Your personal data – what is it?
Personal data relates to a living individual who can be identified from that data. Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into their possession. The processing of personal data is governed by the General Data Protection Regulation (the “GDPR”.)
Why have we created this policy?
Our data protection policy ensures that Acors Press does the following:
• Complies with data protection law and follows good practice
• Protects the rights of staff, customers and suppliers
• Open about how we store and process individuals’ data
• Protect ourselves from the risks of a data breach
What Data does Acors Press collect?
For all areas of Acors Press, data will be collected from you in order to complete general sales and admin processes such as quoting, invoicing and account setup.
This policy applies to all data that the company holds relating to identifiable individuals. This can include:
- Business Names
- Business Addresses
- Individuals Names
- Individuals Addresses
- Email Addresses
- Telephone Numbers
- VAT and Company Number
- Bank Account Details
- Details and Contracts of Services carried by either party
How is your data processed and stored?
Acors Press complies with its obligations under the “GDPR” by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.
We use your personal data for some or all of the following purposes:
- To manage our employees;
- To maintain our own accounts and records;
- To provide services relating to our day to day business;
- For the management of a contract with you, or to take steps to enter into a contract.
Your personal data will be treated as strictly confidential. It will only be shared with third parties where it is necessary for the performance of our tasks or where you first give us your prior consent.
Acors Press uses SAGE customer accounting system to store customer data relating to purchases / sales.
All of our website is developed in house via the WordPress platform, our hosting company store basic server access logs for debugging, security and service review (and not for marketing purposes).
Our Acors Link online web solution is hosted securely and is secured by a Let’s Encrypt Certificate.
Backups are securely transferred over an encrypted tunnel and go back potentially years. They are kept physically and digitally secure on our own in-house servers with firewalls, locks and passwords. Backups are stored in on site and off site locations as well as on physical disk drives.
What is the legal basis for processing your information?
Most of our data is processed because it is necessary for our legitimate interests, or the legitimate interests of a third party (such as our accountant for processing our accounts.) Processing for legitimate interest includes but is not limited to: – Administration duties pertaining to all contracts and projects and service work. We will always take into account your interests, rights and freedoms. Some of our processing is necessary for compliance with a legal obligation. For example, if you are an employee or you / we provide a service or product for which VAT is chargeable, providing financial information for HMRC, or where processing is necessary for carrying out obligations under employment, social security or social protection law, or a collective agreement. We may also process data if it is necessary for the performance of a contract with you, or to take steps to enter into a contract. An example of this would be processing your data in connection with carrying out work for you or invoicing for that work. Where your data is used other than in accordance with one of these legal bases, we will first obtain your explicit consent to that use.
You have the following rights with respect to your personal data. When exercising any of the rights listed below, in order to process your request, we may need to verify your identity for your security.
In such cases we will need you to respond with proof of your identity before you can exercise these rights.
- The right to access information we hold on you
- The right to correct and update the information we hold on you
- The right to have your information erased.
- The right to object to processing of your data
- The right to data portability
- The right to withdraw your consent to the processing at any time for any processing of data to which consent was sought
- The right to object to the processing of personal data where applicable.
- The right to lodge a complaint with the Information Commissioner’s Office.
How long will your data be stored?
Data stored for customer purchases / sales will be kept for 6 years, unless a formal agreement of account closure has been presented to Acors Press.
We keep data in accordance with the minimums that are set out by law for financial information for HMRC and VAT records.
If we wish to use your personal data for a new purpose, not covered by this Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions. Where and whenever necessary, we will seek your prior consent to the new processing.
If it was ever necessary to transfer data abroad, any electronic personal data transferred to counties or territories outside the EU will only be placed on systems complying with measures giving equivalent protection of personal rights either through international agreements or Contract approved by the European Union.
IF YOU HAVE ANY QUESTIONS ABOUT HOW YOUR DATA IS STORED OR IF YOU WANT US TO REMOVE YOUR DATA THEN PLEASE CONTACT: firstname.lastname@example.org