Clear Spill Limited aims to adhere to the requirements of the General Data Protection Regulations (GDPR), relating to the processing of personal data in manual and electronic records.
This Policy explains what personal data we collect, why we collect it, how we use it, what procedures we have in place to protect it and what control you have over it. Personal data is information that relates to an identifiable person who can be directly or indirectly identified from that information.
Our commitment requires that personal data must be processed in line with the following basic data protection principles:
WHAT PERSONAL DATA WE COLLECT:
We may collect the following information:
WHY DO WE COLLECT PERSONAL DATA:
We collect information about you when you place an order for products or services. We collect information about you as a customer so as to process your order, manage your account and communicate with you. We collect information about you as a supplier in order to fulfil our contracts with you to purchase goods and services.
HOW WE USE THE DATA COLLECTED:
We require this information about you for allowing us to carry out the business transactions between you and Clear Spill Ltd., and in particular for the following reasons:
DATA STORAGE AND TRANSFER
Whether stored manually or electronically, personal data will be secure as far as is practicable. Clear Spill Limited aims to ensure that manual files holding personal data are securely held with locks and only those who should have access retain the key. In the case of computerised records, Clear Spill Limited will ensure that passwords are established to limit unauthorised access. Encrypted systems will be used where necessary. Data will not be held for longer than is necessary. Arrangements for the secure disposal of both paper and electronic records have been established.
DISCLOSURE OF DATA
Clear Spill Limited will only disclose information when an individual has provided their express consent, where we are legally obliged to do so or when there is a business requirement to disclose data that is within the remit of the legislation.
SUBJECT ACCESS REQUESTS
You have the right to be informed whether Clear Spill Limited processes personal data relating to you and to access such data by submitting a written request to the management.
You will not be charged for the supply of data unless the request is manifestly unfounded, excessive or repetitive, or unless a request is made for duplicate copies to be provided to third parties.
Clear Spill Limited will respond to a request without delay. Access to data will be provided, subject to legally permitted exceptions, within one month as a maximum. This may be extended by a further two months where requests are complex or numerous.
You must inform Clear Spill Limited immediately if you believe that the data is inaccurate, either as a result of a subject access request or otherwise. Clear Spill Limited will take immediate steps to rectify the information.
BREACH NOTIFICATION
If a data breach is likely to result in a risk to the rights and freedoms of individuals, it must be reported to the Information Commissioners Office ('ICO') within 72 hours of Clear Spill Limited becoming aware of it. As such, you must report any breaches to a member of management immediately.
Individuals will be informed directly in the event that the breach is likely to result in a high risk to the rights and freedoms of that individual.
If the breach is sufficient to warrant notification to the public, Clear Spill Limited will arrange this without undue delay.
If you believe that any information we are holding on you is incorrect or incomplete, please email us as soon as possible. We will promptly correct any information found to be incorrect.
CONSENT
By disclosing your personal information to us when contacting us by email or over the telephone, you consent to the collection, storage and processing of your personal information by Clear Spill Limited in the manner set out in this Privacy Policy.