to meet legal requirements.
- What we will do if there is a breach in personal data?
A personal data breach means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.
Steps we will follow in the event of this happening;
- Notify the ICO within 72 hours of identifying a breach
- Follow the guidance set out by the ICO.
- If a breach is likely to result in a high risk to the rights and freedom of individuals, the GDPR states we must inform those concerned directly and without undue delay.
- Your rights and your personal data
Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:
- The right to request a copy of the personal data which we hold about you;
- The right to request that we correct any personal data if it is found to be inaccurate or out of date;
- The right to request your personal data is erased where it is no longer necessary to retain such data;
- The right to withdraw your consent to the processing at any time.
- The right to request that we provide you with your personal data and where possible, to transmit that data directly to another data controller.
- The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
- The right to object to the processing of personal data where applicable.
- Further processing
If we wish to use your personal data for a new purpose, not covered by this Data Privacy Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions.
- How to make a complaint
To exercise all relevant rights, queries or complaints please in the first instance contact us on 01303 257187 or firstname.lastname@example.org
If this does not resolve your complaint to your satisfaction, you have the right to lodge a complaint with the Information Commissioners Office.