GENERAL DATA PROTECTION REGULATION – PRIVACY STATEMENT
Nitronics Ltd (the Company) is fully committed to compliance with the requirements of the General Data Protection Regulation, effective 25.05.18. The purpose of our privacy statement is to inform you how and why we collect and process your personal information and what your rights are under the GDPR.
TYPES OF PERSONAL INFORMATION
Personal information is any information that relates to an individual and can be used to identify that individual. The Company needs to collect and use information about people with whom it works, in order to legitimately operate and carry out its business. We will only collect information we need to carry out our contract with you.
Customers/Suppliers/Employees – we require certain types of information from both customers/suppliers and employees. This includes names, bank details, email addresses, postal addresses and telephone numbers.
Employees – in addition to the above we retain further details including your National Insurance number, date of birth, emergency contact information and any other particulars required by law.
WHEN WE SHARE YOUR PERSONAL INFORMATION
Customers/Suppliers – personal information is only shared internally for financial and operational purposes to perform the duties/contract for which you have engaged us as a business partner.
Employees – we provide information directly to HMRC for statutory purposes, to our pension provider and to our payroll service to enable us make your monthly salary payments. We may also provide an employment reference request with permission from the employee/ex-employee.
We will share your personal information if we are required to do so by law, for example, by a court order or for the purposes of prevention of fraud or other crime.
We do not transfer your personal information abroad.
HOW WE PROCESS/STORE YOUR PERSONAL INFORMATION AND KEEP IT SECURE
Electronic information – this is processed and then stored on our server for both customers/suppliers and employees, with limited access by the Company’s senior staff members. A daily back up is maintained and taken off site. Back-ups are stored for 1 week. All computers are password protected.
Paper-based records – details are stored in the HR and Finance offices, which are locked when unattended.
HOW LONG WE KEEP YOUR PERSONAL INFORMATION
We keep your information only for as long as legally required and all personal information is securely destroyed.
In the event of a data breach, unauthorised/unlawful processing or accidental loss/damage of your personal information, we will take whatever action is appropriate/required to rectify the issue.
YOUR RIGHTS TO ACCESS YOUR PERSONAL INFORMATION
You have the right to access the personal information we hold about you. If you believe it is incorrect, you have the right to have it corrected. You may request the removal of personal information or in certain circumstances, to have the processing of your personal data restricted, but this may be subject to legal requirements and to
continuing the provision of the services we provide to you as a customer/supplier or your employment with the Company. We will advise you where it is not possible to restrict/remove your personal information from our files and provide the reason why.
If you require any further information, please email: email@example.com
We reserve the right to change this policy at any time and where appropriate we will notify changes by mail or email. We suggest you regularly check our website www.nitronics.co.uk for the most up to date version.