Updated 30th June 2018
How we will communicate
we will use the information collected to:
- provide legitimate documentation to employees and customers relating directly to the proper performance of our business services
- process quotations, invoices and other financial information relating to the services provided to you
- communicate via telephone and email regarding the services you receive, or advise of matters of safety in relation to services
- discuss and provide information to legitimate suppliers or sub-contractors of associated services in order that those services can be provided as per our service agreement
- collect CCTV recording at our office locations to prevent crime and protect the security of our premises.
The use of such data is based on legitimate business interests in providing services to you. In you making initial contact with us, you consent to us maintaining a dialogue with you until you either opt out (which you can do at any stage) or until services are cancelled by either party. We may also act on behalf of our customers in the capacity of data processor. When working exclusively as a data processor, we will act on the instruction of our customer, and we will work hard to ensure that the customer remains fully GDPR compliant.
People accessing our website (i.e. Data Subjects) may visit our site anonymously. We will collect personal data from users only where it is voluntarily submitted and any such information provided to us is deemed part of taking part in the activity of the site.
Users contacting us via our website enquiry form do so at their own discretion. Personal details provided for the purposes of a website enquiry may include, but are not limited to:
- Phone number
- Email address
- Additional data which the enquirer may provide which may include an address or mobile phone number etc.
Our website enquiry form does not store or retain information. Information is passed securely via email to the company’s Business Director. Personal data provided is kept private and stored securely until such time it is no longer required or has no further use. Whilst we have made every effort to ensure a safe and secure contact form to email submission process; we do advise users that in providing personal data that they do so at their own risk.
By using this site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our site. Your continued use of the site following the posting of changes to this policy will be deemed your acceptance of those changes.
No personal details from our website are passed on to third parties, nor shared with other companies or people outside of the company that operates the website. We use Google Analytics to gather data on our website visitors for marketing purposes. All data is anonymous, and no personally identifiable information is collected.
Although our website only looks to include quality, safe and relevant external links, users should always adopt a policy of caution before clicking any external web links mentioned throughout this website.
Disclosure of Information
We do not broker or pass on information to third parties for marketing purposes, or any other purpose not associated with our business needs, without your consent. However, we may disclose personal data to meet legal obligations, regulations or valid government department requests. We may also enforce our Terms and Conditions, including investigating potential violations of our Terms and Conditions to detect, prevent or mitigate fraud or security or technical issues; or to protect against imminent harm to the rights, property or safety of our business, our customers and/or the wider community.
How Long will we Retain Data For
Data will only be held for as long as necessary to fulfil the purpose of the processing of such data and for statutory or legal reasons.
We will store customer data for the duration of our contractual relationship and up to a period of three years after our contractual relationship has ended. This may be for financial requirement or if we believe it may be necessary to handle any future potential complaints or claims.
We will store customer contact data for as long as you wish to receive information and service communications from us.
CCTV video surveillance footage will be stored for up to 30 days in order to capture information which may assist the police with a potential criminal incident; or to prevent property damage.
Your Rights as a Data Subject
At any point whilst we are in possession of, or processing your personal data, all data subjects have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply you have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right not to be subject to the legal effects of automated processing or profiling.
In the event that we refuse your request under rights of access, we will provide you with a reason as to why, which you have the right to legally challenge.
At your request we can confirm what information we hold about you and how it is processed.
You can request the following information:
- Identity and the contact details of the person or organisation (Master Cleaners) that has determined how and why to process your data.
- Contact details of the data protection officer, where applicable.
- The purpose of the processing as well as the legal basis for processing.
- If the processing is based on the legitimate interests of our business, or a third party such as one of our clients, information about those interests.
- The categories of personal data collected, stored and processed.
- Recipient(s) or categories of recipients that the data is/will be disclosed to.
- How long the data will be stored.
- Details of your rights to correct, erase, restrict or object to such processing.
- Information about your right to withdraw consent at any time.
- How to lodge a complaint with the supervisory authority (Data Protection Regulator).
- Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
- The source of personal data if it wasn’t collected directly from you.
- Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
International Transfer of Data
We host applications and data on industry leading cloud based servers, whose data centres are held within the UK or EU using different (multiple) servers which have been thoroughly tested for security, availability and business continuity. The infrastructure for application servers is managed and maintained by each service provider. We have undertaken a check of each service provider’s security and privacy policies and have deemed that these are suitable and sufficient to meet GDPR requirements.
We do not store personal data outside of the EEA.
Any staff member who suspects that a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data might have occurred, must immediately notify the Data Protection Officer and provide a description of the circumstances. Notification of the incident can be made via e-mail, by telephone, or in person.