Southern Lasers & Surveying Equipment Ltd Privacy Policy
GDPR Compliance 2018
Southern Lasers & Surveying Equipment Ltd is the Data Controller. The Data Controller is responsible for how your personal data is processed, stored and used. This applies to all our Customers, Suppliers and Employees.
What is your Personal Data?
Personal Data is anything that can identify an individual alone, or in conjunction with any other information in the Data Controllers possession.
What type of Personal Information do we hold?
Customer
Your name and address
Invoice address - if not the same
Telephone numbers & Contact names
Email addresses
Invoices and sales history records
Email and postal correspondence
Suppliers
Your name and address
Telephone numbers & Contact names
Email addresses
Invoices, quotes and purchase history records
Bank account details
Email and postal correspondence
Employees
Your name and address
Telephone numbers
Next of Kin
HMRC relevant information
Payroll information
We use your Personal Data when it is in our legitimate interests for internal purposes only associated with maintaining our business.
To maintain our own accounts and records.
To enable us to enter into a contract with you.
To enable us to pay your wages.
Sharing your Personal Data
In order to carry out legal obligations, we are legally required to retain a certain amount of data for compliance with HMRC and other statutory bodies, and only use your Data for the financial responsibilities we have, and for maintaining our trading relationship. All these organisations are GDPR compliant.
We use your information to keep track of payments we make to you and/or receive from you, and services/goods we receive from you or supply you.
We do not trade Personal Data for commercial purposes and we do not trade outside of the UK therefore there is no need to transfer Data outside of the UK.
How long do we keep your Personal Data?
Your Personal Data will be kept for 10 years after the completion of the contract.
Visitors to our Website
Our Website is managed by a company called Innermedia Ltd. They collect standard internet log and details of visitors to the site to determine what parts of the site are being visited most or not so much to enable them to improve all areas. They are GDPR compliant too.
Our site contains links to the manufactures we use. They have their own Privacy policies and we do not accept the responsibility or liability for their policies so please check these before you submit any Personal Data.
Security
Personal Data is kept up to date and is both stored and disposed of securely.
Currently we use the following third-party service providers who are all GDPR compliant.
Email hosting
Website hosting
Accounting software
Accounting Service
We cannot be held responsible for third-party Data Protection Systems.
Your rights and your Personal Data
You have the right to the following:
The right to be informed
The right to access Data we hold on you
The right to rectification on Data we hold on you
The right to erasure of Data (in certain circumstances)
The right to have your Data restricted or blocked from processing
The right to Data portability
The right to object to processing or direct marketing (not currently done)
The rights in relation to automated decision making and profiling
You have the right to withdraw your consent at any time, however, there is a contractual obligation to maintain some of your information to allow us to make payment for supplies received or services rendered and for data returns such as CIS returns or VAT returns.
If at any time you wish to update or amend your Personal Data, please email
sandra@southernlasers.com
You also have the right to lodge a complaint about our processing with the UK’s Information Commissioner’s Office on:
https://ico.org.uk/