Name : Castle Hill Fire Protection Ltd
Address: Castle Hill House, High Street, Huntingdon, PE29 3TE
Telephone: 01480 400632
The lawful basis upon which we rely to process any personal data you provide to us (largely just contact details) is contract necessity in respect of the provision of the services that we provide. We keep this information internally within our company in order to process your Order. Should you choose not to share your personal data with us we will not be able to fulfil your Order. Should we ever wish to send you updates in respect of Know-how and activities then we will seek your consent regarding unrelated marketing matters; you will always have the opportunity to quickly and easily unsubscribe in respect of any mailings. If you are a business contact that we have met through networking and wish to stay in contact with you or wish to refer business to you, then we will rely on legitimate interest to do so since we believe that this is the nature of business networking and it would be in both of our interests to do this. For these purposes, you have the right to access your information, object to any processing, the right to erasure and the right to amendment of your personal details that we process thereunder.
Our electronic systems are based on Microsoft Office 365 for which all staff use a paid business package for the services we use. Our systems inform us that all firm data is actually held in the UK. We use up to date commercial grade anti-virus software on our systems and these are automatically updated to maintain the safety of our electronic systems. All computers and devices are password protected. We print out the minimum required for paper files – and what files exist are kept in a locked office when an authorised human being is not present. We operate a clean desk policy.
To the best of our knowledge, none of the client data within the business is transmitted outside of the EEA (unless this happens technologically without our knowledge).
Ordinarily, we will store data for 7 years (6 years + 1 to allow overlap of years) and it will be erased, securely disposed of thereafter. If there is a statutory/regulatory requirement to keep the documentation for a longer period – it will be kept for that period.
Subject Access Requests: Should you wish to exercise your right to submit a Subject Access Request under GDPR/UK Data Protection Bill/Act then you must submit your request to email@example.com together with a copy of your photo ID (passport/driving licence). Email is preferred so we can be clear as to what you wish to obtain. No fee will be requested however in line with legislation, we reserve our right to charge a fee/refuse to comply in the event of a manifestly unfounded, excessive or repetitive request. We will check our systems for the requested information and a response will be made available to you within 28 calendar days. You have the right to access, right to be informed, right amendment, right to erasure and right to object to processing. We will ordinarily exercise any reasonable request for rectification (inaccurate / incomplete personal data), erasure, restriction of processing, portability of data (where applicable) as soon as reasonably practical unless there is a lawful reason as to why we need not comply with such request.
Note that we do not make automated decisions.
If you are concerned about the way we have handled your personal data – you have the right to complain to the ICO. You should note that they have an expectation that you will have raised it with us first so please contact firstname.lastname@example.org in the first instance and we will deal with your complaint expeditiously. Should you want external advice, full information as to how can raise a concern with us (and/or the ICO) is available at the ICO’s website https://ico.org.uk/for-the-public/raising-concerns/ If you would like to report a concern then the ICOs current contact details are available at https://ico.org.uk/concerns/ or call the ICO helpline at 0303 123 1113