PRIVACY NOTICE
The Seetru Organization consists of Seetru Limited and Leser UK Limited; it also includes Seetru Engineering Services and Blupax which are operating divisions of Seetru Limited. This policy applies to the whole of the Seetru Organization; our address is Albion Dockside Works, Bristol, BS1 6UT, UK, Telephone 0117 927 9204.
This privacy notice is to inform you of:
- the types of data we process about you;
- the reasons for processing your data;
- the lawful basis that permits us to process your data;
- how long we keep your data, and;
- your rights regarding your data.
DATA PROTECTION PRINCIPLES
The General Data Protection Regulation (EU) 2016/679 (GDPR) sets out the principles with which Data Controllers and Data Processors must comply, these form the core obligations under the GDPR and are as follows. Personal data must be:
processed lawfully, fairly, and in a transparent manner in relation to the data subject;
collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed;
accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay;
kept in a form that permits identification of data subjects for no longer than is necessary for the purposes;
processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures.
TYPES OF DATA CONCERNED
We hold various types of personal data relating to individuals with whom we have a Business-to-Business relationship, and occasionally, with whom we have a Business-to-Individual relationship. Specifically, we may hold the following types of data: name, position, business address, IP address, website login details, business phone numbers, and business e-mail. Occasionally we may hold the corresponding home information for individuals with whom we have a business relationship.
OUR SOURCES AND COLLECTION OF PERSONAL DATA
Business contacts provide several pieces of data to us, for example, during sales, enquiry, contract development, implementation, or operation processes. We also collect data from personal networking face-to-face or via social media. Business contacts may also sign up with their personal data via one of our websites or via one of our marketing campaigns. Suppliers and potential suppliers provide personal data to us during our procurement and procurement management processes.
Personal data is kept in files or within the Company’s IT systems.
LAWFUL BASIS FOR PROCESSING
The GDPR allows the processing of personal data for certain reasons only. In the main, we process your data to comply with legal or contractual requirements, or in our legitimate interests.
The types of data processing we undertake and the lawful basis upon which we rely:
Purpose of Processing Your Data
Legal basis
Implementation and Operation of Contract
Performance of the Contract
Ensuring Health and Safety
Legal obligation
Sales and post-sales marketing
Our legitimate interests
Business-to-Business marketing
Our legitimate interests
Business-to-individual marketing where we do not have a previous business relationship
Consent
Business planning and commercial development
Our legitimate interests
Dealing with legal issues
Our legitimate interests
Preventing fraud
Our legitimate interests
Ensuring our IT systems are secure and robust against unauthorized access
Our legitimate interests
Other
Consent
SHARING OF PERSONAL DATA
The Seetru Organisation may share personal data for the following reasons:
- in relation to the development, implementation, or operation of contracts;
- in relation to the implementation of our own marketing activities;
- to assure our cyber security;
- to comply with other legal obligations or rights, or;
- for the purposes of data backup.
- We will have data processing agreements in place with third parties to ensure data is not compromised. Third parties must implement appropriate technical and organisational measures to ensure the security of your data.
We may share personal data outside of the European Economic Area, specifically in the USA, for the purpose of one or more of the five reasons listed above in this section E). Where we do, this data will be protected, as appropriate, by adequate binding contractual agreements and the Processor will hold appropriate EU-US Privacy Shield Certification.
Our employees who have responsibilities relating to the processing of personal data will be trained on the requirements of the GDPR and our policies thereon.
SECURITY OF PERSONAL DATA
We have implemented appropriate measures and processes to ensure personal data is appropriately secured against accidental loss, disclosure, destruction or abuse.
DATA RETENTION
We only keep personal data for as long as it is needed for our legal obligations, our contractual obligations, or our legitimate interests.
DATA SUBJECT RIGHTS
You have the following rights in relation to your personal data which we hold:
the right to information about the data held, and the purpose for which it is held;
the right of access to the data held;
the right to rectification of any inaccuracies in the data held;
the right to the erasure of the data held, but only in certain circumstances;
the right to restrict the processing of the data;
the right to object to the inclusion of any information;
the right to regulate any automated decision-making and profiling of personal data.
CONSENT
Where we rely on consent for our use of your personal data, you have the right to withdraw your consent at any time and we will stop processing your data.
HOW TO MAKE A COMPLAINT
If you are dissatisfied with how we have handled your data you can write to our Data Compliance Officer using the contact details provided above. If you are dissatisfied with our response to your complaint you may contact the Information Commissioner’s Office (ICO), Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF, or by telephone at 0303 123 1113 (local rate) or 01625 545 745.
Copyright © 2018 Seetru Limited
Document reference: BMD 010-2
Last reviewed 15/5/2018