GENERAL DATA PROTECTION REGULATION MAY 2108
GDPR COMPLIANCE STATEMENT
We are committed to ensuring that your information is secure. All data is held on a private UK based server network with single point, firewall protected internet access through our hosting company. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. All our suppliers and contractors meet the standards we require.
Within their terms and conditions of employment all employees will receive briefings on data security and the handling of personal data. A programme of staff awareness and refresher training is underway to ensure that our data is protected. This training will be updated regularly, and checks are made by IT staff to ensure data quality is maintained.
In accordance with GDPR, we will only use your data where it is in our legitimate interest to do so and to comply with our legal and regulatory requirements. We will always explain clearly what data we are collecting about you and why. We will only collect data we need to give you a better experience; to improve and deliver our services to you; and to meet our responsibilities to you.
It is our strict policy not to pass on any personal information to third parties for commercial or sales and marketing purposes. From time to time, we will use your information to send offers and news on products and services, which we think may be of interest or be of benefit to you. In this case you will always be given the choice to opt out of receiving such emails.
To keep pace with the new data protection regulation as it develops, we will continue to review our systems and procedures to ensure that they remain compliant with the regulation and we will keep you informed throughout the process of any changes that we make.
Calico – May 2018
Calico value your data and are committed to ensuring it is handled and stored safely and securely. The purpose of this policy is to explain to you how we control, process, handle and protect your personal information.
We are exempt from registration in the IO Data Protection Register because data is collected solely for legitimate business reasons and to fulfil business contracts.
TYPES OF DATA WE COLLECT
Data is only collected if it has been directly provided by yourself. This is done via email, phone and face to face meetings. Data collected includes:
– Full Name and company name
– Job title and position
– Contact details including email address, business address and phone numbers.
– Company invoicing and bank account details
– Purchase orders and transactional data
HOW DATA IS HANDLED
The data you provide us is used solely for the purpose of our mutual business contract. – In order for us to provide our services to you and communicate with you in relation to your services, invoicing and payments.
– To obtain services from yourselves, communicate with you and to arrange subsequent payments.
– To notify you of any changes to our business, where necessary.
– To comply with any legal obligations including reporting of transactional data.
We do not sell or transfer data to any marketers or third parties nor do we transfer data outside the European Economic Area (EEA).
DATA SECURITY AND PROTECTION
We take all necessary steps to ensure that our servers are secure and that security measures are in place to prevent your data from disclosure, once it has reached our servers. We cannot guarantee the security of any information during transmission from yourselves.
All electronic data is stored on secure servers and paper copies are stored in locked cupboards, accessible by authorised staff members only. Once documents are no longer required, they are shredded using a secure destruction service.
DATA RETENTION PERIOD
We store your data for as long as is required to fulfil the business contract, for the duration of our business relationship and for the purpose of meeting legal requirements. In order to meet certain legal requirements, we store data such as company details, financial and transactional data for 6 years.
ACCESS TO YOUR PERSONAL INFORMATION
You have the right to access, amend or delete any of your personal data that we hold. You can make a request to view the data we hold, to make any changes or to remove your data from our systems by emailing firstname.lastname@example.org We will respond to your data subject request within one month.
CHANGES TO THIS POLICY
We regularly review this policy and will make changes as and when needed.
Calico – May 2018
WHAT ARE COOKIES?
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
Cookies help us to improve our site and to deliver a better and more personalised service. Cookies do lots of different jobs, like letting you navigate between pages efficiently, remembering your preferences, and generally improve the user experience.
To find out more about cookies generally, including how to control and delete them, visit www.aboutcookies.org.
WHAT COOKIES ARE USED BY CALICO AND WHY?
Google Analytics – We use this to understand how the site is being used in order to improve the user experience. User data is all anonymous. You can find out more about Google’s position on privacy as regards its analytics service by reading their privacy overview. External web services – We use YouTube to display video content within our web pages. If you are not logged in to these external services then they will not know who you are but are likely to gather anonymous usage information e.g. number of views, plays, loads etc.
HOW DO I MANAGE & DELETE THESE COOKIES?
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org.
LINKS TO OTHER WEBSITES
Our website may contain links to our clients websites. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement.