The General Data Protection Regulations (GDPR)
Just Stainless is a business which sells stainless steel products.
The GDPR provides the following rights for individuals:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to data portability
- The right to object
- Rights in relation to automated decision making and profiling
What information will be collected?
We gather and hold data relating to our customers and suppliers as a necessary and legitimate function of running our business. This might include, but may not be limited to:
- Contact details such as physical and email addresses
- Payment details
- Details obtained by sales outlets such as eBay or Paypal
- Financial information
- Order details
The legal basis for holding the data
The two separate legal bases for us holding the data are:
Contract: To fulfil the contract entered into between us and our customers and suppliers.
Legitimate Interest: Gathering and holding the data is a necessary function of running our business.
What we use the data for
Here are some examples of how we might use personal data:
- Maintaining product supplies
- Fulfilling customer orders
- Fulfilling legal or contractual obligations
How long do we keep personal data?
It is important that we are able to retain data during the standard Contractual Limitation Period of six years, therefore allowing for an additional margin of one year, we will retain personal data for seven years. We will review any request for deletion of data and only keep it with good reason.
We data security very seriously. Electronic Data is stored with secure passwords and restricted access. Office computers are password protected.
Hard copy data is destroyed securely as soon as it is no longer needed.
With whom do we share personal data?
We might share personal data when required to do so by law or to achieve the legitimate interests of our business.
What will not be done with personal data?
Personal data will not be sold to third parties.
– – –
If you have any queries or questions about this notice or how data is used by us please contact firstname.lastname@example.org.
Further information and people’s right to complain can be found here: https://ico.org.uk