Created on 24/05/2018
GDPR - PRIVACY NOTICE
Beaver Sports comply with GDPR Data regulations and we need to know your data in order to effectively operate our business and work with you or your company. We hold and process data in order to efficiently complete contracts, our Privacy Notice is available as below and will be supplied on request.
GDPR imposes strict new rules on controlling and processing people’s data and seeks to give individuals more control over how organisations use their data, please find our Privacy Notice herewith.
Why we need it?
We need to know your data in order to effectively operate our business and work with you or your company. We hold and process data in order to efficiently complete contracts operating our business and are satisfied that there is no other reasonable way. To achieve that purpose. nothing within the contract relieves the processor of its own direct responsibilities and liabilities under the GDPR.
How we store it?
We may store your data in the following places: Our filing system / on paper files, In Microsoft Office documents, email systems, CRM Systems, third party systems such as email hosting, online banking etc.
Our IT systems
Our IT systems have been audited and staff trained on the GDPR regulations to ensure understanding and compliance. The Controller and Processor have a Data Protection regime in place to oversee the effective and secure processing of your personal data. We have liaised with our data hosting company with regards to their security. They have confirmed that the data they hold on their servers is held securely.
What we do with it?
All personal data is processed in the UK by us and our suppliers and only in connection with our ongoing business relationship. Third parties, suppliers and others involved in our normal business dealings have access to your personal data only to perform the role they fulfil in the overall process.
Beaver Sports (Yorks) Ltd. does not carry out any DPIA Processing, nor are we a Public Authority, we have no appointed Data Protection Officer. Data is processed under the supervisory authority of the United Kingdom. We do not transfer your data outside of the European Union, unless we are exporting products to countries outside the EU, in which case, data will be shared as required. We only work with reputable companies and partners and maintain no data regarding children.
How long do we keep it?
We retain your personal data for as long as your Controller has a relationship with you and the data is required to support our mutual business relationship. If our business relationship ends, we will retain your details for 6 years then delete them from our records.
Breach of Data
Should there be a breach of our data, we will investigate and assess if the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms and if necessary we will inform those individuals without undue delay and the relevant supervisory authorities within 72 hours of becoming aware of the breach. A record will be kept of any data breach reported, regardless of whether notification is required.
What are your rights? (Right to be forgotten)
If at any point you believe the information we process on you is incorrect, you can request to see this information and have it corrected, deleted or withdraw consent for it to be used. If you wish to raise a complaint on how your personal data is handled, you can write to us at the address above or email firstname.lastname@example.org to investigate the matter, we will do this within 4 weeks of receipt in a clear and concise manner. If you are not satisfied with the response or believe we are processing your personal data not in accordance with the law you can complain to the Information Commissioner’s Office (ICO).
If you hold data for our company, we expect you to do this in compliance with the GDPR and Data Protection Act 1998.
Any queries or issues relating to data will be dealt with by contacting: Paul Walker on 01484-512354, by post to the above address, or email to email@example.com