The New General Data Protection Regulations (GDPR), which came into effect on 25 May 2018, reinforces and strengthens the safety of the personal data “we” hold about you, how it is used, processed, controlled, stored, retrieved, removed and destroyed.
“We” are committed to ensuring that your privacy is protected. Should you be asked to provide certain information by which you can be identified, including data collected via “our” website, then you can be assured that it will only be used in accordance with this privacy statement.
As a valued client, it is essential that professional confidentiality and your privacy remains at the forefront of any communication between us. “We” have been registered with the Information Commissioner’s Office as a Data Controller and Data Processor since 2014.
Description of processing
The following is a broad description of the way “we” process personal information. To understand how your own personal information is processed you may need to refer to any personal communications you have received, check any privacy notices “we” have provided or contact “us” to ask about your personal circumstances. Typically, reasons for “us” collecting your data will be discussed at the commencement of any work with you.
Reason/purpose for processing information
“We” process personal information to enable provision of "our" services, promote “our” services and to maintain “our” own accounts and records. “We” use personal data only for the reasons stated unless further consent is provided.
Type/classes of information processed
“We” process information relating to the above reasons/purposes. This information may include:
“We” also process sensitive classes of information that may include physical or mental health details.
Who the information is processed about
Personal information is processed about “our” clients, complainants and enquirers, suppliers, advisers and other professional experts.“We” collect the minimum amount of relevant information appropriate for the purposes for which it is being processed.
Who the information may be shared with
Sometimes “we” need to share the personal information processed with you and also with other organisations. Where this is necessary “we” are required to comply with all aspects of the Data Protection Act (DPA). What follows is a description of the types of organisations “we” may need to share some of the personal information “we” process with for one or more reasons. Where necessary or required we share information with:
As “we” are committed to ensuring that your information is secure, all data is handled with integrity and in a manner that ensures appropriate security of the personal data, including protection against unlawful processing, accidental loss, destruction, damage or theft. In order to prevent unauthorised access or disclosure “we” have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information collected.
In accordance with GDPR, personal data will be held for no longer than is necessary for the purposes for which it is being processed and will then be confidentially destroyed. “We” retain clients’ personal data for as long as “we” maintain a relationship with them, and then for a reasonable period of time that allows us to assist with any queries, requests or complaints and to comply with our regulatory obligations (including record retention obligations).
Personal data is also kept in a form which permits identification of the data subjects for no longer than is necessary.
Links to other websites
“Our” website may contain links to other websites of interest. Please note that once you use these links and leave “our” website, “we” cannot be held responsible for the protection and privacy of any information that you provide whilst visiting such sites, and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Controlling your personal information
“We” will not sell, distribute or lease your personal information to third parties unless “we” have your permission or are required by law to do so.
You may request details of personal information “we” hold about you under the Data Protection Act 1998. A small fee (£10) will be payable. If you would like a copy of the information held on you please write to Sue Hastie Solutions Ltd, 10 Oak Street, Throckley, Newcastle upon Tyne, NE15 9EX.
If you believe any information “we” are holding on you is incorrect or incomplete, please email “us” as soon as possible (email@example.com) and "we" will promptly correct any information found to be incorrect.
Please note, any personal information held by “us” is used purely to inform and promote the services “we” offer. Therefore, should you choose to opt out of allowing “us” to hold the minimum amount of personal information about you, it is unlikely “we” will be able to adequately and successfully provide services to you.
You can withdraw consent for “us” keeping your personal data at any time, by emailing firstname.lastname@example.org or writing to Sue Hastie Solutions Ltd, 10 Oak Street, Throckley, Newcastle upon Tyne, NE15 9EX.