PERSONAL DATA: GENERAL DATA PROTECTION REGULATION - OSS LTD POLICY
What is GDPR?
The EU General Data Protection Regulation (GDPR) is the legal framework governing the use of personaldata across all EU Markets. The GDPR is designed to give individuals more control of their personal information.
What we need?
O’Dwyer Safety Service Limited will be what’s known as the ‘Controller’ of the personal data that we collect. We only collect data for the purpose of delivering our service of health and safety training and consultancy. This may include:
- Contact Data (name, address, email,phone number etc.)
- Financial Data as needed for billing.
- Business specific data as needed to provide our services (training certification, etc.)
Why we need it.
We need basic personal data in order to provide our clients with health and safety services or as an employer. We will not collect any personal data that we do not need.
What we do with it.
We have a Data Protection regime in place to oversee the effective and secure processing of personal data. All the personal data we process is processed by our trained staff, and records are kept either physically or electronically as needed to provide the required service.
No third parties have access to personal data unless the law allows them to do so and the service provided requires it. How long we keep it.We have established a data retention policy for the different types of data we collect and process after which time the data will be destroyed. Typically, basic personal data (name, address, contact details etc.) will be retained for a period of one year past the expiry date of the service provided. Other data may be retained for longer periods as required by law and pertaining to the service provided to you.
What we would also like to do with it.
We would however like to use contact data (name and email address/mobile number) where provided to inform individuals of our future offers and similar products. This information is not shared with third parties and individuals can unsubscribe at any time via phone or email.
What are your rights?
If at any point an individual believes the information OSS has processed is incorrect,they can submit a request to see this information and even have it corrected or deleted. If individuals wish to raise a complaint on how we have handled personal data, individuals can contact our Data Protection Officer who will investigate the matter. The contact is made via email at firstname.lastname@example.org via company phone numbers.
This policy will be reviewed annually and or where changes occur to ensure the policy remains current and effective. This policy and further information and updates on our Data Protection regime will be made available on our website. Issue Date: 12th December, 2018