Introduction: We are committed to ensuring the security of the data that we hold and that has been provided to us by our customers and suppliers (both existing and potential) as well as that of our employees.
Types of Personal Data: Personal data will come into our possession in one of two ways. First, it can be consensually provided to us by a data-subject – we call this ‘consciously held data’. This will typically be the names, addresses, email and telephone details of our customers, suppliers and employees.
The second type is what we have called ‘concealed data’. This will either be contained in a locked security console or Confidential Waste Sack that is collected from a Customer’s premises, or form part of a Bulk Collection, for the purpose of secure destruction, or it may be contained in mail or other post that we are handling (‘processing’) on behalf of our customers. Either way, we shall know next to nothing of the details of such data.
We operate proper and appropriate technical and organisational measures that are designed to ensure the security of all personal data that comes into our control, thereby ensuring that we discharge our duties under the Data Protection Act 2018.
Security: With regard to ‘consciously held data’, we have never shared the data that we hold with any third parties, and we shall never do so. We only hold such data either because we need to do so in order to perform or enter into a contract with a data-subject in relation to the services that we provide, or because a data-subject works for or with us. The only time that a third party might have access to the names (but not the contact or other personal data) of our customers, suppliers or employees is when our books are audited each year by external auditors.
With regard to concealed data that we may agree to destroy securely pursuant to any contract with a customer, we shall take care to discharge our legal obligation to collect, store, transport and destroy any such concealed data (and any personal data comprised therein) that comes within our control in such a way as to ensure the security of the data whilst it remains within our control.
We shall comply at all times with our duty to ensure that processing of both ‘consciously held data’ and concealed data is carried out in a manner that ensures the security of such data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage. We have in place appropriate technical or organisational measures to do so.
Rights of Data-Subjects: Our customers, suppliers and employees are entitled to ask us at any time to inform them what ‘consciously held data’ we control or process that relates to them specifically. We shall comply with all such requests, at no cost to the entity or person making the request. Likewise, if and when so requested, we shall rectify or delete from our records any personal data that any of our customers, suppliers or employees requests us to rectify or remove.
Any questions or concerns about the interpretation or operation of this Policy should be referred to the Operations Manager, James Mullins.