What is GDPR
The General Data Protection Regulation or (GDPR) is the biggest change in data protection laws for 20 years, and when it came into effect on May 25th, 2018, it intends to give European citizens back control over their personal data. The GDPR is a new set of rules governing the privacy and security of personal data laid down by the European Commission. You can download a guide to the GDPR here
How do we obtain your information and why?
In 99% of cases you will volunteer your personal details to us. For example, when you choose to contact us using the Contact us form on our web page you will volunteer your contact details, the same applies if you email or call us. However, we will always tell you before we capture your information why we need the information and how we will use it.
If you have made contact with us, or us with you, whether that be through networking, via social media or in person we shall add your name, company and contact details to our Customer Relationship Management (CRM) together with appropriate relevant notes, such as details of our discussions, meetings, marketing contacts etc. We will ask you if you would like to receive regular communications from us, and we will do this within any guidelines with the GDPR or PECR Regulations. You can change your preferences at any time, and if you ask us to stop communicating with you, we shall action this request immediately.
How we store your information
All client information and files are retained on servers hosted within the UK. We store our marketing information in a robust CRM system, and ensure that only basic contact information, as stated above, is stored. Only authorised members of the team have access to your personal information, and we back it up regularly to prevent against loss or damage. This CRM is hosted in the USA and is protected by the EU-US Privacy Shield. You can find more information on this here EU-US Privacy Shield. How long we keep information we collect about you depends on the type of information. After such time, we will either delete or anonymize your information or, if this is not possible, then we will securely store your information and isolate it from any further use until deletion is possible.
Protecting your data
Total Integrated Solutions Ltd is accredited with Cyber Essentials Plus. This is an Accreditation recognised by the Government run National Cyber Security Centre and shows our commitment to protecting your information from cyber attacks with the technology and methods that we use. For further information on our accreditation please go to Cyber Essentials
GDPR allows individuals a number of rights whereby you may obtain: confirmation that your data is being processed; access to your personal data
What is the purpose of the right access under GDPR?
The GDPR clarifies that the reason for allowing individuals to access their personal data is so that they are aware of and can verify the lawfulness of the processing (Recital 63). We will provide you with a copy of the information that we hold on you free of charge. However, we may charge a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive. We may also charge a reasonable fee to comply with requests for further copies of the same information. The fee will be based on the administrative cost of providing the information. Total Integrated Solutions Ltd will provide any such information without delay and at the latest within one month of receipt. You can ask us to stop sending you direct mail, or emails, or ask us to stop processing your details.
In the unlikely event of a Data Breach we will follow the steps set out in our policy which you can request by emailing GDPR@tis.co.uk. If as a result of a data breach your personal information has been compromised then you can request compensation for any distress you are caused or loss you have incurred. You can find out more information from the ICO’s website Information Commissioners Office
How to complain
If you have a complaint about the way in which your data has been handled please contact the HR Manager on 01623 425806 or GDPR@tis.co.uk. You also have the right, in certain circumstances, to report concerns about data management to the Information Commissioner’s Office and information is available at www.ico.org.uk. If you are still concerned about the way Total Integrated Solutions Ltd handles and stores your information, then please contact us on 0333 8000 300.