This data protection policy sets out to explain what personal information is collected and how that information is used. It summarises the commitment of P J Tooling to process data only to the extent that is required to undertake standard business practises for our current customers and employees. It can also be used as the basis for statutory data protection inspections, e.g. by the customer. This is not only to ensure compliance with the European General Data Protection Regulation (GDPR) but also to provide proof of compliance. This is a controlled policy and is subject to revision.
In order to conduct business with our customers it is necessary for us to hold data such as Company information, contact e-mails, bank account details and names of key personnel, these are obtained with your consent on initial dealings with your company.
Your data is held and managed on a secure computerised system for no longer than is necessary. We will never share this information with anyone outside of our company. We take your privacy very seriously and will only use personal information to manage your account and to support the process of supplying products and services you have requested from our company. If there was ever a breach of our systems and the data they hold, we would inform you immediately.
P J Tooling do not store personal data in relation to job applicants or past employees unless they are to be held on file for a period of time that is agreed and recorded with the applicant/employee (unless other circumstances dictate records should be held, for example pending employment claim / personal injury / tribunal). P J Tooling present and past employees have the right to see what personal data that we hold about them (SAR) and to request to have that data modified or erased (right to be forgotten).
Customer Any company that engages our services
Data subject an individual in anyway identifiable from personal data
Personal data Details including, but not limited to, name, id number and location data of an individual
Processing any collection, manipulation or transmission of personal data
RTBF Right to be forgotten (to see what data is held about them and to rectify or erase it)
Subject Access Requests
Roles, Responsibilities & Data Access Data controller Mark Webb Data processor Mark Webb, Lyndsey Hewitt, Dave Harris, Eddie Leonard & David Beech Employee data Mark Webb & Lyndsey Hewitt Payroll data Mark Webb & Lyndsey Hewitt Customer data Mark Webb, Lyndsey Hewitt, Dave Harris, Eddie Leonard & David Beech Customer emails Mark Webb, Lyndsey Hewitt, Dave Harris, Eddie Leonard & David Beech
Training Where a member of staff has access to personal data stored upon the server they must be given training so that they fully understand the company policy and the requirements upon them to process any personal data in full compliance with this policy. This training shall be recorded as part of the companies quality management system, with those trained shown on the skills matrix.
Internal Inspection The data protection policy shall be a subject of the regular management review meetings so that we ensure that it is current, practical, enforceable and enforced. If it is felt to be necessary, then it shall be audited internally. These steps are taken to not only ensure compliance but also to provide continual improvement to our data protection system.
Security Policy and Responsibilities in the Company
P J Tooling employ Impirius to ensure that the data stored on our server is secure. Whilst this technically means they can access our stored data they have a GDPR policy in place and they undertake to maintain our network and operating systems whilst not accessing any data on our system. Data back-up shall be limited to the server itself and a portable hard drive that is kept with the server at all times, this back up is encrypted and may not be accessed by simply opening the hard drive.
Contacting Us / Rights of Our Customers (Privacy Notice)
For all data matters please contact our Mark Webb, our address is 31 Millers Road, Warwick, CV34 5AE. Our telephone number is 01926 492693 or correspondence may be sent via our main email email@example.com – please state ‘GDPR’ in the subject line.
If you wish us to no longer hold any information, or indeed wish to be excluded from any company updates or offers, then please contact us as soon as practicable so we can take the necessary action and inform you accordingly.
Our customers have the right to complain to supervisory authorities such as the Information Commissioners Office, to withdraw their consent for processing of their personal data, to make a subject access request to see what data is held about them and the right to be forgotten, to rectify or erase that personal data as well as the right to be informed how long their data will be stored for.
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.